Bibliografia
Ostatnia aktualizacja: 2026-05-27
Pełna lista referencji. Publikacje z [PDF] posiadają pełne podsumowanie w bazie wiedzy.
A. Detekcja spear phishingu — klasyfikacja i detection
[1] Nahmias, D., Engelberg, G., Klein, D., & Shabtai, A. (2024). [PDF]
Prompted Contextual Vectors for Spear-Phishing Detection.
arXiv:2402.08309
→ publications/with-pdf/nahmias-contextual-vectors-spear-phishing-2024/
Rdzeniowy paper projektu: LLM wyodrębnia Prompted Contextual Vectors (persuasion principles) jako cechy; F1=91% na zbiorze mieszanym; dataset publiczny. Baseline dla SP-1.
[2] Ho, G., Cidon, A., Gavish, L. et al. (2019). Detecting and Characterizing Lateral Phishing at Scale. USENIX Security 2019. arXiv:1910.00790 Pierwsza wielka analiza lateral phishingu (113M emaili, 92 przedsiębiorstwa); classifier z >90% precision; analiza zachowań atakującego. Foundational dla enterprise spear phishing.
[3] Dewan, P., Kashyap, A., & Kumaraguru, P. (2014). Analyzing Social and Stylometric Features to Identify Spear Phishing Emails. arXiv:1406.3692 Profil OSINT (LinkedIn) + cechy stylistyczne na zbiorze Symantec (4742 emaile). Baza dla rozszerzenia o gradient OSINT.
[4] Ghiurutan, C., & Oprisa, C. (2025). Hybrid Spear-Phishing Email Detection with LLM and Machine Learning. IEEE CSNET 2025. DOI: 10.1109/csnet67572.2025.11288187 Hybrydowy detektor LLM+ML jako direct competitor dla proponowanego klasyfikatora.
[5] Li, T., & Cheng, X. (2023). Spear-Phishing Detection Method Based on Few-Shot Learning. DOI: 10.1007/978-981-99-7872-4_20 Few-shot learning — ważne bo przy high-personalization mamy mało labeled data per atakujący.
[6] Bhadane, A., & Mane, S. (2018). Detecting Lateral Spear Phishing Attacks in Organisations. IET Information Security. DOI: 10.1049/iet-ifs.2018.5090 Detekcja lateral phishingu wewnątrz korporacji; sender-behavior modeling.
[7] Luo, E., Young, E., Ho, G. et al. (2024). Characterizing the Networks Sending Enterprise Phishing Emails. arXiv:2412.12403 Infrastruktura sieci wysyłających phishing do przedsiębiorstw; attackers’ operational security.
[8] Basit, A., Zafar, M., Liu, X. et al. (2020). A Comprehensive Survey of AI-Enabled Phishing Attacks Detection Techniques. Telecommunication Systems (Springer). DOI: 10.1007/s11235-020-00733-2 Survey AI dla detekcji phishingu; punkt odniesienia dla related work i pozycjonowania projektu.
[9] Evans, K., Abuadbba, A., Wu, T. et al. (2021). RAIDER: Reinforcement-Aided Spear Phishing Detector. arXiv:2105.07582. DOI: 10.1007/978-3-031-23020-2_2 RL-based feature selection dla per-mailbox sender-profile; radzi sobie z heterogenicznymi bazami emaili.
[10] Gascon, H., Ullrich, S., Stritter, B., & Rieck, K. (2018). Reading Between the Lines: Content-Agnostic Detection of Spear-Phishing Emails. RAID 2018. DOI: 10.1007/978-3-030-00470-5_22 Behavioral sender-profile model bez analizy treści — komplementarne do content-based podejścia; istotne dla scenariusza GDPR gdzie treść emaili jest chroniona.
[11] Gholampour, P. M., & Verma, R. (2023). Adversarial Robustness of Phishing Email Detection Models. ACM IWSPA 2023. DOI: 10.1145/3579987.3586567 [26 cytowań] Systematyczne badanie adversarial ataków na klasyfikatory phishingu; 26 cytowań. Kluczowe dla SP-5.
