A Novel Automated Approach towards Detecting Email Spear Phishing Attack

Abstract

Due to the advancement in science and technology, people’s dependency on the internet is increasing rapidly. All their data and valuable information are now residing and transferred over the internet. That’s why confidential data needs to be secure. Whereas we lack the security aspect. On the other hand, hackers are not halting from attacking people, private organizations and the government sector’s sensitive data. That’s why we need to do more research and development of such products and applications in the field of security and privacy that ensure no confidential and sensitive data is stolen or sold on the Dark Web. The main problem is phishing attacks. Therefore, this research proposes a model in which Spear Phishing URLs and Attachments are detected automatically from email in real-time. The novel approach applied to the proposed technique ASPAD is detecting the Spear Phishing URLs from their Creation Date, Registrar, Mailed-by, Signed-by, SPF, DKIM, DMARC and other header features. With the help of Whitelisting approach and a couple of APIs, ASPAD will predict the maliciousness of the URLs, Obfuscated URLs as well as Attachments with comparatively high accuracy as compared to traditional techniques.