Smishing Detection: Combating SMS Phishing Attacks by Utilizing Machine-Learning Algorithms
Article Sidebar
Main Article Content
Abstract
With the rapid uptake of mobile communications, cybercriminals have increasingly resorted to using SMS (Short Message Services) in the guise of phishing attacks commonly referred to as smishing (SMS phishing). Phishing SMS messages impersonate trusted organizations to persuade users into clicking malicious links, providing personal credentials, or installing malware. This paper reviews up-to-date advancements in machine learning for smishing detection, using insights derived from various studies on the subject. It looks into critical machine learning models such as Deep Learning models (CNN, LSTM), Logistic Regression, Random Forest, Support Vector Machines (SVM), and Gradient Boosting,) to classify messages as spam, phishing, or legitimate. It examines feature extraction techniques such as TF-IDF, N-grams, and natural language processing (NLP) in the hope of improving detection accuracy. In this way, it also looks at how cyber threat intelligence and real-world datasets such as SpamAssassin, the UCI Machine Learning Repository, and PhishTank can be used to build strong models. The results show that ensemble learning and hybrid deep learning techniques are better at finding things than traditional methods, and they do this without increasing the number of false positives. Challenges such as adversarial SMS attacks, multilingual phishing messages, and real-time detection limitations remain plausible. Future works need to look into adaptability to real-time models, CTI-based threat analysis, and understandable AI (XAI) detection transparency. Applying machine learning-driven smishing detection brings up the overall solution's intelligent automated approach and adaptive defense mechanisms against mobile phone phishing threats evolving, resulting in increased security for mobiles and, hence, their users.
Downloads
Article Details
Section
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
How to Cite
References
Daniel Timko, Daniel Hernandez Castillo, Muhammad Lutfor Rahman, “A Quantitative Study of SMS Phishing Detection,” Unpublished Manuscript (arXiv Preprint), 2024, 16 pages, DOI: https://doi.org/10.48550/arXiv.2311.06911
Ameen R. Mahmood , Sarab M. Hameed, “A Smishing Detection Method Based on SMS Contents Analysis and URL Inspection Using Google Engine and VirusTotal,” Iraqi Journal of Science, vol. 64, no. 10, 2023, 16 pages, DOI: http://doi.org/10.24996/ijs.2023.64.10.41
Ankit Kumar Jain, Sumit Kumar Yadav, Neelam Choudhary, “A Novel Approach to Detect Spam and Smishing SMS using Machine Learning Techniques,” International Journal of E-Services and Mobile Applications, vol. 12, no. 1, January-March 2020, 21 pages, DOI: https://doi.org/10.4018/IJESMA.2020010102
Sharif Omar, Mohammed Moshiul Hoque, A. S. M. Kayes, Raza Nowrozy, and Iqbal H. Sarker, “Detecting Suspicious Texts using Machine Learning Techniques,” Applied Sciences, vol. 10, no. 18, 2022, 23 pages, DOI: https://doi.org/10.3390/app10186527
Sanjukta Mohanty, Sourav Nanda, Rupayan Rout, Arpan Kumar, Vansam Agrawal, Arup Abhinna Acharya, Namita Panda, “Detection of Cyber Threats from Suspicious URLs Using Multi-Classification Approach” ResearchGate / Book Chapter, 2024, 14 pages, DOI: http://doi.org/10.4018/979-8-3693-1186-8.ch007
Dae-Neung Sohn, Jung-Tae Lee, and Hae-Chang Rim, “The Contribution of Stylistic Information to Content-Based Mobile Spam Filtering,” Proceedings of the ACL-IJCNLP 2009 Conference Short Papers, 2009, 4 pages, https://aclanthology.org/P09-2081/
Daniel Schlette, Marco Caselli, and Gunther Pernul, “A Comparative Study on Cyber Threat Intelligence: The Security Incident Response Perspective,” IEEE Communications Surveys & Tutorials, 2021, DOI: http://doi.org/10.1109/COMST.2021.3117338
Christophe Chong, Daniel Liu (Stanford), and Wonhong Lee (Neustar), “Malicious URL Detection”, Unspecified publication, 4 pages, https://cs229.stanford.edu/proj2012/ChongLiu-MaliciousURLDetection.pdf
Ms. Shilpi Jain, Dr. Madhur Jain, Ridhi Kalia, Divyansh Rampal, “A Comprehensive Model for Spam Detection and Phishing Link Detection,” International Journal of Scientific Research in Computer Science, Engineering and Information Technology, vol. 10, no. 3, 2024, 5 pages, DOI: http://doi.org/10.32628/CSEIT24103109
Muskaan V. Jaiswal and Anjali B. Raut, “Detecting and Blocking of Malicious URL,” International Journal of Science and Research (IJSR), vol. 10, no. 6, 2021, 3 pages, DOI: http://doi.org/10.21275/SR21610230148
Malak Aljabri; Hanan S. Altamimi, Shahd A. Albelali, Maimunah Al-Harbi, Haya T. Alhuraib, Najd K. Alotaibi, "Detecting Malicious URLs Detection Using Machine Learning Techniques: Review and Research Directions," IEEE Access, vol. 10, 2022, 23 pages, DOI: http://doi.org/10.1109/ACCESS.2022.3222307