[12] Jáñez-Martino, F., Aláiz-Rodríguez, R., González-Castro, V. et al. (2022). A Review of Spam Email Detection: Analysis of Spammer Strategies and the Dataset Shift Problem. Artificial Intelligence Review (Springer). DOI: 10.1007/s10462-022-10195-4 [108 cytowań] Concept drift i dataset shift w detekcji phishingu/spamu; 108 cytowań. Kluczowe dla temporal robustness — modele wytrenowane na P1-data degradują z czasem.
B. OSINT — profilowanie i attack surface
[13] Pastor-Galindo, J., Nespoli, P., Gomez-Marmol, F., & Martinez-Perez, G. (2020). The Not Yet Exploited Goldmine of OSINT: Opportunities, Open Challenges and Future Trends. IEEE Access. DOI: 10.1109/access.2020.2965257 [155 cytowań] Najbardziej cytowany survey OSINT dla cybersecurity; lista źródeł, technik i wyzwań. Tło dla crawlera APS.
[14] Nobili, A., & Martina, S. (2023). Review OSINT Tool for Social Engineering. Frontiers in Big Data. DOI: 10.3389/fdata.2023.1169636 Przegląd narzędzi OSINT dla social engineering; lista źródeł i technik rekonesansu.
[15] Xu, H., Singh, V., & Rajivan, P. (2022). Personalized Persuasion: Quantifying Susceptibility to Information Exploitation in Spear-Phishing Attacks. Applied Ergonomics (Elsevier). DOI: 10.1016/j.apergo.2022.103908 Kwantyfikacja podatności na personalizację OSINT; bezpośrednie powiązanie z definicją APS (#SP-2).
[16] Polakis, I., Kontaxis, G., Antonatos, S. et al. (2010). Using Social Networks to Harvest Email Addresses. ACM WPES. DOI: 10.1145/1866919.1866922 Foundational: harvesting emaili i danych z social networks; kontekst automated OSINT.
[17] Walkow, M., & Pöhn, D. (2023). Systematically Searching for Identity-Related Information in the Internet with OSINT Tools. ICISSP 2023. DOI: 10.5220/0011644200003405 Formalna analiza narzędzi OSINT do profilowania tożsamości — metodologiczny kontekst dla budowy crawlera APS i rankingowania źródeł (#SP-3).
C. LLM-generated attacks — generacja i ewaluacja
[18] Bethany, M., Galiopoulos, A. et al. (2025). Lateral Phishing With Large Language Models: A Large Organization Comparative Study. IEEE Access. DOI: 10.1109/access.2025.3555500 Kontrolowany eksperyment (9,000 pracowników): LLM vs. human-written lateral phishing. Silne empiryczne wsparcie dla H1 — personalizacja LLM działa; kluczowy punkt odniesienia dla SP-1.
[19] Hazell, J. (2023). [PDF]
Spear Phishing With Large Language Models.
arXiv:2305.06972
→ publications/with-pdf/hazell-spear-phishing-llm-2023/
Landmark: GPT-4 generuje spersonalizowane emaile dla 600+ UK MPs. Red-team setup dla SP-1; baseline kosztów i jakości LLM-generated spear phishing.
[20] Afane, A., Wei, W., Mao, Z., Farooq, M., & Chen, X. (2024). Next-Generation Phishing: How LLM Agents Empower Cyber Attackers. IEEE BigData 2024. DOI: 10.1109/bigdata62323.2024.10825018 LLM agents jako autonomiczni aktorzy; autonomizacja kampanii phishingowych; future threat modeling.
[21] Eze, C. S., & Shamir, L. (2024). [PDF]
Analysis and Prevention of AI-Based Phishing Email Attacks.
arXiv:2405.05435
→ publications/with-pdf/eze-ai-phishing-prevention-2024/
Profile stylistyczne AI-generated vs. human phishing; 297 cech UDAT; open corpus 865 emaili. Dataset dla red-team ewaluacji i walidacji SP-10.
