论文信息 - An Explainable Method of Phishing Emails Generation and Its Application in Machine Learning

An Explainable Method of Phishing Emails Generation and Its Application in Machine Learning

The fact that phishing emails cannot be released because they contain private information greatly hinders researchers from obtaining large-scale samples of real phishing emails. At the same time, the legal email data set is often collected from a certain field, which is quite different from the phishing samples, and it is easy to cause overfitting or spatial bias during the process of building the model. This paper proposes a method for generating phishing emails based on data insertion, which can increase the number of phishing samples without changing the malicious attributes, solve the problem of spatial bias during model training, and can reduce the difference in statistical characteristics between benign and malicious samples to a certain extent. Based on the differences in the email HTML content of the Phishing dataset and the Enron dataset, this paper implements six resource generators and a communication relationship selector. It controls the generation of new samples by implementing control-quantity sequence pairs, and proposes quantitative evaluation methods and indicators of the classifier's generalization ability, and verified that the newly generated samples can be used to train a classifier with stronger generalization ability. The main contribution of this paper is to propose a method to provide the model with higher quality data.

Jing An | Wei Huang | Wenqing Fan | Gaoqing Yu

[1] Rakesh M. Verma,et al. Scaling and Effectiveness of Email Masquerade Attacks: Exploiting Natural Language Generation , 2017, AsiaCCS.

[2] Lorenzo Cavallaro,et al. TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time , 2018, USENIX Security Symposium.

[3] Leyla Bilge,et al. Spearphishing Malware: Do We Really Know the Unknown? , 2018, DIMVA.

[4] Ankit Kumar Jain,et al. Phishing Detection: Analysis of Visual Similarity Based Approaches , 2017, Secur. Commun. Networks.

[5] Ali Yazdian Varjani,et al. New rule-based phishing detection method , 2016, Expert Syst. Appl..

[6] Alexander I. Rudnicky,et al. Two-Stage Stochastic Email Synthesizer , 2014, INLG.

[7] Ricardo J. Rodríguez,et al. Detection of Intrusions and Malware, and Vulnerability Assessment , 2016, Lecture Notes in Computer Science.

[8] Fadi A. Thabtah,et al. Predicting Phishing Websites Using Classification Mining Techniques with Experimental Case Studies , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[9] Rakesh M. Verma,et al. Automated email Generation for Targeted Attacks using Natural Language , 2019, ArXiv.

[10] Norman M. Sadeh,et al. Learning to detect phishing emails , 2007, WWW '07.