No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
A Smart Methodology for Analyzing Secure E-Banking and E-Commerce Websites
... Malicious websites are designed to perform illegal activities such as a number of different types of cyber-attacks. Latif et al. [11] describe various features of legal, suspect, and phishing attacks. Features input to WEKA built-in data mining techniques are used to compute and verify the proposed algorithm's performance. ...
... Features input to WEKA built-in data mining techniques are used to compute and verify the proposed algorithm's performance. The proposed methodology in Latif et al. [11] can be used to evaluate a website's trustworthiness while making payments. ...
Online banking is an ideal method for conducting financial transactions such as e-commerce, e-banking, and e-payments. The growing popularity of online payment services and payroll systems, however, has opened new pathways for hackers to steal consumers' information and money, a risk which poses significant danger to the users of e-commerce and e-banking websites. This study uses the selection method of the entire e-commerce and e-banking website dataset (Chi-Squared, Gini index, and main learning algorithm). The results of the analysis suggest the identification and comparison of machine learning and deep learning algorithm performance on binary category labels (legal, fraudulent) between similar datasets, and understanding which function plays a vital role in predicting safe e-banking and e-commerce website datasets. The e-commerce and e-banking website dataset was compiled from the UCI machine learning library. We obtained 11,056 entries based on 30 unique website attributes. We used the machine learning algorithms support vector machine (SVM), k-nearest neighbors, random forest (RF), decision tree (DT), and the multilayer perceptron (MLP) deep learning algorithm to analyze the datasets of e-commerce and e-banking websites and found the best algorithms based on accuracy, precision, recall, and F1-measure. MLP had the highest precision at 97%. With this procedure we can now accurately test websites to assist in the early prediction of secure e-banking e-commerce transactions.
... User trust, risks, and protection strategies for using e-banking platforms have been discussed. In[5], Latif et al. ...
Website security is the process of managing and securing a website from cyberattacks by taking essential measures. The main purpose of the paper is to provide a web security analysis in the domain of banking. The proposed work in the paper discussed the two security tools—Sucuri and UpGuard which were used to perform security analysis of four Indian e-banking websites, namely SBI, HDFC, ICICI, and IDFC. In the result, a broad comparative analysis of all these four websites performed with two different tools has been showcased so that security professionals managing the banking website can further use the data to mitigate their security issues and if not eliminate, then at least reduce the threats and vulnerabilities from the website.
... Many actions have been taken to deal with this neverending cyber threat issue. Many researchers have introduced various methods and applications to detect phishing which presents a major threat in security networks [2][3][4]. ...
Fuzzy system is one of the most used systems in the decision-making and classification method as it is easy to understand because the way this system works is closer to how humans think. It is a system that uses human experts to hold the membership values to make decisions. However, it is hard to determine the fuzzy parameter manually in a complex problem, and the process of generating the parameter is called fuzzy modelling. Therefore, an optimization method is needed to solve this issue, and one of the best methods to be applied is Butterfly Optimization Algorithm. In this paper, BOA was improvised by combining this algorithm with Harmony Search (HS) in order to achieve optimal results in fuzzy modelling. The advantages of both algorithms are used to balance the exploration and exploitation in the searching process. Two datasets from UCI machine learning were used: Website Phishing Dataset and Phishing Websites Dataset. As a result, the average accuracy for WPD and PWD was 98.69% and 98.80%, respectively. In conclusion, the proposed method shows promising and effective results compared to other methods.
... According to (Latif et al., 2019) some malicious web pages can acquiring information from the user which is a risk to web users for their personal. Therefore, perceived security of m-payment to be used in the transaction in website is important, and will be further analyzed in this study. ...
... From the above comparison, it is concluded that all the analyzed methods, with the exception of those based on lists, have similar accuracy offering values above 90%. Among the most widely used methods with higher accuracy are Decision Trees [20], heuristic methods based on visual similarity and the Naive Bayesian Classifier [21]. ...
