Article Preview
Top1. Introduction
Phishing attacks are growing constantly as the online transactions and digital media is growing. According to Anti Phishing Working Group (APWG) the main target of phishing are the payment system (45%), followed by the financial institutions (16%), webmail (15%) and Cloud Storage (9%). (APWG, 2010). Phishing in the IoT environment has huge impact on the organizations, individuals as well as government. According to Gartner organizations have suffered losses in millions due to phishing attacks on various devices hosting and using their applications. Apart from the financial losses these enterprises lose their credibility and brand image as well. In many cases they also have to reimburse the losses to the customer to maintain their loyalty. From the customer’s perspective who were actually attacked, it will be very difficult for them to rely on these IoT devices again. They will avoid doing online transactions and this will impact the e-commerce growth in a big way (Srivastava T, 2007). Many phishing attacks have been reported recently mostly in the banking domain where the money has been siphoned either through online transactions or from the ATM (“Major Cyber Attacks,” 2018). This is an example of government or a private entity falling prey to this attack. Another example is the access to the Aadhaar database due to the flaws in the mAadhaar app on the Google Play Store (“Aadhaar security breaches,” 2018).
A huge amount of progress in the communication technology has led to resource distribution among multiple users which in turn increases the problem of privacy, integrity, security and trust. A very attractive term called the Internet of Things has come up which makes the home automation and smart appliances very simple and exciting for us but we definitely need to strengthen the security of these IoT devices. One type of attack very common in these devices is the phishing attack in which the attacker tries to steel users personal information using different mechanisms.
A phishing attack was carried out in December 2016 in which more than 750,000 malicious emails were delivered to lakhs of gadgets including handheld and networking devices like routers etc, this report was published in egadget+. According to their report three fourth of these emails were sent by traditional computers and mobile devices, but IoT gadgets also contributed to more than one fourth of these attacks. The phishers usually carry out such attacks on SSH, telnet and SMTP (i.e. “email”) servers. These DDoS attacks if not stopped degrade the performance of these gadgets (Gorman, 2017). A mass phishing attack has been recorded on Russian business by cybersecurity experts which began in November 2018 and peaked in February 2019. In this attack the hackers posed as representatives of well-known brands and they used smart devices to send e-mails with malicious software. These emails contained encryption virus Shade/Troldesh which encoded the files on these devices and asked for money for their access. At least 50 big companies of Russia were affected due to this attack in which devices such as modem, network storage and smart home appliances were used.
Phishers are adopting different and newer techniques for phishing attacks thus making it easy for them to commit crime and difficult to spot them (Barraclough et. al, 2013). The tools which are used these days actually employ the basic rule of expert system i.e. creating particular rules in blacklist and then matching the incoming data traffic against those particular rules. One of the areas of digital forensics which monitors and inspects the network traffic for finding and interpreting the security strategy violations is called network forensics (Wang and Wang, 2010; Khan et al., 2016). Machine learning methods have been utilized to build Network forensic techniques, but two challenges which still need to be addressed are that these algorithms are generating high error rates and they are not able to determine the various ways in which attacks happen, particularly botnet events (Moustafa et al., 2017; Prakash and Krishna, 2016; Amini et al., 2015). Pattern recognition, classification, correlation statistical techniques and clustering are all included in Machine learning algorithms (Sangkatsanee et al, 2011; Amini et al., 2015).