Simulation and Detection of Phishing Attacks on Student Academic Emails Using Social Engineering Techniques
Article Sidebar
Main Article Content
Abstract
Phishing attacks on student academic emails are a serious threat to information security. Social engineering techniques are often used in these attacks to manipulate victims into divulging sensitive information, such as passwords and other personal data. This research aims to analyze and detect phishing attacks that use social engineering techniques on student academic emails. In this research, a phishing attack simulation was carried out with the scenario of falsifying the identity of an academic institution and creating fake emails that appear legitimate. Students as simulated subjects were tested to see how they reacted to deceptive phishing emails, such as clicking on malicious links or downloading infectious attachments. The detection methods used include heuristic analysis and machine learning techniques, where the system is trained to recognize suspicious patterns in emails, including elements such as unusual subjects, links and attachments. The research results show that phishing attacks that utilize social engineering are effective in manipulating victims. On the other hand, detection using machine learning and heuristic analysis can achieve a high level of accuracy in identifying phishing attacks. This research also underscores the importance of increasing awareness about cyber security among students as well as the need to develop more effective phishing detection tools.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
Anderson, R. (2020). Security engineering: A guide to building dependable distributed systems (3rd ed.). Wiley.
Bhardwaj, R., & Gupta, S. (2019). Comparative study of phishing detection algorithms. International Journal of Computer Science and Information Security, 17(8), 35-40.
Desai, D., & Patel, S. (2021). Detection of phishing attacks through web traffic analysis and machine learning techniques. Journal of Digital Forensics, Security, and Law.
Gibson, J., & Simpson, L. (2014). Cybersecurity: Protecting digital assets. McGraw-Hill Education.
Gupta, S., & Gupta, A. (2019). Social engineering in phishing: A comprehensive review. International Journal of Information Security, 18(2), 127-138.
Kaufman, C., Perlman, R., & Speciner, M. (2015). Network security: Private communication in a public world (2nd ed.). Prentice Hall.
Kumar, N., & Choudhary, R. (2020). Detecting phishing attacks using heuristic and machine learning methods. Cybersecurity and Privacy, 1(3), 45-56.
Kaur, H., & Bedi, P. (2019). Machine learning algorithms in detecting phishing emails. Journal of Cyber Security and Privacy, 5(2), 120-135.
Mitnick, K. D., & Simon, W. L. (2020). Social engineering: The art of human hacking. Journal of Information Security, 14(4), 250-267.
Padhy, S., & Soni, R. (2020). Phishing attacks: A review of techniques and detection methods. International Journal of Computer Applications, 175(3), 5-12.
Peltier, T. R. (2016). Information security risk analysis (2nd ed.). CRC Press.
Sharma, P., & Bhagat, S. (2020). Phishing detection using hybrid model of decision trees and Naive Bayes. International Journal of Information Technology and Computer Science, 12(1), 11-18.
Singh, A., & Arora, A. (2021). Machine learning algorithms for phishing detection: A systematic review. Journal of Computer Networks and Communications, 2021, 1-12.
Stojanovic, J., & Kostic, D. (2019). Phishing attack detection: A review of machine learning approaches. Computers & Security, 85, 87-107.
Stallings, W. (2017). Network security essentials: Applications and standards (6th ed.). Pearson Education.
Tittel, E. (2016). Hacking exposed: Network security secrets & solutions (7th ed.). McGraw-Hill Education.
Whitman, M. E., & Mattord, H. J. (2018). Principles of information security (6th ed.). Cengage Learning.
Zhang, X., & Yang, Y. (2021). Phishing email detection using machine learning: A case study. Journal of Computer Science and Technology, 36(1), 52-63.