Phishing Detection Method Using a Hybrid Method of Genetic Algorithm and particle Swarm Optimization

Phishing denotes a series of cyberattacks in which an attacker utilizes deception and disguise to obtain the victim's sensitive information online. Phishing has a historical precedent, with its inaugural documented instance being in 1995, when hackers impersonated American Online (AOL) personnel to deceive AOL customers into disclosing their usernames and passwords [AOHell] (Alabdan, 2020). During that period, hackers exploited instant messaging networks to deceive AOL users into divulging their usernames and passwords through direct messages. A distinguishing feature of Phishing compared to other cyberattacks is the incorporation of deceptive tactics in its strategy, implementation, and overall effectiveness. Phishing comprises a four-step procedure that entails the following [1]. Establishing trust which is the perpetrator cultivates the victim's Trust to elicit their requisite acts. Actions may include clicking webpages, responding to emails, etc. Trust is acquired through spoofed websites, email addresses, applications, and similar methods [2]. The second is the redirection which is an intermediary phase may be present or absent in various phishing assaults. A fake email may route the user to a phishing site using a link. Typically, activities following the establishment of trust lead to redirection. Users subsequently submit their credential information on the redirected sites or channels [3]. Acquiring data is later noticed that this phase marks the commencement of the attack. The assailant obtains the necessary information through misdirected forms or websites or as responses to spoofed emails from the victim. In the execution the perpetrator implements the necessary identity or financial fraud utilizing the identification or credential information acquired in Step 3 [4].

In the past two decades, phishing assaults have profoundly impacted enterprises worldwide [5]. As countermeasures against phishing attacks have evolved, so have the attackers, who have developed sophisticated methods for executing novel phishing assaults. Despite extensive studies conducted by industry and academia over several years, the threat of phishing assaults remains prevalent today [6].

In recent years, phishers have predominantly targeted SaaS (Software as a Service) and webmail, comprising 33% of attacks across all industry sectors [7]. IBM determined that 27% of phishing attacks in 2018 targeted webmail services. Furthermore, it was observed that 29 percent of the corporate attacks examined by X-Force attributed the breach to a phishing email [8].

Symantec discovered that in the underground economy, "custom phishing page services" are priced between USD 3 and 12, suggesting that the costs associated with initiating a custom phishing attack are negligible. Research indicates that gift cards have become one of the predominant methods for scammers to liquidate their profits [7]. The FBI calculated that the victim loss from phishing in 2018 amounted to USD 48,241,748, impacting 26,379 individuals [9].

In 2018, the FBI documented around 100 complaints, predominantly affecting the healthcare, education, and air travel sectors, culminating in a total net loss of almost USD 100 million. This scheme utilized phishing emails to target employees and obtain their login credentials. Subsequently, these were utilized to infiltrate the payroll system, following which the phishers instituted regulations preventing employees from receiving notices on modifications to their accounts. The phisher subsequently altered account holders' direct debit details to redirect funds into their own account, which in this case involved a prepaid card [10].

The repercussions of phishing assaults are extensively experienced across various sectors, including healthcare and education, as well as among persons engaged in online gaming. An illustration is a phishing fraud designed to get user login credentials for Steam, a PC gaming platform, by presenting a "free skin giveaway" (Figure 3). The fraud commenced with a comment posted on a user's profile, which, when clicked, redirected the victim to the A phishing website with details about the giveaway and a counterfeit scrolling chat bar to create an illusion of authenticity. The victim was directed to "login via Steam," leading them to a counterfeit login interface that grabbed their information. The assault involved the creation of a valid Steam Guard code (i.e., two-factor authentication), which provided the phisher with access to the victim's account to sell products and further advance the fraud (see Figure 3). [11]. Massively multiplayer online games (MMOs) are frequently targeted by phishers due to the potential for "loot box" items to be sold on the online black market.

A recent instance of this phishing scheme specifically targeted the MMO Elder Scrolls Online [12].

Future Internet 2020, 12, x FOR PEER REVIEW Three out of thirty-seven individuals was directed to a counterfeit login interface where their credentials were recorded. The assault involved the creation of a valid Steam guard code (i.e., two-factor authentication), which provided the phisher with access to the victim's account for the purpose of selling things and further advancing the fraud (see Figure 3) [11]. Massively multiplayer online games (MMOs) are frequently targeted by phishers due to the potential for "loot box" items to be sold on the online black market. A recent instance of this phishing scheme specifically targeted the Phishing contributed to the inaugural successful cyber attack on a power grid, occurring in Ukraine in December 2015. IT personnel and network administrators from multiple organizations involved in electricity distribution for Ukraine were subjected to spear phishing attempts. The assault entailed a malevolent Microsoft Word document that prompted the activation of macros. Upon activation, the macro deployed the BlackEnergy3 malware onto the system, thereby establishing a backdoor for the attackers. This ultimately led to the effective deactivation of 30 substations, leaving 230,000 individuals without electricity for up to six hours. This case illustrates the potency and destructiveness of a meticulously orchestrated and effectively implemented phishing assault. Even trained IT workers cannot consistently spot these threats [13].

The preceding discussion demonstrates that phishing constitutes a significant issue that requires thorough comprehension for effective mitigation. This article examines various attributes from traditional, contemporary, and innovative phishing strategies, highlighting deficiencies in existing anti-phishing measures. This study aims to present a method that is used for the phishing attacks classification using the optimization methods. In specific the used method is a hybrid Genetic Algorithm and the Particle Swarm Optimization. This combination helps to reach to the best classification accuracy faster than using other methods.