Enhancing IoT Security: Proactive Phishing Website Detection Using Deep Neural Networks: Case study: Smart Home

Habiba Bouijij; Amine Berqia

doi:10.18080/jtde.v12n1.822

Habiba Bouijij

SSLab ENSIAS, Mohammed V University in Rabat, Morocco

https://orcid.org/0009-0001-9248-0800
Amine Berqia

SSLab ENSIAS, Mohammed V University in Rabat, Morocco

https://orcid.org/0000-0002-3566-2894

Keywords

Smart Home, Phishing, URL Classification, Security, Deep Neural Network

Abstract

The Internet of Things (IoT) has proven its utility across various domains, including healthcare, agriculture, industry, and finance. It comprises Internet-connected devices that offer remote control capabilities. However, this very connectivity exposes these devices to potential cyberattacks. Cybercriminals can exploit the vulnerabilities in these devices by sending deceptive emails or text messages containing malicious links leading to hacker websites or destructive applications. This allows them unauthorized access to connected devices and the acquisition of sensitive personal information. Such malicious tactics are collectively known as phishing and pose one of the most prevalent threats.

This article presents an innovative method that harnesses the power of a Deep Neural Network to accurately classify and proactively prevent phishing websites by analyzing their URLs. The method is demonstrated through a smart home use case, aiming to reinforce IoT security and safeguard users’ sensitive data by proactively identifying and preventing phishing attacks. By harnessing the power of the Deep Learning model, this innovative technique seeks to enhance online safety and protect users from potential cyber threats.

Downloads

Download data is not yet available.

Abstract 183 | 822-PDF-v12n1pp446-462 Downloads 29

References

Abbas, S. G., Vaccari, I., Hussain, F., Zahid, S., Fayyaz, U. U., Shah, G. A., Bakhshi, T., & Cambiaso, E. (2021). Identifying and mitigating phishing attack threats in IoT use cases using a threat modelling approach. Sensors, 21(14). https://doi.org/10.3390/s21144816
Adebowale, M. A., Lwin, K. T., Sánchez, E., & Hossain, M. A. (2019). Intelligent web-phishing detection and protection scheme using integrated features of Images, frames and text. Expert Systems with Applications, 115, 300–313. https://doi.org/10.1016/j.eswa.2018.07.067
APWG. (n.d.). Phishing Activity Trends Reports. Retrieved May 17, 2023, from https://apwg.org/trendsreports/
Atitallah, S. Ben, Driss, M., Boulila, W., & Ghezala, H. Ben. (2020). Leveraging Deep Learning and IoT big data analytics to support the smart cities development: Review and future directions. Computer Science Review, 38, 100303. https://doi.org/10.1016/j.cosrev.2020.100303
Barraclough, P. A., Hossain, M. A., Tahir, M. A., Sexton, G., & Aslam, N. (2013). Intelligent phishing detection and protection scheme for online transactions. Expert Systems with Applications, 40(11), 4697–4706. https://doi.org/10.1016/j.eswa.2013.02.009
Berqia, A., & Nacsimento, G. (2004). A distributed approach for intrusion detection systems. Proceedings. 2004 International Conference on Information and Communication Technologies: From Theory to Applications, 2004, pp. 493–494.
Bouijij, H., & Berqia, A. (2021). Machine Learning Algorithms Evaluation for Phishing URLs Classification. 2021 4th International Symposium on Advanced Electrical and Communication Technologies (ISAECT), pp. 1–5. https://doi.org/10.1109/ISAECT53699.2021.9668489
Bouijij, H., Berqia, A., & Saliah-Hassan, H. (2022). Phishing URL classification using Extra-Tree and DNN. 2022 10th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6. https://doi.org/10.1109/ISDFS55398.2022.9800795
Cybermalveillance Homepage. (n.d.). Retrieved July 30, 2023, from https://www.cybermalveillance.gouv.fr/tous-nos-contenus/actualites/rapport-activite-2021
Ding, Y., Luktarhan, N., Li, K., & Slamu, W. (2019). A keyword-based combination approach for detecting phishing webpages. Computers and Security, 84, 256–275. https://doi.org/10.1016/j.cose.2019.03.018
Kaggle Homepage. (n.d.). Retrieved July 31, 2023, from https://www.kaggle.com/datasets/shashwatwork/phishing-dataset-for-machine-learning
Keras Homepage. (n.d.). Retrieved July 30, 2023, from https://keras.io/guides/
Liu, D. J., Geng, G. G., & Zhang, X. C. (2022a). Multi-scale semantic deep fusion models for phishing website detection. Expert Systems with Applications, 209. https://doi.org/10.1016/j.eswa.2022.118305
Liu, D. J., Geng, G. G., & Zhang, X. C. (2022b). Multi-scale semantic deep fusion models for phishing website detection. Expert Systems with Applications, 209. https://doi.org/10.1016/j.eswa.2022.118305
Mendeley Data Homepage. (n.d.). Retrieved July 31, 2023, from https://data.mendeley.com/datasets/n96ncsr5g4/1
“Pandas Tutorial”. (2024). Available at https://www.w3schools.com/python/pandas/default.asp
Rajkumar, S., Sheeba, S. L., Sivakami, R., Prabu, S., & Selvarani, A. (2023). An IoT-Based Deep Learning Approach for Online Fault Detection Against Cyber-Attacks. SN Computer Science, 4(4), 393. https://doi.org/10.1007/s42979-023-01808-y
Sabiri, B., Asri, B. E., & Rhanoui, M. (2022). Mechanism of Overfitting Avoidance Techniques for Training Deep Neural Networks. International Conference on Enterprise Information Systems, ICEIS - Proceedings, 1, pp. 418–427. https://doi.org/10.5220/0011114900003179
Safi, A., & Singh, S. (2023). A systematic literature review on phishing website detection techniques. Journal of King Saud University - Computer and Information Sciences, 35(2), 590–611. https://doi.org/10.1016/j.jksuci.2023.01.004
Sahingoz, O. K., Buber, E., Demir, O., & Diri, B. (2019). Machine learning based phishing detection from URLs. Expert Systems with Applications, 117, 345–357. https://doi.org/10.1016/j.eswa.2018.09.029
Salah, H., & Zuhair, H. (2023). Deep learning in phishing mitigation: a uniform resource locator-based predictive model. International Journal of Electrical and Computer Engineering, 13(3), 3227–3243. https://doi.org/10.11591/ijece.v13i3.pp3227-3243
Sánchez-Paniagua, M., Fidalgo, E., Alegre, E., & Alaiz-Rodríguez, R. (2022). Phishing websites detection using a novel multipurpose dataset and web technologies features. Expert Systems with Applications, 207. https://doi.org/10.1016/j.eswa.2022.118010
Scikit-learn Homepage. (n.d.). Retrieved May 17, 2023, from https://scikit-learn.org/stable/supervised_learning.html#supervised-learning
TensorFlow. (n.d.). Create production-grade machine learning models with TensorFlow. Available at https://www.tensorflow.org/
Wei, W., Ke, Q., Nowak, J., Korytkowski, M., Scherer, R., & Woźniak, M. (2020). Accurate and fast URL phishing detector: A convolutional neural network approach. Computer Networks, 178. https://doi.org/10.1016/j.comnet.2020.107275
Yuan, J., Chen, G., Tian, S., & Pei, X. (2021). Malicious URL detection based on a parallel neural joint model. IEEE Access, 9, 9464–9472. https://doi.org/10.1109/ACCESS.2021.3049625

