Intensify Cloud Security and Privacy Against Phishing Attacks

Abstract

The world of computation has shifted from centralized (client-server, not web-based) to distributed systems during the last three decades. We are now reverting to virtual centralization, i.e., Cloud Computing (CC). In the world of computation, the location of data and processes makes all the difference. A person has complete control over the data and operations in their computer. On the other side, CC involves a vendor providing service and data upkeep. At the same time, the client/customer is ignorant of where the processes are operating or where the data is kept. As a result, the client does not influence it and doesn't have the right to do it. When it comes to data security in cloud computing, the vendor must guarantee service level agreements (SLAs) to persuade the client. As a result, the SLA must define several degrees of security and their complexity depending on the benefits for the client to comprehend the security rules in place. Phishing is a social engineering assault that is frequently used to obtain user information, such as login passwords and credit card details. It happens when an attacker poses as a trustworthy entity and tricks the victim into opening an e-mail, instant message, or text message. In this research paper, the methodology that tries to identify the phishing attack in the cloud eco-system has been explored and mentioned. The approach used here classifies the malicious and non-malicious URLs.