Department of Technical Educational

Capstone Project

Format- 1

Project Scope Document

Capstone Project Scope Document

The capstone project scope clearly describes what the capstone project will deliver and
outlines all the work required for completing the capstone project.

Capstone Project Title: SpearPhishing Susceptibility Stemming From

Personality Traits.

Group Members : 1. Mr. VEERESH H HIREMATH(Project lead)

2. Mr. SACHIN V PATTAR (Development lead)
3. Mr. SANDEEP S SATIHAL(Documenter lead)
4. Mr. RAHUL S TALIKOTI(Development lead)

Problem Statement : Compared to spam filtering a few researches have been done so far
in detecting phishing emails which distinguish them from ham emails. One of the most
critical aspects to distinguish between phishing and ham email is unknown zero-day
phishing email before it get to user because the phisher is able to use unknown features
or techniques in his/her attack.
The current approaches have many problems to deal with phishing email included
unknown zero-day attack which causes high level of false positives (FPs) false negatives
(FNs) and low level of accuracy in classification process. However FP denotes non-
phishing e-mails marked as phishing whereas FN represents the misidentification of a
phishing e-mail.
Objectives : To enhance the level of accuracy and trust for financial organizations by
decreasing the level of phishing email attack. To work low memory footprint and trying to
put solutions for problems of other techniques. To evaluate the proposed framework
against using approaches for the purpose of phishing email detection. To improve the
performance and accuracy in terms of the classification and prediction of phishing e-mail in
the future to.
Capstone project description : Phishing email attacks are intelligently crafted social
engineering email attacks in which victims are conned by email to websites that
impersonate legitimate sites. Victims of phishing email attacks perceive these sites to be
associated with trusted companies such as Amazon or Google and hence are tricked into
logging into such sites and sharing sensitive information. The message is divided into two
parts one for the training classifier and the other for the test classifier model. The link and
psychosocial features are extracted from the mail used as training to obtain the feature
vector of the training set. Training is performed using the feature vector of the training set
to obtain the required classifier model. Then the characteristics of the mail used as the test
classifier are extracted and the previously trained classifier model is used for classification
and finally the mail of the test set is classified into a phishing email. Based on the results of
this analysis we propose email address separation as a way for users to detect phishing
emails and reason about (c) Wisen IT Solutions Page 2 of 24 its effectiveness against several
typical types of phishing attacks. We find that email address separation has the potential to
greatly reduce the perceived authenticity of general phishing emails that target a large
amount of users e.g. by impersonating a popular service and spreading malware or links to
phishing websites. It is however not likely to prevent more sophisticated phishing attacks
that do not depend on the impersonation of a previously known organization or entity. Our
results motivate further studies to analyze the usability and applicability of the proposed
method and to determine whether address separation has additional positive effects on
users phishing awareness or automated phishing detection.
Capstone project deliverables : Phishing is one of many computer security attacks in
which the attacker tries to trick people into fake website that is masqueraded to look
and feel like the authentic website thus prompting the victim to share sensitive
information or install hidden malware on their computers. Phishing known as method
which stealing personal and financial data that convince people to participate on
unwittingly money laundering.
Phishing link dispersing are associate with a number of methods this paper focuses on
email message as a means to send phishing website links which spoof or mimic banks
credit card and companies or other ecommerce
Key milestones : Reduces the resources used for processing purpose, Outstanding
Learning Capabilities , Simple to use and interpret , Have Well
Understood Formal Properties , Simple to understand and interpret , Increased efficiency
and speed
Constraints : Phishing is one of many computer security attacks in which the attacker tries
to trick people into fake website that is masqueraded to look and feel like the authentic
website thus prompting the victim to share sensitive information or install hidden malware
on their computers. Phishing known as method which stealing personal and financial data
that convince people to participate on unwittingly money laundering. Phishing link
dispersing are associate with a number of methods this paper focuses on email message as
a means to send phishing website links which spoof or mimic banks credit card and
companies or other ecommerce. The emails in the training data set are prepared and
filtered such that they can be transformed into a data format that is easily and effectively
processed in subsequent steps of building the classifier. The emails in our chosen training
data set are available in plain text format which needs to be pre-processed.
Estimated project duration : The estimated duration of the project takes around two
months.
Estimated project cost : The estimated cost of the project is 6,500.

Date : signature of the student

Signature of the cohort owner