822-PDF-v12n1pp446-462

Published

Mar 27, 2024

DOI https://doi.org/10.18080/jtde.v12n1.822

How to Cite

Bouijij, H., & Berqia, A. (2024). Enhancing IoT Security: Proactive Phishing Website Detection Using Deep Neural Networks: Case study: Smart Home. Journal of Telecommunications and the Digital Economy, 12(1), 446–462. https://doi.org/10.18080/jtde.v12n1.822

Issue

Vol. 12 No. 1 (2024)

Section

Special Issue: Emerging Technologies and Innovation for Digital Economy and Transformation

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Copyright Telecommunications Association Inc.

Author Biographies

Habiba Bouijij, SSLab ENSIAS, Mohammed V University in Rabat, Morocco

Habiba BOUIJIJ is a PhD student at the Smart Systems Laboratory at ENSIAS - Mohamed V University in Rabat, Morocco. She is also a Senior high school teacher of computer science. Additionally, she serves as a Trainer in Information and Communication Technology (ICT) at the Regional Center for Education and Training Professions in Khemisset, Morocco. She has also worked as a major supervisor for on-going training in Python for secondary school computer science teachers and specialized Microsoft Office training.

Amine Berqia, SSLab ENSIAS, Mohammed V University in Rabat, Morocco

Amine BERQIA Dr. Amine BERQIA is Full Professor at ENSIAS, University Mohammed V in Rabat, Morocco. He is Head of Communication Networks Department. He teaches computer sciences, communication networks, operating systems, security, networks security, wireless and mobile networks. He is a member of the teaching team of the engineering degree in information systems security. Dr. Amine BERQIA is member of Rabat IT Center and Smart Systems Research Lab. He holds a Ph.D. degree in Computer Sciences from the University of Dijon, France. He was Assistant Professor at University of Geneva and Coordinator of the Swiss Virtual Campus Project VITELS from 2000 to 2003. He published more than 50 papers in journals and conferences in the areas of Networks performance, Security and New Generation of learning. In 2012 Dr. Amine Berqia was awarded by IEEE Education Society in recognition and appreciation for his valued services and contributions as 2012 IEEE Educon conference Organizing Committee Chair. In 2013 Dr. Amine Berqia was awarded by iNEER. In 2019, Dr. Amine Berqia was awarded by IEEE Standards Association for his valued services and contributions for the development of IEEE Standard 1876.

Main Article Content