Business Email Compromise Phishing Detection Based on Machine Learning: A Systematic Literature Review
Journal article
| Authors | Atlam, H. and Olayonu Oluwatimilehin |
|---|---|
| Abstract | The risk of cyberattacks against businesses has risen considerably, with Business Email Compromise (BEC) schemes taking the lead as one of the most common phishing attack methods. The daily evolution of this assault mechanism’s attack methods has shown a very high level of proficiency against organisations. Since the majority of BEC emails lack a payloader, they have become challenging for organisations to identify or detect using typical spam filtering and static feature extraction techniques. Hence, an efficient and effective BEC phishing detection approach is required to provide an effective solution to various organisations to protect against such attacks. This paper provides a systematic review and examination of the state of the art of BEC phishing detection techniques to provide a detailed understanding of the topic to allow researchers to identify the main principles of BEC phishing detection, the common Machine Learning (ML) algorithms used, the features used to detect BEC phishing, and the common datasets used. Based on the selected search strategy, 38 articles (of 950 articles) were chosen for closer examination. Out of these articles, the contributions of the selected articles were discussed and summarised to highlight their contributions as well as their limitations. In addition, the features of BEC phishing used for detection were provided, as well as the ML algorithms and datasets that were used in BEC phishing detection models were discussed. In the end, open issues and future research directions of BEC phishing detection based on ML were discussed |
| Keywords | business email compromise (BEC); email phishing; phishing detection |
| Year | 2022 |
| Journal | Electronics |
| Journal citation | 12 (1), pp. 1-28 |
| Publisher | MDPI |
| ISSN | 2079-9292 |
| Digital Object Identifier (DOI) | https://doi.org/10.3390/electronics12010042 |
| Web address (URL) | https://doi.org/10.3390/electronics12010042 |
| Output status | Published |
| Publication dates | 22 Dec 2022 |
| Publication process dates | |
| Accepted | 19 Dec 2022 |
| Deposited | 10 Feb 2023 |
https://repository.derby.ac.uk/item/9wxy2/business-email-compromise-phishing-detection-based-on-machine-learning-a-systematic-literature-review
77
total views0
total downloads1
views this month0
downloads this month
Export as
Related outputs
Deep labeller: automatic bounding box generation for synthetic violence detection datasets
Nadeem, M., Kurugollu, F., Saravi, S., Atlam, H. and Franqueira, V. 2023. Deep labeller: automatic bounding box generation for synthetic violence detection datasets. Multimedia Tools and Applications. pp. 1-18. https://doi.org/10.1007/s11042-023-15621-5ANFIS for risk estimation in risk-based access control model for smart homes
Atlam, H. and Gary B. Wills 2022. ANFIS for risk estimation in risk-based access control model for smart homes. Multimedia Tools and Applications. pp. 1-30. https://doi.org/10.1007/s11042-022-14010-8DEEPSEL: A novel feature selection for early identification of malware in mobile applications
Muhammad Ajmal Azad, Farhan Riaz, Anum Aftab, Syed Khurram Jah Rizvi, Junaid Arshad, Hany F. Atlam and Atlam, H. 2021. DEEPSEL: A novel feature selection for early identification of malware in mobile applications. Future Generation Computer Systems. 129, pp. 54-63. https://doi.org/10.1016/j.future.2021.10.029
IoT forensics: A state-of-the-art review, callenges and future directions
Alenezi, Ahmed, Atlam, Hany, Alsagri, Reem, Alassafi, Madini and Wills, Gary 2019. IoT forensics: A state-of-the-art review, callenges and future directions. SCITEPRESS - Science and Technology Publications. https://doi.org/10.5220/0007905401060115Experts reviews of a cloud forensic readiness framework for organizations
Alenezi, Ahmed, Atlam, Hany F. and Wills, Gary B. 2019. Experts reviews of a cloud forensic readiness framework for organizations. Journal of Cloud Computing. 8 (1). https://doi.org/10.1186/s13677-019-0133-zSecurity, cybercrime and digital forensics for IoT
Atlam, Hany F., Alenezi, Ahmed, Alassafi, Madini O., Alshdadi, Abdulrahman A. and Wills, Gary B. 2019. Security, cybercrime and digital forensics for IoT. in: Intelligent Systems Reference Library Springer International Publishing.A famework for data sharing between healthcare providers using blockchain
Alzahrani, Ahmed G., Alenezi, Ahmed, Atlam, Hany F. and Wills, Gary 2020. A famework for data sharing between healthcare providers using blockchain. Proceedings of the 5th International Conference on Internet of Things, Big Data and Security. https://doi.org/10.5220/0009413403490358Intersections between IoT and distributed ledger
Atlam, Hany F. and Wills, Gary B. 2019. Intersections between IoT and distributed ledger. in: Advances in Computers Elsevier.IoT security, privacy, safety and ethics
Atlam, Hany F. and Wills, Gary B. 2019. IoT security, privacy, safety and ethics. in: Internet of Things Springer International Publishing.Fuzzy logic with expert judgment to implement an adaptive risk-based access control model for IoT
Atlam, Hany F., Walters, Robert J., Wills, Gary B. and Daniel, Joshua 2019. Fuzzy logic with expert judgment to implement an adaptive risk-based access control model for IoT. Mobile Networks and Applications. https://doi.org/10.1007/s11036-019-01214-wA validation of security determinants model for cloud adoption in Saudi organisations’ context
Alassafi, Madini O., Atlam, Hany F., Alshdadi, Abdulrahman A., Alzahrani, Abdullah I., AlGhamdi, Rayed A. and Buhari, Seyed M. 2019. A validation of security determinants model for cloud adoption in Saudi organisations’ context. International Journal of Information Technology. https://doi.org/10.1007/s41870-019-00360-4