Phishing attacks use social engineering and some technical tricks to obtain users’ personal identity data, account credentials and details of your bank cards to impersonate users on the network. Organizations are not immune to these attacks, so they should implement an orderly phishing detection plan, with the aim of reducing risks from direct exposure. Phishing is perpetrated in various telematic services such as email, web, social networks and instant messaging, among others. This paper brings an updated study of the main existing mechanisms for the detection of phishing. Additionally, the most effective solutions in the literature will be highlighted, matching solutions for different services will be identified and the most effective solutions will be featured, with the aim of applying these approaches in future integrated solutions for the detection of phishing attacks.
... From the above comparison, it is concluded that all the analyzed methods, with the exception of those based on lists, have similar accuracy offering values above 90%. Among the most widely used methods with higher accuracy are Decision Trees [37], heuristic methods based on visual similarity and the Naive Bayesian Classifier [38]. ...
Phishing attacks use social engineering and some technical tricks to obtain users' personal identity data, account credentials and details of your bank cards to impersonate users on the network. Organizations are not immune to these attacks, so they should implement an orderly phishing detection plan, with the aim of reducing risks from direct exposure. Phishing is perpetrated in various telematic services such as email, web, social networks and instant messaging, among others. This paper brings an updated study of the main existing mechanisms for the detection of phishing. Additionally, the most effective solutions in the literature will be highlighted, matching solutions for different services will be identified and the most effective solutions will be featured, with the aim of applying these approaches in future integrated solutions for the detection of phishing attacks.
... In a study, the different features of legitimate, suspicious and phishing websites were identified using the built-in machine learning algorithms from WEKA to compare and verify the accuracy of the algorithm [10]. A platform analysis presents the potential computer intrusion and violation of privacy which occurs due to anonymous web browsing, technologies and programs [11]. ...
E-commerce plays a significant role to grow its business globally by satisfying the modern consumer’s expectations. Without the help of Operating System (OS), e-commerce applications cannot be operated as well as broadcasted on the web. It is evident after analyzing this study that web administrators of the business are sometimes being careless, in some cases unaware about the risk of cyber-attack due the lack of vulnerability research on their OS. Therefore, a good number of the e-commerce applications are faced different type of OS exploitations through different types of attack e.g. denial of service, bypass, DECOVF, etc. that breaches the OS’s confidentiality, integrity and availability. In this paper, we analyzed 140 e-commerce sites servers’ information and its related 1138 vulnerabilities information to examine the risks and risky versions of the OS in e-commerce business. The probabilities of vulnerability are calculated using Orange 3 and feature selection operation has been performed using Weka through IBM statistical tool SPSS. This study identifies few versions of Ubuntu that are found in critical status in terms of risk position.
A part of the information security framework, e-commerce security is used in areas like data security and computer security, among others. It covers safeguarding electronic commerce assets from unauthorized access, use, modification, or destruction of data. However, due to heightened awareness of attacks, the attackers use phoney websites and apps to circumvent the security of payment-related online activities. This article provides an overview of the many security issues that arise in ecommerce applications and discusses solutions. The study offers a survey of some methods used by different researchers. Due to the growth of e-commerce, most financial transactions now take place online.. They use websites or apps that are offered by businesses, making them more vulnerable to attacks and increasing the probability that attackers may use fake websites and apps. There are several methods that can be employed to defend against vulnerabilities. We have given a survey of the security measures used to protect banking transactions in this paper
E-Commerce security is a component of information security framework and applied to avenues including data security, computer security etc. It includes protection of E-Commerce assets against illegal access, use modification or demolishing of data. However, due to increase in sensitivity to assaults, the attackers employ phony websites and apps to breach the security of payment related activities over the internet. This paper presents the review of various security challenges encountered in e-commerce applications and the methods to avoid or overcome them. The paper provides a survey of some techniques employed by various researchers. The majority of banking transactions now take place online due to the expansion of e-commerce. They use merchant-provided websites or pay-per-use apps which increases their sensitivity to assaults and increases the likelihood that attackers will employ phony websites and apps. There are numerous strategies for protecting against vulnerabilities that can be used. In this paper, we have provided a survey of the Security methods employed for safeguarding the banking transactions.
