With the increasing threat of cyberattacks threatening the security of personal data, innovative methods of detecting malicious user behavior have been a top priority. One of the most pressing security issues today is phishing, which can significantly threaten mobile devices, including those running iOS. However, with the application of neural networks, identifying phishing attempts on iOS operating systems is possible. This article will explore the possibilities provided by applying neural networks.
Phishing is a social engineering technique cybercriminals use to obtain unauthorized access to computer systems and sensitive information, such as passwords, credit card numbers, or social security numbers. Attackers deceive users using legitimate-looking communications such as instant messages, social media, e-mails, or websites that trick the user into providing login credentials and other sensitive personal information. Kaur et al. (2021) note that phishing attacks remain a significant threat to cybersecurity at the individual and organizational level due to the rapidly evolving sophistication of phishing attacks.
Neural networks, on the other hand, are a class of algorithms that work like the human brain's neural structure in that it learns from input data and makes predictions or decisions based on the learning (Zhang et al., 2020). Neural networks have advanced research in several areas, such as natural language processing, speech recognition, and image recognition. However, neural networks can also be used for cybersecurity tasks such as identifying and preventing phishing attacks in iOS operating systems by analyzing the behavior of end users.
Yadav and Reddy (2019) noted that neural networks effectively detect phishing e-mails by analyzing the content, sender, and formatting of suspected e-mails. Content attributes, such as certain words and phrases, URL links or attachments, and how similar the phishing e-mails are to previous e-mails, are used in the neural network training set. With over 95% accuracy in classifying new e-mails as phishing attempts or legitimate, neural networks have shown some promise in phishing detection. In 2021, Zhang et al. (2021) also used a neural network to detect phishing URLs utilizing the frequency of keywords, the URL length, and domain name, achieving over 98% accuracy in classifying legitimate and phishing e-mails.
Neural Networks can also analyze user behavior to prevent phishing attacks in iOS operating systems, such as phishing attempts that use fake login screens or websites. By analyzing the user's input, the neural network can determine if the end-user has given sensitive information to a malicious webpage, such as a password or credit card information. A benefit of using neural networks is that they can adapt to changes and evolutions in the threat space through machine learning algorithms. As more sophisticated phishing attempts are revealed, neural networks can be trained to recognize and prevent intrusion. A study by Kumar et al. (2020) introduced a system that used neural networks to analyze user behavior on mobile devices and detect suspicious activity that may be a phishing attempt. Attributes from the training set, such as timing, the speed of the user's typing, and the pattern of screen touches, are used to determine whether the user activity is automated or legitimate.
In conclusion, several research studies in the past three years have shown promise in using neural networks to detect phishing attempts in various communication forms. This approach shows promise for preventing phishing attacks on mobile devices by leveraging the unique behavioral patterns of individual users with neural network training sets.
About the Author
Rhonda Johnson has Certified Digital Forensics Examiner and Certified Penetration Testing Engineer certifications from Mile2. She serves as e-learning manager/course creator for Ogun Drone Forensics Training LLC in Houston, TX (ogunforensics.com). She has a Master's in Computer and Information Security, and she is currently on the editorial review board for the International Journal of Cyberwarfare and Terrorism and a Peer Reviewer for the International Journal of Digital Crime and Forensics.
References
Kaur, P., Bansal, A., & Singh, J. (2021). A survey on phishing attacks: Techniques, types, and prevention. Journal of Network and Computer Applications, 168, 102806. https://doi.org/10.1016/j.jnca.2020.102806
Yadav, S., & Reddy, A. L. N. (2019). Neural network-based phishing detection system. In 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC) (pp. 344-348). IEEE.
Zhang, Z., Li, J., Li, Y., & Li, J. (2021). Phishing detection using deep neural network. IEEE Access, 9, 36209-36220. https://doi.org/10.1109/ACCESS.2021.3060311
Kumar, M., Bagchi, S., & Kar, S. (2020). PhishBlock: Preventing phishing attacks on mobile devices using behavioral biometrics. IEEE Transactions on Mobile Computing, 19(1), 69-82. https://doi.org/10.1109/TMC.2018.2886356