Abstract
Persuasion is a human activity of influence. In marketing, persuasion can help customers find solutions to their problems, make informed choices, or convince someone to buy a useful (or useless) product or service. In computer crimes, persuasion can trick users into revealing sensitive information, or even performing actions that benefit attackers. Phishing is one of the most common and dangerous forms of persuasion-based attacks, as it exploits human vulnerabilities rather than technical ones. Therefore, an intelligent system capable of detecting and classifying persuasion attempts might be useful in protecting users. In this work, an approach that uses Machine Learning to analyze messages based on principles of persuasion and different data representations is presented. The aim of this research is to detect which data representation and which classification algorithm obtain the best results in detecting each principle of persuasion as a prior step to detecting phishing attacks. The results obtained indicate that among the combinations tested, there is one combination of data representation and classification algorithm that performs best. The related classification models obtained can detect the principles of persuasion at a rate that varies between 0.78 and 0.86 of AUC-ROC.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This dataset is available upon request to Rakesh Verma in the following link: https://www2.cs.uh.edu/~rmverma/.
- 2.
Universal Sentence Encoder includes two feature extractor algorithms based on Deep Averaging Networks (DAN) and Transformers (TRANSF).
References
Cialdini, R.B.: Influence: The Psychology of Persuasion, vol. 55. Collins New York (2007)
Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. arXiv:1810.04805v1 [cs.CL] (2018)
Ferreira, A., Coventry, L., Lenzini, G.: Principles of persuasion in social engineering and their use in phishing. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2015. LNCS, vol. 9190, pp. 36–47. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-20376-8_4
Ferreira, A., Teles, S.: Persuasion: how phishing emails can influence users and bypass security measures. Int. J. Hum.-Comput Stud. 125, 19–31 (2019)
Gragg, D.: A multi-level defense against social engineering. SANS Reading Room 13, 1–21 (2003)
Hogan, K.: The Psychology of Persuasion: How to Persuade Others to Your Way of Thinking. Pelican Publishing (2010)
Karki, B., Abri, F., Namin, A.S., Jones, K.S.: Using transformers for identification of persuasion principles in phishing emails. In: 2022 IEEE International Conference on Big Data (Big Data), pp. 2841–2848. IEEE (2022)
Koddebusch, M.: Exposing the phish: the effect of persuasion techniques in phishing e-mails. In: DG. O 2022: The 23rd Annual International Conference on Digital Government Research, pp. 78–87 (2022)
Li, X., Zhang, D., Wu, B.: Detection method of phishing email based on persuasion principle. In: 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), vol. 1, pp. 571–574. IEEE (2020)
Liu, Y., et al.: RoBERTa: a robustly optimized BERT pretraining approach. arXiv:1907.11692 (2019)
Pepe, E.: Human-centric approach to emails phishing detection. Ph.D. thesis, Dublin, National College of Ireland (2022)
Stajano, F., Wilson, P.: Understanding scam victims: seven principles for systems security. Commun. ACM 54(3), 70–75 (2011)
Van Der Heijden, A., Allodi, L.: Cognitive triaging of phishing attacks. In: SEC 2019, pp. 1309–1326. USENIX Association (2019)
Verma, R.M., Zeng, V., Faridi, H.: Data quality for security challenges: case studies of phishing, malware and intrusion detection datasets. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, pp. 2605–2607. Association for Computing Machinery, New York (2019)
Acknowledgement
This research was supported by the IBERO and InIAT through the project “Detección de ataques de phishing en mensajes electrónicos mediante técnicas de Inteligencia Artificial”. Additionally, the authors thank CONACYT for the computer resources provided through the INAOE Supercomputing Laboratory’s Deep Learning Platform for Language Technologies.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Bustio-Martínez, L. et al. (2024). Towards Automatic Principles of Persuasion Detection Using Machine Learning Approach. In: Hernández Heredia, Y., Milián Núñez, V., Ruiz Shulcloper, J. (eds) Progress in Artificial Intelligence and Pattern Recognition. IWAIPR 2023. Lecture Notes in Computer Science, vol 14335. Springer, Cham. https://doi.org/10.1007/978-3-031-49552-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-49552-6_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-49551-9
Online ISBN: 978-3-031-49552-6
eBook Packages: Computer ScienceComputer Science (R0)