Isredza Rahmi A. Hamid

Hybrid feature selection for phishing email detection

Phishing emails are more active than ever before and putting the average computer user and organizations at risk of significant data, brand and financial loss. Through an analysis of a number of phishing and ham email collected, this paper focused on fundamental attacker behavior which could be extracted from email header. It also put forward a hybrid feature selection approach based on combination of content-based and behavior-based. The approach could mine the attacker behavior based on email header. On a publicly available test corpus, our hybrid features selections are able to achieve 96% accuracy rate. In addition, we successfully tested the quality of our proposed behavior-based feature using the information gain.

Using feature selection and classification scheme for automating phishing email detection

Email has become the critical communication medium for most organizations. Unfortunately, email-born attacks in computer networks are causing considerable economic losses worldwide. Exiting phishing email blocking appliances have little effect in weeding out the vast majority of phishing emails. At the same time, online criminals are becoming more dangerous and sophisticated. Phishing emails are more active than ever before and putting the average computer user and organizations at risk of significant data, brand and financial loss. In this paper, we propose a hybrid feature selection approach based combination of content-based and behaviour-based. The approach could mine the attacker behaviour based on email header. On a publicly available test corpus, our hybrid features selection is able to achieve 94% accuracy rate.

An approach for profiling phishing activities

Phishing attacks continue unabated to plague Internet users and trick them into providing personal and confidential information to phishers. In this paper, an approach for email-born phishing detection based on profiling and clustering techniques is proposed. We formulate the profiling problem as a clustering problem using various features present in the phishing emails as feature vectors and generate profiles based on clustering predictions. These predictions are further utilized to generate complete profiles of the emails. We carried out extensive experimental analysis of the proposed approach in order to evaluate its effectiveness to various factors such as sensitivity to the type of data, number of data sizes and cluster sizes. We compared the performance of the proposed approach against the Modified Global Kmeans (MGKmeans) approach. The results show that the proposed approach is efficient as compared to the baseline approach.

Phishing Email Feature Selection Approach

Phishing emails are more dynamic and cause high risk of significant data, brand and financial loss to average computer user and organizations. To address this problem, we propose a hybrid feature selection approach based on combination of content-based and behavior-based. Our proposed hybrid features selections are able to achieve 93% accuracy rate as compared to other approaches. In addition, we successfully tested the quality of our proposed behavior-based feature using the Information Gain, Gain Ratio and Symmetrical Uncertainty

Investigating machine learning techniques for detection of depression using structural MRI volumetric features

Structural MRI offers anatomical details and high sensitivity to pathological changes. It can demonstrate certain patterns of brain changes present at a structural level. Research to date has shown that volumetric analysis of brain regions has importance in depression detection. However, such analysis has had very minimal use in depression detection studies at individual level. Optimally combining various brain volumetric features/attributes, and summarizing the data into a distinctive set of variables remain difficult. This study investigates machine learning algorithms that automatically identify relevant data attributes for depression detection. Different machine learning techniques are studied for depression classification based on attributes extracted from structural MRI (sMRI) data. The attributes include volume calculated from whole brain, white matter, grey matter and hippocampus. Attributes subset selection is performed aiming to remove redundant attributes using three filtering methods and one hybrid method, in combination with ranker search algorithms. The highest average classification accuracy, obtained by using a combination of both SVM-EM and IG-Random Tree algorithms, is 85.23%. The classification approach implemented in this study can achieve higher accuracy than most reported studies using sMRI data, specifically for detection of depression.

Profiling Phishing Email Based on Clustering Approach

In this paper, an approach for profiling email-born phishing activities is proposed. Profiling phishing activities are useful in determining the activity of an individual or a particular group of phishers. By generating profiles, phishing activities can be well understood and observed. Typically, work in the area of phishing is intended at detection of phishing emails, whereas we concentrate on profiling the phishing email. We formulate the profiling problem as a clustering problem using the various features in the phishing emails as feature vectors. Further, we generate profiles based on clustering predictions. These predictions are further utilized to generate complete profiles of these emails. The performance of the clustering algorithms at the earlier stage is crucial for the effectiveness of this model. We carried out an experimental evaluation to determine the performance of many classification algorithms by incorporating clustering approach in our model. Our proposed profiling email-born phishing algorithm (ProEP) demonstrates promising results with the RatioSize rules for selecting the optimal number of clusters.