In spite of various research endeavors, phishing assaults stay common and exceedingly successful in attracting clueless clients to uncover delicate data, including account details and government managed savings numbers. Misfortunes due to phishing are developing consistently. A solitary methodology isn't effective for distinguishing a wide range of phishing assaults. So we propose a hybrid approach to deal with the classification of URLs as phishing or real. The investigation aftereffects of our proposed methodology, in view of a dataset gathered from phishing and legitimate URLs, have demonstrated that PhishAlert framework can successfully counteract phishing assaults and can thus ensure system security.
One of the major challenges in cyber space and Internet of things (IoT) environments is the existence of fake or phishing websites that steal users’ information. A website as a multimedia system provides access to different types of data such as text, image, video, audio. Each type of these data are prune to be used by fishers to perform a phishing attack. In phishing attacks, people are directed to fake pages and their important information is stolen by a thief or phisher. Machine learning and data mining algorithms are the widely used algorithms for classifying websites and detecting phishing attacks. Classification accuracy is highly dependent on the feature selection method employed to choose appropriate features for classification. In this research, an improved spotted hyena optimization algorithm (ISHO algorithm) is proposed to select proper features for classifying phishing websites through support vector machine. The proposed ISHO algorithm outperformed the standard spotted hyena optimization algorithm with better accuracy. In addition, the results indicate the superiority of ISHO algorithm to three other meta-heuristic algorithms including particle swarm optimization, firefly algorithm, and bat algorithm. The proposed algorithm is also compared with a number of classification algorithms proposed before on the same dataset.
In the education system, the students may find counselors, but student-to-counselor ratio is higher, which forces us to implement an automated system for the guidance of the students. Career counseling can be useful for students to evaluate their careers and select the best direction for the future. This chapter aims to explore, develop, and implement the effective means of analyzing student career counseling, guidelines, and decision making. The authors have developed a realistic dataset from a different mindset of students. The research started once the student provides the machine input about the individual choices about taking admission for matriculation, intermediate, and or short course. The machine learning algorithms like logistic model tree, naïve Bayes, J48, and random forest are used to predict career options. In evaluated results, they found the best algorithm based on the accuracy of kappa statistics, mean absolute error, and correctly classified or incorrectly classified for career-related problems.
ICT tools and machine learning tools are used to analyze the visual attention of the student. The student's attention score is calculated for the analysis of the visual attention of the student. For this purpose, the authors have developed a software package (i.e., Visual Attention Tool [VAT]) based on the ICT that extracts the frames from a video stream that is taken through the webcam attached to the student's laptop. Each image is converted into a grayscale image, enhanced by image processing, then face detection is performed by following eye detection. This real-time processing of video produces a dataset by tracking the faces and eyes. It measures the attention level of the student with the timestamp. A manual observer also calculates the student's attention score focusing face and eye contact and produces a dataset manually. Then a comparative analysis of both datasets is performed in statistical and machine learning tools.
Measuring and analyzing the student's visual attention are significant challenges in the e-learning environment. Machine learning techniques and multimedia tools can be used to examine the visual attention of a student. Emotions play a vital impact in understanding or judging the attention of the student in the class. If the student is interested in the lecture, the teacher can judge it by reading his emotions, and the learning has increased, and students can pay more attention to the classroom, authors say. The study explores the effect on the brand reputation of universities of information and communication technology (ICT), e-service quality, and e-information quality by focusing on the e-learning and fulfillment of students.
Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Phishing is one kind of cyber-attack and at the same time, it is the most dangerous and common attack. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website that matches the look and feel of the legitimate site. Phishing websites have certain characteristics and patterns, and to identify those features can help us to detect phishing. The E-Banking and E-Commerce sector was targeted by phishing more than in any other industry sector. Using Phishing Website Analyzer can help the users to predict the legitimacy of the website they are using. It helps them learn if the website being visited is a phi shy website or not. The Analyzer works by collecting the parameters of the website and evaluating them using different algorithms. The results of the different algorithms are compared against each other and the algorithm that best predicts, is chosen for classification. The use of machine learning algorithms, makes the application better than most other approaches.
