International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 10 Issue: 05 | May 2023
p-ISSN: 2395-0072
www.irjet.net
Examining the emerging threat of Phishing and DDoS attacks using Machine Learning models. Mohammed Zaid M S, Namratha N, Yashaswini B V, Under Graduate Student, Dept. of Information Science and Engineering, BNMIT, Bengaluru, Karnataka, India Under Graduate Student, Dept. of Information Science and Engineering, BNMIT, Bengaluru Karnataka, India Assistant Professor, Dept. of Information Science and Engineering, BNMIT, Bengaluru, Karnataka, India ---------------------------------------------------------------------***--------------------------------------------------------------------1. INTRODUCTION Abstract - The usage of mobile devices in recent years has resulted in a considerable shift towards executing real-world activities in the digital arena. Although this has rendered our lives easier, it has additionally culminated in countless security breaches owing to the internet's anonymity. Although antivirus software and systems for firewalls can prevent most attacks, experienced attackers frequently take advantage of computer users' vulnerabilities by impersonating popular banking, networking, e-commerce, and other websites in order to steal private data such as user IDs, passwords, account numbers, credit card numbers, along with more. This emphasizes the importance of increasing knowledge and precaution when using the internet in order to protect oneself from cyber-attacks.
Cyber attackers commonly use phishing and DDoS attacks to gain unauthorized access to sensitive information or disrupt online services. Phishing attacks are a tactic that tricks individuals into revealing confidential information such as login credentials, credit card details, or personal information. Attackers accomplish this by sending fraudulent messages or emails that appear to originate from legitimate sources but are in fact fraudulent. The attacker's objective is to lure the victim into clicking a link or opening an attachment that installs malware or directs them to a fake website where they will unwittingly divulge sensitive information. Phishing attacks are designed to trick individuals into providing sensitive information, such as usernames and passwords, credit card numbers, or other personal information. This is typically done by sending emails or messages that appear to be from a legitimate source, but are actually from a fake or spoofed source. The goal of the attacker is to trick the victim into clicking on a link or opening an attachment that will then install malware on their device or direct them to a fake website where they will enter their sensitive information.
Phishing is a social engineering technique used to deceive users into disclosing sensitive information, such as login credentials, credit card details, and personal identification. Distributed Denial of Service (DDoS) attacks are a common type of cyber-attack that aims to disrupt the availability of online services by overwhelming the targeted systems with a high volume of traffic. Phishing and DDoS attacks are two common cyber-attack types that aim to deceive users and disrupt online services. Phishing involves tricking individuals into revealing sensitive information, while DDoS involves overwhelming a website or network with traffic. Detecting these attacks is a complex task, and various methods have been proposed, including rule-based detection, blacklists, and anomaly-based detection. Machine learning-based anomaly detection has gained popularity due to its dynamic nature in catching "zero-day" attacks. To address the problem of phishing, which costs internet users significant amounts of money annually, a system that employs machine learning techniques such as logistic regression, decision tree, k-nearest neighbors, naive Bayes, random forest, and support vector classification is proposed. These algorithms predict outcomes based on user input parameters extracted from the front end.
DDoS attacks, on the other hand, are designed to overwhelm a website or network with traffic, making it difficult or impossible for legitimate users to access the services provided by the targeted organization. This is typically done by using a network of compromised devices, such as computers or Internet of Things (IoT) devices, to flood the target with requests or data. Individuals and organisations can suffer catastrophic effects resulting from phishing and DDoS assaults. These assaults can harm a company's brand and result in judicial or economic losses, in addition to the possible theft of confidential data or the interruption of services. As a result, it is critical to be aware of the dangers presented by these sorts of assaults and to take precautions to protect yourself and your organisation from them.
Key Words: Logistic Regression, Cyber-security, Phishing, Machine Learning, DDoS, Random Forest, Support Vector Machine, Decision Tree, K Nearest Neighbor, XGBoost
© 2023, IRJET
|
Impact Factor value: 8.226
|
ISO 9001:2008 Certified Journal
|
Page 342