One-Way ANOVA Model with Fuzzy Data for Consumer Demand

This paper presents a statistical method which could distinguish the customer’s demand into different type whereby fuzzy data is in consideration. A one-way analysis of variance (ANOVA) model for fuzzy data is introduced with hypothesis test, \( F \)-test, which is the pivot statistic in ANOVA model. In the experiment, several different factors in testing with one-way ANOVA model are considered. The results of this study indicate that the solution method introduced in this paper could give decision maker a result with favorable degree of each factor. This kind of result is beneficial to the decision maker and retailer to distinguish which factor is the most critical for the customer and with how much amount of products would be allocated for customers.

Extended Local Mean-Based Nonparametric Classifier for Cervical Cancer Screening

Malignancy associated changes approach is one of possible strategies to classify a Pap smear slide as positive (abnormal) or negative (normal) in cervical cancer screening procedure. The malignancy associated changes (MAC) approach acquires analysis of the cells as a group as the abnormal phenomenon cannot be detected at individual cell level. However, the existing classification algorithms are limited to automation of individual cell analysis task as in rare event approach. Therefore, in this paper we apply extended local-mean based nonparametric classifier to automate a group of cells analysis that is applicable in MAC approach. The proposed classifiers extend the existing local mean-based nonparametric techniques in two ways: voting and pooling schemes to label each patient’s Pap smear slide. The performances of the proposed classifiers are evaluated against existing local mean-based nonparametric classifier in terms of accuracy and area under receiver operating characteristic curve (AUC). The extended classifiers show favourable accuracy compared to the existing local mean-based nonparametric classifier in performing the Pap smear slide classification task.

Comparative Studies of Information Retrieval Approaches in User-Centered Health Information System

In this paper, a comparative studies of different methods deployed in addressing problems of user-centered health information retrieval systems were investigated. The reason for the comparative studies is to identify the approach that best addressed the readability and vocabulary mismatched issues encountered by laymen patients and their relatives in exploring information extracted from medical discharge documents and clinical reports online. We discussed and presented the performance of information retrieval systems in previous research works. We concentrated on classifying and comparing the three approaches used in health information retrieval which are Vector Space Model (VSM), Language Based Approach Model (LM) and Context Based Approach (CBA). The usefulness of incorporating controlled vocabularies such as Metamap, UMLS, external, MeSH, etc. was extensively discussed. The result shows that the Language Based Approach systems achieved better results as compared to the Vector Space Model Approach and Context Based Approach Systems. The Language Based Approach Systems managed to acquire 0.4146, 0.7560 and 0.7445 for Mean Average Precision, Precision @ 10 and Normalized Discontinued Cumulative Gains @ 10 respectively. Hence, we conclude based on the outcome of the comparative studies and our experimental results that the language modeling models is best suited to be deployed in addressing the problems of returning relevant information by user centered health information retrievals to users.

Android Malware Detection Based on Network Traffic Using Decision Tree Algorithm

Android mobile operating system has well developed and gained absolute popularity among user. Although android is an open source operating system, it fits user daily life requirement nowadays. However, this is the reason why android malware keep on increasing every year. There are various method used to detect the occurrence of android malware such as based on static or dynamic analysis. Static analysis is favourable approach because it is quick and inexpensive. However, the static analysis unable to monitor the malicious application behavior during runtime. Therefore, we proposed a dynamic detection technique based on network traffic which records the application behavior during runtime. We consider seven network traffic features extracted from Drebin and Contagiodumpset dataset. The Drebin dataset achieved higher accuracy value with 98.4% as compared to Contagiodumpset dataset when tested using J48 decision tree algorithm.