{"title":"基于修辞结构理论的机器智能驱动欺骗性网络钓鱼攻击检测方案","authors":"Chanchal Patra , Debasis Giri , Bibekananda Kundu , Tanmoy Maitra , Mohammad Wazid","doi":"10.1016/j.jisa.2025.104184","DOIUrl":null,"url":null,"abstract":"<div><div>The easiest way for users to interact with one other is via emails or messages. However, the growing incidence of cybercrime necessitates the astute use of emails or messages. These days, one of the biggest risks is phishing as well as smishing. Attackers aim to get sensitive user data by means of phishing emails. Credit card information, passwords, usernames, and other sensitive data are included. These might result in severe financial loss. The literature has a plethora of anti-phishing techniques for identifying phishing email or messages. However, fraudsters are always coming up with new techniques, making it difficult to develop anti-phishing techniques to stop phishing or smishing attack. This paper discusses a novel methodology leveraging Rhetorical Structure Theory (RST) to validate whether a given text of emails or messages are deceptive or not. A balanced dataset of deceptive and non-deceptive have been collected and annotated manually using different features like term Discourse Connectors, Rhetorical Relations, Deception likely tags and sentence type features. The work involved experiment with different machine learning classifiers trained using these features in order to achieve higher accuracy in deception phishing detection task. The proposed technique exhibits high accuracy on the dataset when RST based linguistic features are used. When ensemble classifiers are used instead of individual classifiers, the optimal classification performance is achieved, leading to an increase in accuracy. In comparison to the individual learners, the results of our experiment demonstrate that the proposed technique achieved the greatest accuracy, precision, recall, and F1-score values.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104184"},"PeriodicalIF":3.7000,"publicationDate":"2025-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Rhetorical Structure Theory-based machine intelligence-driven deceptive phishing attack detection scheme\",\"authors\":\"Chanchal Patra , Debasis Giri , Bibekananda Kundu , Tanmoy Maitra , Mohammad Wazid\",\"doi\":\"10.1016/j.jisa.2025.104184\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The easiest way for users to interact with one other is via emails or messages. However, the growing incidence of cybercrime necessitates the astute use of emails or messages. These days, one of the biggest risks is phishing as well as smishing. Attackers aim to get sensitive user data by means of phishing emails. Credit card information, passwords, usernames, and other sensitive data are included. These might result in severe financial loss. The literature has a plethora of anti-phishing techniques for identifying phishing email or messages. However, fraudsters are always coming up with new techniques, making it difficult to develop anti-phishing techniques to stop phishing or smishing attack. This paper discusses a novel methodology leveraging Rhetorical Structure Theory (RST) to validate whether a given text of emails or messages are deceptive or not. A balanced dataset of deceptive and non-deceptive have been collected and annotated manually using different features like term Discourse Connectors, Rhetorical Relations, Deception likely tags and sentence type features. The work involved experiment with different machine learning classifiers trained using these features in order to achieve higher accuracy in deception phishing detection task. The proposed technique exhibits high accuracy on the dataset when RST based linguistic features are used. When ensemble classifiers are used instead of individual classifiers, the optimal classification performance is achieved, leading to an increase in accuracy. In comparison to the individual learners, the results of our experiment demonstrate that the proposed technique achieved the greatest accuracy, precision, recall, and F1-score values.</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"94 \",\"pages\":\"Article 104184\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2025-08-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212625002212\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625002212","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
The easiest way for users to interact with one other is via emails or messages. However, the growing incidence of cybercrime necessitates the astute use of emails or messages. These days, one of the biggest risks is phishing as well as smishing. Attackers aim to get sensitive user data by means of phishing emails. Credit card information, passwords, usernames, and other sensitive data are included. These might result in severe financial loss. The literature has a plethora of anti-phishing techniques for identifying phishing email or messages. However, fraudsters are always coming up with new techniques, making it difficult to develop anti-phishing techniques to stop phishing or smishing attack. This paper discusses a novel methodology leveraging Rhetorical Structure Theory (RST) to validate whether a given text of emails or messages are deceptive or not. A balanced dataset of deceptive and non-deceptive have been collected and annotated manually using different features like term Discourse Connectors, Rhetorical Relations, Deception likely tags and sentence type features. The work involved experiment with different machine learning classifiers trained using these features in order to achieve higher accuracy in deception phishing detection task. The proposed technique exhibits high accuracy on the dataset when RST based linguistic features are used. When ensemble classifiers are used instead of individual classifiers, the optimal classification performance is achieved, leading to an increase in accuracy. In comparison to the individual learners, the results of our experiment demonstrate that the proposed technique achieved the greatest accuracy, precision, recall, and F1-score values.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.