NCI WEBSITE
NORMA eResearch @NCI Library

Automated Phishing Detection Framework Leveraging Integrated Threat Intelligence and Multi-UserAgent Analysis

Tools

Mohan, Yuvaraj (2024) Automated Phishing Detection Framework Leveraging Integrated Threat Intelligence and Multi-UserAgent Analysis. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (2MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (1MB) | Preview

Abstract

This thesis proposes an approach that combines multiple threat intelligence sources in the Tines platform for enhanced phishing detection. It is aimed to improve the identification and examination of multiple types of Indicators of Compromise (IOCs) originating from e-mails and PDF files to respond to the rising complexity in phishing. The system leverages URLScan.io for behavioral analysis of the identified URLs, the IPs and different file hashes are analysed through VirusTotal for multiple engine scan, EmailRep.io for the real-time email reputation measurements and Hybrid Analysis for PDF files’ examination in an controlled environment. The evaluation of the system was conducted through three real-life case studies. The system demonstrated 95% detection accuracy for the malicious emails with a false positive rate of 5%. In the URL analysis, the system was able to successfully identify 80% of suspicious URLs through multiple user agent simulations, uncovering potential cloaking techniques. For the PDF analysis, the system was able to achieve 100% accuracy in detecting malicious content, utilizing Hybrid analysis to flag files with known malicious behaviors. These results confirm the system’s efficacy in identifying phishing threats across various attack vectors. Future development of the framework will focus on incorporating machine learning algorithms and additional threat intelligence feeds to improve its adaptability to emerging phishing tactics and reduce dependency on external tools.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Mustafa, Raza Ul
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 17 Jul 2025 16:31
Last Modified: 17 Jul 2025 16:31
URI: https://norma.ncirl.ie/id/eprint/8178

Actions (login required)

View Item View Item