Singapore Institute of Technology
Browse
- No file added yet -

Towards a Hybrid Security Framework for Phishing Awareness Education and Defense

Download (10.15 MB)
journal contribution
posted on 2024-09-17, 02:16 authored by Kok Keong Peter LohKok Keong Peter Loh, Zhi Yang Aloysius Lee, Vivek BalachandranVivek Balachandran

The rise of generative AI has led to the development of more sophisticated phishing email attacks as well as an increase in research on using AI to aid the detection of these advanced attacks. Successful phishing email attacks severely impact businesses, as employees are usually the vulnerable targets. Defence against such attacks therefore requires realizing defence along both technological and human vectors. Security hardening research work along the technological vector are few and focus mainly on the use of machine learning and natural language processing to distinguish between machine- and human-generated text. Common existing approaches to harden security along the human vector consist of third party organized training programmes.

This paper proposes an integrated approach that employs AI-assisted and generative AI platforms for phishing attack detection and continuous end user education in a hybrid security framework. This framework supports scenario-customizable and evolving user education in dealing with increasingly advanced phishing email attacks. The technological design and functional details for both platforms are presented and discussed

History

Journal/Conference/Book title

Future Internet

Publication date

2024-03-01

Version

  • Published

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC