A performance analysis of Software Defined Network based prevention on phishing attack in cyberspace using a deep machine learning with CANTINA approach (DMLCA)

Abstract

This paper discusses a novel frame work approach of Software Defined Network based prevention on phishing attack with the help of the deep machine learning with CANTINA approach (DMLCA) in the cyberspace. Cyber security is a significant concern in the operations of coalition, and is a complex challenge because of some needs in operational effectiveness and also the trust relationship limit which exists over the coalition partners. In networking, new promising paradigms like Software Defined Networks (SDN), offer a method to deal more efficiently with their security constraints. This machine learning approach is to deal with the phishing attack problem based on the SVM (support vector machine) and this machine learning technique with SVM helps to effectively to solve classification problems. The CANTINA approach helps to support the robust hyperlinks with the help of evaluating the term frequency (TF) and inverse document frequency and (IDF). This information retrieval algorithm helps to compare, classify and retrieve various documents. The objective is to improve the detection accuracy with the help of the DMLCA method with the various parameters such as detection accuracy based on the true positive ratio and false positive ratio, precision and recall.

Introduction

Phishing is the social networking attack which often to steal the user information such as login credentials and card details. This attack occurs when the attacker, personate as a trusted entity, deceives suffer into login an email, message or text messages. The phishing attack is the unwanted attempt which is to reach sensitive details such as name, passwords, and card details. This is done when the direct users enter personal details at a duplicate website. This is the example of the social network techniques which are used to receive the deceive users. Implementation of SDN can decrease the overall consumption of power that leads to the cost reduction thereby increases the security of network. The feasibility, programmability, and openness of SDN in turn decrease the difficulty to implement some machine learning strategies for attack prevention. Moreover, SDN is considered to be the most viable solution at which the minimal resources could be employed for performing task without any deviations in overall performance like security. Various types of phishing attacks are presented and explained in this paper.

The phishing attack has three (or 4 or 5) types such as spear phishing, clone phishing, and whaling attacks.

The phishing will be processed with the specific singles or multiple companies which have been denoted as spear phishing. The spear phishing attackers collect the user information and details about their particular target which is to increase the probability of success.

This is one of the types of the phishing attack which is detected with legitimate and previously received electronic mail attachment and to develop an identical or cloned email. This method would be used to pivot from the already infected machine.

The whaling is the coined of the spear phishing which are directed at the senior executives and other high profile estimates. The text will be crafted to the target with an upper manager and the goal in the company. The whaling attack has the content issues of executives like customer complaint. Fig. 1 shows the types of phishing attack.

The machine learning is the most powerful method for determining data and pattern extraction. Following three methods are performed in the detection algorithms such as social graph analysis, user communication profiling, and email structural analysis.

This is the first way to evaluate the machine learning method which would be applied to spear phishing detection which depends on the social community for presenting in the communication patterns. Building the social graph is to be straightforward. When the information is observed by header in the email sent, connections should be observed without reading the contents of the email.

In the user communication profiling, each and everyone has the unique style and the voice which is expressed when the emails are written. This is the most efficient technique present in the combination with the others to improve the probability which detect their receipts.

When the email is got, the email client is to be chosen such as sender, recipient, and time subject, message and attachments. The bulk of information has the most number of emails which it is far from everything in them. In an organization, user specific is built up from the user’s email.