Phishing is a cyber-attack that is a plague in today's digital society. AI solutions are already being used to detect phishing emails, but they typically do not address the problem of explaining to users why certain emails are considered dangerous. This leads to users not understanding the risk and/or not trusting the defense system, resulting in higher success rates of phishing attacks. This paper presents an XAI-based solution to classify phishing emails and alert users to the risk by explaining the reasons behind the attacks. We compared different ML models using a subset of features that can be explained and understood by non-IT users. We found that Explainable Boosting Machine was the best choice for a high-performance and interpretable classifier for email phishing detection.
Explaining Phishing Attacks: An XAI Approach to Enhance User Awareness and Trust
Greco Francesco;Desolda Giuseppe;Esposito Andrea
2023-01-01
Abstract
Phishing is a cyber-attack that is a plague in today's digital society. AI solutions are already being used to detect phishing emails, but they typically do not address the problem of explaining to users why certain emails are considered dangerous. This leads to users not understanding the risk and/or not trusting the defense system, resulting in higher success rates of phishing attacks. This paper presents an XAI-based solution to classify phishing emails and alert users to the risk by explaining the reasons behind the attacks. We compared different ML models using a subset of features that can be explained and understood by non-IT users. We found that Explainable Boosting Machine was the best choice for a high-performance and interpretable classifier for email phishing detection.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.