[22] Kulkarni, H., Balachandran, V., Divakaran, D. M., & Das, D. (2025). From ML to LLM: Evaluating the Robustness of Phishing Web Page Detection Models against Adversarial Attacks. ACM DTRAP. DOI: 10.1145/3737295 Adversarial robustness web phishing detectors vs. LLM-generated content; metodologia przenaszalna na email; istotne dla SP-5.
[23] Hasan, N., BusiReddyGari, P., Zhao, H. et al. (2025). [PDF]
Phishing Email Detection Using Large Language Models (LLMPEA).
arXiv:2512.10104
→ publications/with-pdf/hasan-llm-phishing-detection-2025/
Benchmark GPT-4o, Claude Sonnet, Grok-3; adversarial prompt injection; baseline comparison. Kluczowe dla SP-11.
[24] Brundage, M., Avin, S., Clark, J. et al. (2018). The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation. DOI: 10.17863/cam.22520 Foundational framing malicious AI; standardowy point of reference dla threat modeling z LLM.
D. Taksonomia, human factors i susceptibility
[25] Wassermann, G., Meyer, P., Goutal, S., & Riquet, F. (2023). [PDF]
Targeted Attacks: Redefining Spear Phishing and Business Email Compromise.
arXiv:2309.14166
→ publications/with-pdf/wassermann-targeted-attacks-spear-phishing-2023/
Taksonomia targeted attacks; GC1-GC4 cele ataku; SP vs. BEC jako odrębne typy. Foundational dla definicji i SP-8, SP-9.
[26] Butavicius, M., Parsons, K., Pattinson, M., & McCormac, A. (2016). Breaching the Human Firewall: Social Engineering in Phishing and Spear-Phishing Emails. arXiv:1606.00887 Authority, scarcity, social proof wpływają na click-rate; spear-phishing najtrudniejszy. Tło teorii Cialdini dla persuasion-based personalizacji.
[27] Eftimie, S., Moinescu, R., & Racuciu, C. (2022). Spear-Phishing Susceptibility Stemming From Personality Traits. IEEE Access. DOI: 10.1109/access.2022.3161584 Big Five + spear phishing susceptibility; różnice demograficzne i osobowościowe. Powiązane z moderatorami podatności (#SP-4, SP-1 post-hoc).
[28] Meyers, J. (2018). Training Security Professionals in Social Engineering with OSINT and Sieve. BYU Scholars Archive. Praktyczne szkolenie OSINT dla social engineering; metodologiczny kontekst zbierania danych.
E. Infrastruktura i telemetria
[29] Rahman, A. (2026). CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection. arXiv:2603.23459 Ujednolicony schemat dla heterogenicznej telemetrii bezpieczeństwa; przydatne jeśli projekt rozszerzy się na enterprise deployment.
