Towards a Hybrid Security Framework for Phishing Awareness Education and Defense
The rise of generative AI has led to the development of more sophisticated phishing email attacks as well as an increase in research on using AI to aid the detection of these advanced attacks. Successful phishing email attacks severely impact businesses, as employees are usually the vulnerable targets. Defence against such attacks therefore requires realizing defence along both technological and human vectors. Security hardening research work along the technological vector are few and focus mainly on the use of machine learning and natural language processing to distinguish between machine- and human-generated text. Common existing approaches to harden security along the human vector consist of third party organized training programmes.
This paper proposes an integrated approach that employs AI-assisted and generative AI platforms for phishing attack detection and continuous end user education in a hybrid security framework. This framework supports scenario-customizable and evolving user education in dealing with increasingly advanced phishing email attacks. The technological design and functional details for both platforms are presented and discussed
History
Journal/Conference/Book title
Future InternetPublication date
2024-03-01Version
- Published