Phishing is a fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Phishing is one kind of cyber-attack and at the same time, it is the most dangerous and common attack. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website that matches the look and feel of the legitimate site. Phishing websites have certain characteristics and patterns, and to identify those features can help us to detect phishing. The E-Banking and E-Commerce sector was targeted by phishing more than in any other industry sector. Using Phishing Website Analyzer can help the users to predict the legitimacy of the website they are using. It helps them learn if the website being visited is a phishy website or not. The Analyzer works by collecting the parameters of the website and evaluating them using different algorithms. The results of the different algorithms are compared against each other and the algorithm that best predicts, is chosen for classification. The use of machine learning algorithms, makes the application better than most other approaches.
Phishing is an online criminal act that occurs when a malicious webpage impersonates as legitimate webpage so as to acquire sensitive information from the user. Phishing attack continues to pose a serious risk for web users and annoying threat within the field of electronic commerce. This paper focuses on discerning the significant features that discriminate between legitimate and phishing URLs. These features are then subjected to associative rule mining—apriori and predictive apriori. The rules obtained are interpreted to emphasize the features that are more prevalent in phishing URLs. Analyzing the knowledge accessible on phishing URL and considering confidence as an indicator, the features like transport layer security, unavailability of the top level domain in the URL and keyword within the path portion of the URL were found to be sensible indicators for phishing URL. In addition to this number of slashes in the URL, dot in the host portion of the URL and length of the URL are also the key factors for phishing URL.
Purpose: This study aims to investigate if online reviews (e.g. valence and volume), online promotional strategies (e.g. free delivery and discounts) and sentiments from user reviews can help predict product sales.
Design/methodology/approach: We designed a big data architecture and deployed Node.JS agents for scraping the Amazon.com pages using asynchronous Input/Output calls. The completed web crawling and scraping datasets were then preprocessed for sentimental and neural network analysis. The neural network was employed to examine which variables in our study are important predictors of product sales.
Findings: This study found that although online reviews, online promotional strategies and online sentiments can all predict product sales, some variables are more important predictors than others. We found that the interplay effects of these variables become more important variables than the individual variables themselves. For example, online volume interactions with sentiments and discounts are more important than the individual predictors of discounts, sentiments or online volume.
Originality/value: This study designed big data architecture, in combination with sentimental and neural network analysis that can facilitate future business research for predicting product sales in an online environment. This study also employed a predictive analytic approach (e.g. neural network) to examine the variables, and this approach is useful for future data analysis in a big data environment where prediction can have more practical implications than significance testing. This study also examined the interplay between online reviews, sentiments and promotional strategies, which up to now have mostly been examined individually in previous studies.
How could a product or service is reasonably evaluated by anyone in the shortest time? A million dollar question but it is having a simple answer: Sentiment analysis. Sentiment analysis is consumers review on products and services which helps both the prod ucers and consumers (stakeholders) to take effective and efficient decision within a shortest period of time. Producers can have better knowledge of their products and services through the sentiment analysis (ex. positive and negative comments or consumers likes and dislikes) which will help them to know their products status (ex. product limitations or market status). Consumers can have better knowledge of their interested products and services through the sentiment analysis (ex. positive and negative comm ents or consumers likes and dislikes) which will help them to know their deserving products status (ex. product limitations or market status) . For more specification of the sentiment values, fuzzy logic could be introduced. Therefore, sentiment analysis wi th the help of fuzzy logic (deals with reasoning and gives closer views to the exact sentiment values) will help the producers or consumers or any interested person for taking the effective decision according to their product or service interest.
Classification Data Mining (DM) Techniques can be a very useful tool in detecting and identifying e-banking phishing websites. In this paper, we present a novel approach to overcome the difficulty and complexity in detecting and predicting e-banking phishing website. We proposed an intelligent resilient and effective model that is based on using association and classification Data Mining algorithms. These algorithms were used to characterize and identify all the factors and rules in order to classify the phishing website and the relationship that correlate them with each other. We implemented six different classification algorithm and techniques to extract the phishing training data sets criteria to classify their legitimacy. We also compared their performances, accuracy, number of rules generated and speed. A Phishing Case study was applied to illustrate the website phishing process. The rules generated from the associative classification model showed the relationship between some important characteristics like URL and Domain Identity, and Security and Encryption criteria in the final phishing detection rate. The experimental results demonstrated the feasibility of using Associative Classification techniques in real applications and its better performance as compared to other traditional classifications algorithms.