F. Indeks cytowań i powiązań
| ID | Autorzy | Rok | Cytowania | Powiązane idee |
|---|---|---|---|---|
| [1] | Nahmias et al. | 2024 | n/a | SP-1 (PCV baseline), SP-7 (auto-pytania) |
| [2] | Ho et al. | 2019 | n/a | SP-1 (lateral phishing enterprise baseline) |
| [3] | Dewan et al. | 2014 | n/a | SP-1 (stylometric + OSINT baseline) |
| [4] | Ghiurutan & Oprisa | 2025 | n/a | SP-1 (competitor) |
| [5] | Li & Cheng | 2023 | n/a | SP-1 (few-shot dla high-personalization) |
| [6] | Bhadane & Mane | 2018 | n/a | SP-1 (lateral phishing detection) |
| [7] | Luo et al. | 2024 | n/a | SP-9 (infrastruktura ataków) |
| [8] | Basit et al. | 2020 | n/a | related work survey |
| [9] | Evans et al. | 2021 | n/a | SP-1 (per-mailbox profiling) |
| [10] | Gascon et al. | 2018 | n/a | SP-1 (content-agnostic baseline) |
| [11] | Gholampour & Verma | 2023 | ~26 | SP-5 (adversarial robustness) |
| [12] | Jáñez-Martino et al. | 2022 | ~108 | SP-1 (concept drift, temporal validity) |
| [13] | Pastor-Galindo et al. | 2020 | ~155 | SP-2 (APS crawler background) |
| [14] | Nobili & Martina | 2023 | n/a | SP-2 (OSINT tools) |
| [15] | Xu et al. | 2022 | n/a | SP-2 (APS — podatność na personalizację) |
| [16] | Polakis et al. | 2010 | n/a | SP-2 (social network harvesting) |
| [17] | Walkow & Pöhn | 2023 | ~3 | SP-2, SP-3 (OSINT identity profiling) |
| [18] | Bethany et al. | 2025 | n/a | SP-1 (LLM lateral phishing, kontrolowany eksperyment) |
| [19] | Hazell | 2023 | n/a | SP-1 (GPT-4 spear phishing, red-team setup) |
| [20] | Afane et al. | 2024 | n/a | SP-1 (future threat landscape) |
| [21] | Eze & Shamir | 2024 | n/a | SP-10 (stylometria AI phishing) |
| [22] | Kulkarni et al. | 2025 | n/a | SP-5 (adversarial robustness) |
| [23] | Hasan et al. | 2025 | n/a | SP-11 (LLM-based detector, prompt injection) |
| [24] | Brundage et al. | 2018 | n/a | background — malicious AI |
| [25] | Wassermann et al. | 2023 | n/a | SP-8 (GC1-GC4 taxonomy), SP-9 (benchmark) |
| [26] | Butavicius et al. | 2016 | n/a | SP-1 (persuasion cues) |
| [27] | Eftimie et al. | 2022 | n/a | SP-4 (Big Five + susceptibility) |
| [28] | Meyers | 2018 | n/a | SP-2 (OSINT methodology) |
| [29] | Rahman | 2026 | n/a | SP-9 (telemetria — opcjonalnie) |
G. Format cytowań (IEEE)
[1] D. Nahmias, G. Engelberg, D. Klein, and A. Shabtai, "Prompted Contextual Vectors
for Spear-Phishing Detection," arXiv:2402.08309, 2024.
[2] G. Ho et al., "Detecting and Characterizing Lateral Phishing at Scale,"
in Proc. USENIX Security, 2019. arXiv:1910.00790
[3] P. Dewan, A. Kashyap, and P. Kumaraguru, "Analyzing Social and Stylometric Features
to Identify Spear Phishing Emails," arXiv:1406.3692, 2014.
[11] P. M. Gholampour and R. Verma, "Adversarial Robustness of Phishing Email Detection
Models," in Proc. ACM IWSPA, 2023. DOI: 10.1145/3579987.3586567
[12] F. Jáñez-Martino et al., "A Review of Spam Email Detection: Analysis of Spammer
Strategies and the Dataset Shift Problem," Artif. Intell. Rev., 2022.
DOI: 10.1007/s10462-022-10195-4
[15] H. Xu, V. Singh, and P. Rajivan, "Personalized Persuasion: Quantifying Susceptibility
to Information Exploitation in Spear-Phishing Attacks," Appl. Ergon., 2022.
DOI: 10.1016/j.apergo.2022.103908
[17] M. Walkow and D. Pöhn, "Systematically Searching for Identity-Related Information
in the Internet with OSINT Tools," in Proc. ICISSP, 2023.
DOI: 10.5220/0011644200003405
[18] M. Bethany et al., "Lateral Phishing With Large Language Models: A Large Organization
Comparative Study," IEEE Access, 2025. DOI: 10.1109/access.2025.3555500
[19] J. Hazell, "Spear Phishing With Large Language Models," arXiv:2305.06972, 2023.
[25] G. Wassermann et al., "Targeted Attacks: Redefining Spear Phishing and Business Email
Compromise," arXiv:2309.14166, 2023.