TY - GEN
T1 - Benchmarking the Robustness of Phishing Email Detection Systems
AU - Ampel, Benjamin M.
AU - Gao, Yang
AU - Hu, James
AU - Samtani, Sagar
AU - Chen, Hsinchun
N1 - Publisher Copyright:
© 2023 29th Annual Americas Conference on Information Systems, AMCIS 2023. All rights reserved.
PY - 2023
Y1 - 2023
N2 - Social engineering attacks are currently the most cited cybersecurity threat to organizations. Phishing emails are the most salient form of social engineering attacks. Organizations are increasingly implementing AI-enabled systems to detect phishing emails. However, AI-enabled systems are often susceptible to textual perturbations, where an adversary makes a small change to cause a misclassification. In this study, we sought to identify the performance of prevailing phishing email detection systems (PEDS) against character, word, sentence, and multi-level adversarial text perturbations. Through a principled benchmarking framework, we quantitatively demonstrated the lack of robustness prevailing PEDS have to specific types of text-based adversarial perturbations (e.g., character, word, sentence, multi-level). The results of this study provide new insights into the robustness of AI-based PEDS and highlight the need for organizations to adopt a multi-layered approach to phishing protection. Additionally, organizations can implement our benchmark framework to test their PEDS against adversarial perturbations.
AB - Social engineering attacks are currently the most cited cybersecurity threat to organizations. Phishing emails are the most salient form of social engineering attacks. Organizations are increasingly implementing AI-enabled systems to detect phishing emails. However, AI-enabled systems are often susceptible to textual perturbations, where an adversary makes a small change to cause a misclassification. In this study, we sought to identify the performance of prevailing phishing email detection systems (PEDS) against character, word, sentence, and multi-level adversarial text perturbations. Through a principled benchmarking framework, we quantitatively demonstrated the lack of robustness prevailing PEDS have to specific types of text-based adversarial perturbations (e.g., character, word, sentence, multi-level). The results of this study provide new insights into the robustness of AI-based PEDS and highlight the need for organizations to adopt a multi-layered approach to phishing protection. Additionally, organizations can implement our benchmark framework to test their PEDS against adversarial perturbations.
KW - Information security and privacy
KW - Phishing detection
KW - artificial intelligence
KW - benchmarking
KW - cybersecurity
UR - http://www.scopus.com/inward/record.url?scp=85190271107&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85190271107&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85190271107
T3 - 29th Annual Americas Conference on Information Systems, AMCIS 2023
BT - 29th Annual Americas Conference on Information Systems, AMCIS 2023
PB - Association for Information Systems
T2 - 29th Annual Americas Conference on Information Systems: Diving into Uncharted Waters, AMCIS 2023
Y2 - 10 August 2023 through 12 August 2023
ER -