Phishing is an important issue that faces the cyber
security. This paper exploits the capabilities of classification
techniques on Phishing Website Prediction (PWP), and
introduces a methodology to protect users from the attackers.
The blacklist procedure isn’t a strong enough way to stay safe
from the cybercriminals. Therefore, phishing website indicators
have to be considered for this purpose, with the existence and
usage of machine learning algorithms. Five different
classification techniques have been used to evaluate their
efficiency on (PWP) in terms of accuracy and the Relative
Absolute Error (RAE) value for each one of them, with and
without the feature selection process. WEKA tool was used for
the implementation of these classifiers on a public dataset from
NASA repository. The motivation behind this investigation is to
employ a number of Data Mining (DM) algorithms for the
prediction purpose of phishing websites and compare their
effectiveness in terms of accuracy and RAE. Where DM
classifiers have proved their goodness in this kind of problems.
Text mining has found a variety of applications in diverse domains. Of late, prolific work is reported in using text mining techniques to solve problems in financial domain. The objective of this paper is to provide a state-of-the-art survey of various applications of Text mining to finance. These applications are categorized broadly into FOREX rate prediction, stock market prediction, customer relationship management (CRM) and cyber security. Since finance is a service industry, these problems are paramount in operational and customer growth aspects. We reviewed 89 research papers that appeared during the period 2000-2016, highlighted some of the issues, gaps, key challenges in this area and proposed some future research directions. Finally, this review can be extremely useful to budding researchers in this area, as many open problems are highlighted.
Purpose
– The purpose of this paper is to investigate if online reviews (e.g. valence and volume), online promotional strategies (e.g. free delivery and discounts) and sentiments from user reviews can help predict product sales.
Design/methodology/approach
– The authors designed a big data architecture and deployed Node.js agents for scraping the Amazon.com pages using asynchronous input/output calls. The completed web crawling and scraping data sets were then preprocessed for sentimental and neural network analysis. The neural network was employed to examine which variables in the study are important predictors of product sales.
Findings
– This study found that although online reviews, online promotional strategies and online sentiments can all predict product sales, some variables are more important predictors than others. The authors found that the interplay effects of these variables become more important variables than the individual variables themselves. For example, online volume interactions with sentiments and discounts are more important than the individual predictors of discounts, sentiments or online volume.
Originality/value
– This study designed big data architecture, in combination with sentimental and neural network analysis that can facilitate future business research for predicting product sales in an online environment. This study also employed a predictive analytic approach (e.g. neural network) to examine the variables, and this approach is useful for future data analysis in a big data environment where prediction can have more practical implications than significance testing. This study also examined the interplay between online reviews, sentiments and promotional strategies, which up to now have mostly been examined individually in previous studies.
Incorporating ancillary data into image classification can increase classification accuracy and precision. Rule-based classification systems using expert systems or machine learning are a particularly useful means of incorporating ancillary data, but have been difficult to implement. We developed a means for creating a rule-based classification using classification and regression tree analysis (CART), a commonly available statistical method. The CART classification does not require expert knowledge, automatically selects useful spectral and ancillary data from data supplied by the analyst, and can be used with continuous and categorical ancillary data. We demonstrated the use of the CART classification at three increasingly detailed classification levels for a portion of the Greater Yellowstone Ecosystem. Overall accuracies ranged from 96 percent at level 1, to 79 percent at level 2, and 65 percent at level 3.
Internet has become an essential component of our everyday social and financial activities. Nevertheless, internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information,
brand reputation damage and loss of customer’s confidence in e-commerce and online banking. Phishing is considered as a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain confidential information such as usernames, passwords and social security number. So far, there is no single solution that can capture every phishing attack. In this article, we proposed an intelligent model for predicting phishing attacks based on artificial neural network particularly self-structuring neural networks. Phishing is a continuous problem where features significant in determining the type of web pages are constantly changing. Thus, we need to constantly improve the network structure in order to cope with these changes. Our model solves this problem by automating the process of structuring the network and shows high acceptance for noisy data, fault tolerance and high prediction accuracy. Several experiments were conducted in our research, and the number of epochs differs in each experiment. From the results, we find that all produced structures have high generalization ability.
