BibTex RIS Cite

A Description Logic Ontology for Email Phishing

Year 2020, Volume: 9 Issue: 1, 44 - 63, 01.03.2020

Abstract

Phishing detection is an area of identifying malicious activities designed by phishers to lure users providing sensitive information. Existing anti-phishing systems use blacklists based on specific parameters, characterize attacker’s activities with artificial and computational approaches and educate users. The development and maintenance of these systems is hard and costly because of the polymorphic nature of phishing techniques. Phishing attacks are able to scam humans with insufficient knowledge, while countermeasures focus on specific characteristics to make decisions. Defining formal approaches for representing and reasoning knowledge in anti-phishing systems is therefore a concern. This work deals with this issue by proposing formalized description logic to build the knowledge base of phishing attacks. It additionally designs an ontology-oriented approach to add semantics on that knowledge. The ontology model has been proven consistent and satisfiable. Experimentations on case studies demonstrate the ability of the proposed model to represent knowledge attack scenarios. A comparison with state-of-the-art researches shows that the proposed formalism is more adequate to characterize phishing semantics. This work could successfully complement anti-phishing systems.

References

  • [1] A. Patel and S. Jain. “Formalisms of Representing Knowledge”. Procedia Comput. Sci., vol. 125, pages 542–549, 2018, doi: 10.1016/J.PROCS.2017.12.070.
  • [2] V. Nazaruks and J. Osis. “A Survey on Domain Knowledge Representation with Frames”. Proceedings of International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE), pages 346–354, 2017.
  • [3] B. Nebel. “Logics for Knowledge Representation”. Int. Encycl. Soc. Behav. Sci., pages 319–321, 2015, doi: 10.1016/B978-0-08-097086-8.43053-9.
  • [4] F. Baader, D. Calvanese, D. L. McGuinness, D. Nardi, and P. F. Patel-Schneider. “The Description Logic Handbook: Theory, Implementation and Applications, 2nd ed”. Cambridge University Press, 2010.
  • [5] M. N. Asim, M. Wasim, M. U. G. Khan, W. Mahmood, and H. M. Abbasi. “A Survey of Ontology Learning Techniques and Applications”. Database, vol. 2018, 2018, doi: 10.1093/database/bay101.
  • [6] D. Goel and A. K. Jain. “Mobile phishing attacks and defence mechanisms: State of art and open research challenges”. Comput. Secur., vol. 73, pages 519–544, 2018, doi: 10.1016/j.cose.2017.12.006.
  • [7] APWG. “Phishing Activity Trends Report 4th Quarter 2018”. Report, 2019.
  • [8] M. Nicho, H. Fakhry, and U. Egbue. “When Spear Phishers Craft Contextually Convincing Emails”. Proceedings of International Conferences on WWW/Internet and Applied Computing, 2018.
  • [9] F. Salahdine, N. Kaabouch, F. Salahdine, and N. Kaabouch. “Social Engineering Attacks: A Survey”. Futur. Internet, 11( 4), p. 89, 2019, doi: 10.3390/fi11040089.
  • [10] K. L. Chiew, K. S. C. Yong, and C. L. Tan. “A Survey of Phishing Attacks: Their Types, Vectors and Technical Approaches”. Expert Syst. Appl., vol. 106, pages 1–20, 2018, doi: 10.1016/J.ESWA.2018.03.050.
  • [11] A. Aleroud and L. Zhou. “Phishing Environments, Techniques, and Countermeasures: A Survey”. Comput. Secur., vol. 68, pages 160–196, 2017, doi: 10.1016/J.COSE.2017.04.006.
