This research paper introduces APOLLO, a tool that leverages the power of OpenAI's GPT-4o to combat phishing attacks. The paper focuses on two primary aspects:
Bibliographic Information: Desolda, G., Greco, F., & Viganò, L. (Year not provided). APOLLO: A GPT-based tool to detect phishing emails and generate explanations that warn users.
Research Objective: The research aims to evaluate the effectiveness of a GPT-based tool in detecting phishing emails and generating user-friendly explanations to improve user awareness and decision-making in the face of phishing threats.
Methodology: The researchers developed APOLLO, a Python-based tool that utilizes GPT-4o. The tool preprocesses emails, enriches URLs with threat intelligence data from VirusTotal and BigDataCloud, and then feeds this information to GPT-4o. Two prompts are used: the first classifies the email as phishing or legitimate and generates an initial explanation, while the second refines the explanation based on specific phishing features. The researchers evaluated APOLLO's performance in classifying phishing emails using a dataset of 4000 emails, analyzing accuracy, precision, recall, and F1-score. They also investigated the impact of incorporating URL information from VirusTotal on classification accuracy. Additionally, a user study was conducted to assess user perception of the warnings generated by APOLLO.
Key Findings:
Main Conclusions:
Significance: This research significantly contributes to the field of phishing prevention by demonstrating the potential of LLMs in automating phishing detection and generating effective user warnings.
Limitations and Future Research: The study acknowledges limitations in terms of evaluating the individual effects of different URL enrichment sources and the stability of predicted probabilities. Future research should address these limitations and explore the generalization of the approach to other phishing contexts, such as websites and social media. Additionally, investigating the long-term impact of LLM-generated warnings on user behavior and phishing susceptibility is crucial.
In eine andere Sprache
aus dem Quellinhalt
arxiv.org
Tiefere Fragen