Maruf A. Tamal, Md K. Islam, Touhid Bhuiyan, Abdus Sattar, Nayem Uddin Prince, “Unveiling Suspicious Phishing Attacks: Enhancing Detection with an Optimal Feature Vectorization Algorithm and Supervised Machine Learning,” Frontiers in Computer Science, vol. 6, no. 1428013, 2024, 16 pages, DOI: http://doi.org/10.3389/fcomp.2024.1428013
Amar Palwankar, Rifah Solkar, Afiya Borkar, Shreya Khedaskar, and Pranali Shingare, “Malicious Link Detection System,” International Research Journal Engineering and Technology (IRJET), vol. 9, no. 11, 2022, 5 pages, https://www.irjet.net/archives/V9/i11/IRJET-V9I1165.pdf
Shiyun Li and Omar Dib, "Enhancing Online Security: A Novel Machine Learning Framework for Robust Detection of Known and Unknown Malicious URLs," Journal of Theoretical and Applied Electronic Commerce Research, vol. 19, no. 4, 2024, 42 pages, DOI: https://doi.org/10.3390/jtaer19040141
Yuan Jianting, Chen Guanxin, Tian Shengwei, Pei Xinjun,"Malicious URL Detection Based on a Parallel Neural Joint Model," IEEE Access, vol. 9, 2021, 9 pages, DOI: http://doi.org/10.1109/ACCESS.2021.3049625
Cho Do Xuan, Hoa Dinh Nguyen, Tisenko Victor Nikolaevich, "Malicious URL Detection Based on Machine Learning," International
Journal of Advanced Computer Science and Applications (IJACSA), vol. 11, no. 1, 2020, 6 pages, DOI: http://dx.doi.org/10.14569/IJACSA.2020.0110119
Salvi Siddhi Ravindra, Shah Juhi
Sanjay, Shaikh Nausheenbanu Ahmed Gulzar, Khodke Pallavi, " Phishing Website Detection Based on URL," IJSRCSEIT, vol. 7, no. 3, 2021, 6 pages, DOI: https://doi.org/10.32628/CSEIT2173124
Cheng Cao, James Caverlee, "Detecting Spam URLs in Social
Media via Behavioral Analysis," Lecture Notes in Computer Science (LNCS), Springer, vol. 9022, 2015, 12 pages, DOI: http://doi.org/10.1007/978-3-319-16354-3_77
Nuria Reyes-Dorta, Pino Caballero-Gil, Carlos Rosa-Remedios, "Detection of Malicious URLs Using Machine Learning," Wireless Networks, vol. 30, 2024, 18 pages, DOI: https://doi.org/10.1007/s11276-024-03700-w
Gunikhan Sonowal, "Detecting Phishing SMS Based on Multiple Correlation Algorithms," SN Computer Science, vol. 1, no. 361, 2020, 9 pages, DOI: https://doi.org/10.1007/s42979-020-00377-8
Davide Canali, Marco Cova, Giovanni Vigna, Christopher Kruegel, "Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages," Proceedings of the 20th International Conference on World Wide Web (WWW 2011), 2011, 10 pages, DOI: https://doi.org/10.1145/1963405.1963436
Tasfia Tabassum, Md. Mahbubul Alam, Md. Sabbir Ejaz, Mohammad Kamrul Hasan, “A Review on Malicious URLs Detection Using Machine Learning Methods," Journal of Engineering Research and Reports, vol. 25, no. 12, 2023, 13 pages, DOI: http://doi.org/10.9734/JERR/2023/v25i121042
Fuad A. Ghaleb, Mohammed Alsaedi, Faisal Saeed, Jawad Ahmad, Mohammed Alasli, "Cyber Threat Intelligence-Based Malicious URL Detection Model Using Ensemble Learning," Sensors, vol. 22, no. 9, 2022, 19 pages, DOI: https://doi.org/10.3390/s22093373
Suparna Das Gupta et al., "SMS Spam Detection Using Machine Learning," Journal of Physics: Conference Series, vol. 1797, no. 1, 2021, 6 pages, DOI: http://doi.org/10.1088/1742-6596/1797/1/012017
Prof. Amar Palwankar, Afiya Borkar, Pranali Shingare, Rifah Solkar, Shreya Khedaskar, “Suspicious Link Detection Using AI," International Journal of Advanced Research in Science, Communication and Technology (IJARSCT), vol. 3, no. 3, 2023, 8 pages, DOI: http://doi.org/10.48175/IJARSCT-9171
Bollam Pragna, M. Rama Bai, Spam Detection using NLP Techniques. (2019). In International Journal of Recent Technology and Engineering (Vol. 8, Issue 2S11, pp. 2423–2426). DOI: https://doi.org/10.35940/ijrte.b1280.0982s1119
Joshma K J, & Sankar P, V. (2024). Phishing Website Detection. In Indian Journal of Data Mining (Vol. 4, Issue 1, pp. 38–41). DOI: https://doi.org/10.54105/ijdm.a1642.04010524
Prabu, Mr. S., & Sumathi, Mrs. M. (2019). Evaluating Phishing Website Detection On Client Side. In International Journal of Engineering and Advanced Technology (Vol. 8, Issue 6, pp. 18–22). DOI: https://doi.org/10.35940/ijeat.e7396.088619
Rajeev, H., & Chakkravarthy, Dr. M. (2023). Detection of Malware using Phishing Alarm. In Indian Journal of Artificial Intelligence and Neural Networking (Vol. 3, Issue 4, pp. 1–4). DOI: https://doi.org/10.54105/ijainn.a1077.124123
Tiwari, M., & Arjariya, Dr. T. (2021). A Phishing URL Classification Technique using Machine Learning Approach. In International Journal of Innovative Technology and Exploring Engineering (Vol. 10, Issue 3, pp. 73–79). DOI: https://doi.org/10.35940/ijitee.c8338.0110321