Skip to main content

Research Repository

Advanced Search

A Mamdani Type Fuzzy Inference System to Calculate Employee Susceptibility to Phishing Attacks

Lambat, Yahya; Ayres, Nick; Maglaras, Leandros; Ferrag, Mohamed Amine


Yahya Lambat

Nick Ayres

Mohamed Amine Ferrag


It is a well known fact that the weakest link in a cyber secure system is the people who configure, manage or use it. Security breaches are persistently being attributed to human error. Social engineered based attacks are becoming more sophisticated to such an extent where they are becoming increasingly more difficult to detect. Companies implement strong security policies as well as provide specific training for employees to minimise phishing attacks, however these practices rely on the individual adhering to them. This paper explores fuzzy logic and in particular a Mamdani type fuzzy inference system to determine an employees susceptibility to phishing attacks. To negate and identify the susceptibility levels of employees to social engineering attacks a Fuzzy Inference System FIS was created through the use of fuzzy logic. The utilisation of fuzzy logic is a novel way in determining susceptibility due to its ability to resemble human reasoning in order to solve complex inputs, or its Interpretability and simplicity to be able to compute with words. This proposed fuzzy inference system is based on a number of criteria which focuses on attributes relating to the individual employee as well as a companies practices and procedures and through this an extensive rule base was designed. The proposed scoring mechanism is a first attempt towards a holistic solution. To accurately predict an employees susceptibility to phishing attacks will in any future system require a more robust and relatable set of human characteristics in relation to the employee and the employer.

Journal Article Type Article
Acceptance Date Sep 28, 2021
Online Publication Date Sep 29, 2021
Publication Date Sep 29, 2021
Deposit Date Dec 20, 2022
Publicly Available Date Jan 4, 2023
Journal Applied Sciences
Publisher MDPI
Peer Reviewed Peer Reviewed
Volume 11
Issue 19
Article Number 9083
Keywords fuzzy logic; FIS; mamdani; social engineering; rule set
Public URL


You might also like

Downloadable Citations