  • [12] R. S. Rao and A. R. Pais. “Two level filtering mechanism to detect phishing sites using lightweight visual similarity approach”. J. Ambient Intell. Humaniz. Comput., 2019, doi: 10.1007/s12652-019-01637-z.
  • [13] K. L. Chiew, C. L. Tan, K. S. Wong, K. S. C. Yong, and W. K. Tiong. “A new hybrid ensemble feature selection framework for machine learning-based phishing detection system”. Inf. Sci. (Ny)., vol. 484, pages 153– 166, 2019, doi: 10.1016/j.ins.2019.01.064.
  • [14] R. S. Rao and A. R. Pais. “Jail-Phish: An improved search engine based phishing detection system”. Comput. Secur., vol. 83, pages 246–267, 2019, doi: 10.1016/j.cose.2019.02.011.
  • [15] M. Volkamer, K. Renaud, B. Reinheimer, and A. Kunz. “User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn”. Comput. Secur., vol. 71, pages 100–113, 2017, doi: 10.1016/j.cose.2017.02.004.
  • [16] S. W. Liew, N. F. M. Sani, M. T. Abdullah, R. Yaakob, and M. Y. Sharum. “An effective security alert mechanism for real-time phishing tweet detection on Twitter”. Comput. Secur., vol. 83, pages 201–207, 2019, doi: 10.1016/j.cose.2019.02.004.
  • [17] D. Delgado-Gómez, J. C. Laria, and D. RuizHernández. “Computerized adaptive test and decision trees: A unifying approach”. Expert Syst. Appl., vol. 117, pages 358–366, 2019, doi: 10.1016/j.eswa.2018.09.052.
  • [18] T. Nagunwa, S. Naqvi, S. Fouad, and H. Shah. “A Framework of New Hybrid Features for Intelligent Detection of Zero Hour Phishing Websites”. Advances in Intelligent Systems and Computing, 2020, vol. 951, pages 36–46, doi: 10.1007/978-3-030-20005- 3_4.
  • [19] O. K. Sahingoz, E. Buber, O. Demir, and B. Diri. “Machine learning based phishing detection from URLs”. Expert Syst. Appl., vol. 117, pages 345–357, 2019, doi: 10.1016/j.eswa.2018.09.029.
  • [20] V. Patil, P. Thakkar, C. Shah, T. Bhat, and S. P. Godse. “Detection and Prevention of Phishing Websites Using Machine Learning Approach”. Proceedings of the 4th International Conference on Computing, Communication Control and Automation, ICCUBEA 2018, 2018, doi: 10.1109/ICCUBEA.2018.8697412.
  • [21] N. A. G. Arachchilage and S. Love. “A Game Design Framework for Avoiding Phishing Attacks”. Comput. Human Behav., 29(3), pages 706–714, 2013, doi: 10.1016/J.CHB.2012.12.018.
  • [22] N. A. G. Arachchilage and S. Love. “Security Awareness of Computer Users: A Phishing Threat Avoidance Perspective”. Comput. Human Behav., vol. 38, pages 304–312, 2014, doi: 10.1016/J.CHB.2014.05.046.
  • [23] N. A. G. Arachchilage and M. Cole. “Designing a Mobile Game for Home Computer Users to Protect Against Phishing Attacks”. arXiv preprint arXiv:1602.03929, 2016
  • [24] N. A. G. Arachchilage and S. Love. “A game design framework for avoiding phishing attacks”. Comput. Human Behav., 29(3), pages 706–714, 2013, doi: 10.1016/j.chb.2012.12.018.
  • [25] S.-S. Tseng, C.-H. Ku, T.-J. Lee, G.-G. Geng, and Y.-J. Wang. “Building a Frame-Based Anti-Phishing Model based on Phishing Ontology”. Proceedings of International Conference on Advances in Information Technology, 2013.
  • [26] M. Bazarganigilani. “Phishing E-Mail Detection Using Ontology Concept and Naïve Bayes Algorithm”. Int. J. Res. Rev. Comput. Sci., 2(2), 2011.
  • [27] M. S. Qaseem and A. Govardhan. “Phishing Detection in IMs using Domain Ontology and CBA - An innovative Rule Generation Approach”. ArXiv preprint arXiv:1412.3056, 2014.
