Malicious/Phishing URL Detection System in A Network with Raspberry Pi (NETBITS)
Keywords:
Phishing, Network Intrusion, URL Detection, Raspberry PiAbstract
Phishing is an online fraudulent act that has affected many organisations. Organisation and home networks are becoming more susceptible to attacks with the emergence of more and more malicious and phishing URLs, and the increase significance of communication and data storage on the internet. Firewall and antivirus may not be enough against such intrusion. Without a secure and efficient detection system, a local network can easily be penetrated by the attackers or unauthorized individuals. Several existing network intrusion detection products are available out there, but those systems are usually integrated with large-scale hardware and difficult for the public to set up, use readily and carry everywhere. This paper reports on a system development project to design and develop a cross-platform malicious/phishing URL detection system, referred to as Netbits. Netbits, built using Django framework based on Python language and installed on Raspberry Pi, can monitor network traffic flow for any malicious activities in real-time. The simulation carried out in a network environment and testing performed showed that Netbits system can detect malicious activities and display the infected scans. Nevertheless, more enhancements may be required before rolling out Netbits to the public
References
A. A. Orunsolu, A. S. Sodiya & A. T. Akinwalre, “A predictive model for phishing detection.” Journal of King Saud University - Computer and Information Sciences, vol. 34(2), pp. 232–247, 2022.
J. Vijayan. (2022) Dark Reading. [Online]. Available: https://www.darkreading.com/attacks-breaches/more-orgs-experienced-a-successful-phishing-attack-in-2021-than-year-before
M. Korolov. (2016) CSO. [Online]. Available: https://www.csoonline.com/article/3154714/ransomware-took-in-1-billion-in-2016-improved-defenses-may-not-be-enough-to-stem-the-tide.html
M. Jalali, M. Bruckes, D. Westmattelmann & G. Schewe, “Why Employees (Still) Click on Phishing Links: Investigation in Hospitals.” Journal of Medical Internet Research, vol. 22(1), 2020.
S. Fadilpaši?. (2019) ITProPortal. [Online]. Available: https://www.itproportal.com/news/nearly-half-of-workers-have-clicked-on-a-phishing-link/
J. Yuan, Y. Liu, and L. Yu, “A Novel Approach for Malicious URL Detection Based on the Joint Model,” Security and Communication Networks, vol. 2021, p. 4917016, 2021.
S. A. Sokolov, T. B. Iliev, and I. S. Stoyanov, “Analysis of Cybersecurity Threats in Cloud Applications Using Deep Learning Techniques,” in 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2019, pp. 441–446.
F. Alsakran, G. Bendiab, S. Shiaeles, and N. Kolokotronis, “Intrusion Detection Systems for Smart Home IoT Devices: Experimental Comparison Study BT - Security in Computing and Communications,” Communications in Computer and Information Science, vol 1208, pp. 87–98, 2020.
Open Information Security Foundation (OISF) (2021) Suricata (Version 6.0.3). [Online]. Available: https://suricata-ids.org Cisco (2021) Snort (Version 3.0). [Online]. Available: https://www.snort.org
Fail2ban. (2019) Anti Brute Forcing System (Version 0.11.2) [Online]. Available: https://www.fail2ban.org/wiki/index.php/Main_Page
S. Tripathi and R. Kumar, “Raspberry Pi as an Intrusion Detection System, a Honeypot and a Packet Analyzer,” in 2018 International Conference on Computational Techniques, Electronics and Mechanical Systems (CTEMS), 2018, pp. 80–85.
Google Chronical Security (2022) VirusTotal. [Online]. Available: https://www.virustotal.com/