Website phishing is considered one of the crucial security challenges for the online community due to the massive numbers of online transactions performed on a daily basis. Website phishing can be described as mimicking a trusted website to obtain sensitive information from online users such as usernames and passwords. Black lists, white lists and the utilisation of search methods are examples of solutions to minimise the risk of this problem. One intelligent approach based on data mining called Associative Classification (AC) seems a potential solution that may effectively detect phishing websites with high accuracy. According to experimental studies, AC often extracts classifiers containing simple “If-Then” rules with a high degree of predictive accuracy. In this paper, we investigate the problem of website phishing using a developed AC method called Multi-label Classifier based Associative Classification (MCAC) to seek its applicability to the phishing problem. We also want to identify features that distinguish phishing websites from legitimate ones. In addition, we survey intelligent approaches used to handle the phishing problem. Experimental results using real data collected from different sources show that AC particularly MCAC detects phishing websites with higher accuracy than other intelligent algorithms. Further, MCAC generates new hidden knowledge (rules) that other algorithms are unable to find and this has improved its classifiers predictive performance.
How could a product or service is reasonably evaluated by anyone in the
shortest time? A million dollar question but it is having a simple answer:
Sentiment analysis. Sentiment analysis is consumers review on products and
services which helps both the producers and consumers (stakeholders) to take
effective and efficient decision within a shortest period of time. Producers
can have better knowledge of their products and services through the sentiment
analysis (ex. positive and negative comments or consumers likes and dislikes)
which will help them to know their products status (ex. product limitations or
market status). Consumers can have better knowledge of their interested
products and services through the sentiment analysis (ex. positive and negative
comments or consumers likes and dislikes) which will help them to know their
deserving products status (ex. product limitations or market status). For more
specification of the sentiment values, fuzzy logic could be introduced.
Therefore, sentiment analysis with the help of fuzzy logic (deals with
reasoning and gives closer views to the exact sentiment values) will help the
producers or consumers or any interested person for taking the effective
decision according to their product or service interest.
Incorporating ancillary data into image classification can increase classification accuracy and precision. Rule-based classification systems using expert systems or machine learning are a particularly useful means of incorporating ancillary data, but have been difficult to implement. We developed a means for creating a rule-based classification using classification and regression tree analysis (CART), a commonly available statistical method. The CART classifica- tion does not require expert knowledge, automatically selects useful spectral and ancillary data from data supplied by the analyst, and can be used with continuous and categorical ancillary data. We demonstrated the use of the CART classi- fication at three increasingly detailed classification levels for a portion of the Greater Yellowstone Ecosystem. Overall accuracies ranged from 96 percent at level 1, to 79 percent at level 2, and 65 percent at level 3.
The purpose of this paper is to present an application of fuzzy logic to human reasoning about electronic commerce (e-commerce) transactions. This paper uncovers some of the hidden relationships between critical factors such as security, familiarity, design, and competitiveness. We analyze the effect of these factors on human decision process and how they affect the Business-to-Consumer (B2C) outcome when they are used collectively. This research provides a toolset for B2C vendors to access and evaluate a user's transaction decision process, and also an assisted reasoning tool for the online user.
Rule-based messaging and dialog engine
- M Roberts
- V M Bellotti
- S P Ahern
M. Roberts, V. M. Bellotti, and S. P. Ahern, "Rule-based messaging and
dialog engine," ed: Google Patents, 2018.
Effective classification of phishing web pages based on new rules by using extreme learning machines
- kaytan
M. Kaytan and D. Hanbay, "Effective classification of phishing web
pages based on new rules by using extreme learning machines,"
Anatolian Journal of Computer Sciences, vol. 2, no. 1, pp. 15-36, 2017.
Rule-based messaging and dialog engine
- roberts