  • [28] K. Kerremans, Y. Tang, R. Temmerman, and G. Zhao. “Towards Ontology-based E-mail Fraud Detection”. Proceedings of the 2005 Purtuguese Conference on Artificial Intelligence, 2005, pages 106–111, doi: 10.1109/EPIA.2005.341275.
  • [29] G. Park. “Towards Ontology-Based Phishing Detection”. Purdue University, 2018.
  • [30] Vamsee Krishna Kiran Muppavarapu, Ramesh Gowtham, and Archanaa Rajendran. “An RDF based Anti-Phishing Framework”. Int. Assoc. Sci. Innov. Res., 1(9), pages 1–10, 2013.
  • [31] C. Falk. “Knowledge Modeling of Phishing Emails”. Open Access Diss., Aug. 2016.
  • [32] J. Zhang, Q. Li, Q. Wang, T. Geng, X. Ouyang, and Y. Xin. “Parsing and Detecting Phishing Pages Based on Semantic Understanding of Text”. J. Inf. Comput. Sci., 9(6), pages 1521–1534, 2012.
  • [33] A. S. Bozkir and E. A. Sezer. “Use of HOG Descriptors in Phishing Detection”. Proceedings of the 2016 4th International Symposium on Digital Forensic and Security (ISDFS), 2016, pages 148–153, doi: 10.1109/ISDFS.2016.7473534.
  • [34] A. Oest, Y. Safaei, A. Doupé, G.-J. Ahn, B. Wardman, and K. Tyers. “PhishFarm: A Scalable Framework for Measuring the Effectiveness of Evasion Techniques Against Browser Phishing Blacklists”. Proceedings of the 2019 IEEE Symposium on Security and Privacy (SP), 2019, pages 764–781, doi: 10.1109/SP.2019.00049.
  • [35] N. Virvilis, A. Mylonas, N. Tsalis, and D. Gritzalis. “Security Busters: Web Browser Security vs. Rogue Sites”. Comput. Secur., vol. 52, pages 90–105, 2015, doi: 10.1016/J.COSE.2015.04.009.
  • [36] N. Tsalis, N. Virvilis, A. Mylonas, T. Apostolopoulos, and D. Gritzalis. “Browser Blacklists: The Utopia of Phishing Protection”. Springer, pages 278–293, 2015.
  • [37] L. F. Sikos. “Description Logics: Formal Foundation for Web Ontology Engineering”. in Description Logics in Multimedia Reasoning, Cham: Springer International Publishing, pages 67–120, 2017
  • [38] D. Ellison, A. R. Ikuesan, and H. Venter. “Description Logics and Axiom Formation for a Digital Forensics Ontology”. Proceedings of the European Conference on Cyber Warfare and Security, pages 742–751, 2019
  • [39] N. Scarpato, N. D. Cilia, and M. Romano. “Reachability Matrix Ontology: A Cybersecurity Ontology”. Appl. Artif. Intell., 33(7), pages 643–655, 2019, doi: 10.1080/08839514.2019.1592344.
  • [40] G. Park and J. Rayz. “Ontological Detection of Phishing Emails”. Proceedings of the 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC), pages 2858– 2863, 2018, doi: 10.1109/SMC.2018.00486.
  • [41] M. Benedek, Y. N. Kenett, K. Umdasch, D. Anaki, M. Faust, and A. C. Neubauer. “How semantic memory structure and intelligence contribute to creative thought: a network science approach”. Think. Reason., 23(2), pages 158–183, Apr. 2017, doi: 10.1080/13546783.2016.1278034.
  • [42] P. Di Maio and M. C. Suárez-Figueroa. “Introduction to the Special Issue ‘Artificial Intelligence Knowledge Representation’”. Systems, 7(3), p. 35, Jul. 2019, doi: 10.3390/systems7030035.
  • [43] A. Patel and S. Jain. “Formalisms of Representing Knowledge,” in Procedia Computer Science, 2018, vol. 125, pages 542–549, doi: 10.1016/j.procs.2017.12.070.
  • [44] G. Jakus, V. Milutinović, S. Omerović, and S. Tomažič. “Concepts, Ontologies, and Knowledge Representation”. Springer, 2013.
