dc.contributor.author | Rastenis, Justinas | |
dc.contributor.author | Ramanauskaitė, Simona | |
dc.contributor.author | Janulevičius, Justinas | |
dc.contributor.author | Čenys, Antanas | |
dc.contributor.author | Slotkienė, Asta | |
dc.contributor.author | Pakrijauskas, Kęstutis | |
dc.date.accessioned | 2023-09-18T20:22:33Z | |
dc.date.available | 2023-09-18T20:22:33Z | |
dc.date.issued | 2020 | |
dc.identifier.uri | https://etalpykla.vilniustech.lt/handle/123456789/149216 | |
dc.description.abstract | The amount of fraud on the Internet is increasing along with the availability and the popularity of the Internet around the world. One of the most common forms of Internet fraud is phishing. Phishing attacks seek to obtain a user’s personal or secret information. The variety of phishing attacks is very broad, and usage of novel, more sophisticated methods complicates its automated filtering. Therefore, it is important to form up-to-date and detailed phishing attack taxonomy, which could be used for both human education purposes as well as phishing attack discrete notation. In this paper, we propose an e-mail-based phishing attack taxonomy, which includes six phases of the attack. Each phase has at least one criterion for the attack categorization. Each category is described, and in some cases the categories have sub-classes to present the full variety of phishing attacks. The proposed taxonomy is compared to similar taxonomies. Our taxonomy outperforms other phishing attack taxonomies in numbers of phases, criteria and distinguished classes. Validation of the proposed taxonomy is achieved by adapting it as a phishing attack notation for an incident management system. Taxonomy usage for phishing attack notation increases the level of description of phishing attacks compared to free-form phishing attack descriptions. | eng |
dc.format | PDF | |
dc.format.extent | p. 1-15 | |
dc.format.medium | tekstas / txt | |
dc.language.iso | eng | |
dc.relation.isreferencedby | Chemical abstracts | |
dc.relation.isreferencedby | DOAJ | |
dc.relation.isreferencedby | INSPEC | |
dc.relation.isreferencedby | Scopus | |
dc.relation.isreferencedby | Science Citation Index Expanded (Web of Science) | |
dc.rights | Laisvai prieinamas internete | |
dc.source.uri | https://doi.org/10.3390/app10072363 | |
dc.source.uri | https://www.mdpi.com/2076-3417/10/7/2363/htm | |
dc.source.uri | https://talpykla.elaba.lt/elaba-fedora/objects/elaba:54412353/datastreams/MAIN/content | |
dc.title | E-mail-based phishing attack taxonomy | |
dc.type | Straipsnis Web of Science DB / Article in Web of Science DB | |
dcterms.accessRights | This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). | |
dcterms.license | Creative Commons – Attribution – 4.0 International | |
dcterms.references | 23 | |
dc.type.pubtype | S1 - Straipsnis Web of Science DB / Web of Science DB article | |
dc.contributor.institution | Vilniaus Gedimino technikos universitetas | |
dc.contributor.faculty | Fundamentinių mokslų fakultetas / Faculty of Fundamental Sciences | |
dc.subject.researchfield | T 007 - Informatikos inžinerija / Informatics engineering | |
dc.subject.researchfield | N 009 - Informatika / Computer science | |
dc.subject.vgtuprioritizedfields | IK0101 - Informacijos ir informacinių technologijų sauga / Information and Information Technologies Security | |
dc.subject.ltspecializations | L106 - Transportas, logistika ir informacinės ir ryšių technologijos (IRT) / Transport, logistic and information and communication technologies | |
dc.subject.en | phishing | |
dc.subject.en | e-mail | |
dc.subject.en | taxonomy | |
dc.subject.en | notation | |
dcterms.sourcetitle | Applied sciences | |
dc.description.issue | iss. 7 | |
dc.description.volume | vol. 10 | |
dc.publisher.name | MDPI | |
dc.publisher.city | Basel | |
dc.identifier.doi | 000533356200162 | |
dc.identifier.doi | 10.3390/app10072363 | |
dc.identifier.elaba | 54412353 | |