  • [45] V. Varga, C. Săcărea, and A. E. Molnar. “Conceptual Graphs Based Modeling of Semi-structured Data”. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2018, vol. 10872 LNAI, pages 167–175, doi: 10.1007/978-3-319-91379-7_13.
  • [46] R. J. Brachman, “What’s in a concept: structural foundations for semantic networks”. Int. J. Man. Mach. Stud., 9(2), pages 127– 152, Mar. 1977, doi: 10.1016/S0020- 7373(77)80017-5.
  • [47] R. Zakeri, R. Jalili, H. R. Shahriari, and H. Abolhassani, “Using Description Logics for Network Vulnerability Analysis”. Proceedings of International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL’06), pages 78–78, doi: 10.1109/ICNICONSMCL.2006.222.
  • [48] W. Yan, E. Hou, and N. Ansari. “Description logics for an autonomic IDS event analysis system”. Comput. Commun., 29(15), pages 2841–2852, 2006, doi: 10.1016/j.comcom.2005.10.038.
  • [49] T. Takahashi and Y. Kadobayashi. “Reference Ontology for Cybersecurity Operational Information”. Comput. J., 58(10), pages 2297–2312, 2015, doi: 10.1093/comjnl/bxu101.
  • [50] M. Krötzsch, F. Simančík, and I. Horrocks. “A Description Logic Primer *”. 2013.
  • [51] F. Baader, I. Horrocks, C. Lutz, and U. Sattler. “An Introduction to Description Logic”. Cambridge University Press, 2017.
  • [52] H. S. Shin. “Reasoning processes in clinical reasoning: from the perspective of cognitive psychology”. Korean J. Med. Educ., 31(4), pages 299–308, 2019, doi: 10.3946/kjme.2019.140.
  • [53] C. Lutz, U. Sattler, C. Tinelli, A.-Y. Turhan, and F. Wolter, Eds. “Description Logic, Theory Combination, and All That”. Springer International Publishing, 2019.
  • [54] O. Curé and G. Blin. “Reasoning”. RDF Database Systems, Morgan Kaufmann, 2015, pages 191–222.
  • [55] D. Allemang and J. Hendler. “Semantic Web for the Working Ontologist”. Elsevier, 2011.
  • [56] C. Thomas. “Ontology in Information Science”. InTech, 2018.
  • [57] K. Munir and M. Sheraz Anjum. “The use of ontologies for effective knowledge modelling and information retrieval”. Applied Computing and Informatics, 14(2), pages 116–126, 2018, doi: 10.1016/j.aci.2017.07.003.
  • [58] Z. Jin and Z. Jin. “Ontology-Oriented Interactive Environment Modeling”. Environ. Model. Requir. Eng. Softw. Intensive Syst., pages 45–67, 2018, doi: 10.1016/B978-0-12- 801954-2.00004-2.
  • [59] M. A. Musen and the P. Protégé Team. “The Protégé Project: A Look Back and a Look Forward”. AI matters, 1(4), pages 4–12, 2015, doi: 10.1145/2757001.2757003.
  • [60] R. Zese, E. Bellodi, F. Riguzzi, G. Cota, and E. Lamma. “Tableau reasoning for description logics and its extension to probabilities”. Ann. Math. Artif. Intell., 82(1–3), pages 101–130, 2018, doi: 10.1007/s10472-016-9529-3.
  • [61] G. Mohamed. “Raisonnement pour les Logiques de Description Appliqué Au Web Semantique”. PhD thesis, Faculty of Mathematics and Computer Science, University of M’SILA, Algeria, 2016.
There are 61 citations in total.

Details

Primary Language English
Journal Section Research Article
Authors

Franklin Tchakounté This is me

Djeguedem Molengar This is me

Justin Moskolai Ngossaha This is me

Publication Date March 1, 2020
Published in Issue Year 2020 Volume: 9 Issue: 1

Cite

IEEE F. Tchakounté, D. Molengar, and J. M. Ngossaha, “A Description Logic Ontology for Email Phishing”, IJISS, vol. 9, no. 1, pp. 44–63, 2020.