Albao, Antionne Matthew G.; De Guzman, Marcus Cairo; Jayme, Daryl Nicole C.
Securing local e-commerce businesses against cyber attacks using deep learning algorithms
- Capstone Projects: (Bachelor of Science in Information Technology) - Pamantasan ng Lungsod ng Maynila, 2025
ABSTRACT: The rapid growth of the e-commerce sector has made transactions more convenient, but it has also exposed small e-commerce businesses with limited resources to increased cybersecurity threats. This study focuses on three primary cybersecurity risks: malicious URLs leading to phishing schemes on e-commerce platforms, brute force hacking causing data breaches, and cyber defamation through fraudulent reviews. These issues can result in reputational damage, critical data leaks, and user fraud, affecting consumers and businesses. The main objective of this project is to deliver a robust cybersecurity platform that includes an API designed to detect fraudulent reviews, analyze review history using Natural Language Processing (NLP) techniques like Term Frequency-Inverse Document Frequency (TF-IDF) to identify defamation, and a URL detection system using heuristic analysis to block malicious links. Additionally, CAPTCHA is utilized as a secondary feature to prevent brute-force attacks. Results from testing the review analysis system showed that the Keras deep learning model achieved an accuracy of 87.1% precision of 86.5%, recall of 87.3%, and an F1-score of 86.9%, while the Support Vector Machine (SVM) model achieved an accuracy of 86.7%, precision of 86.8%, recall of 85.2%, and an F1-score of 86.0%. Cross-validation demonstrated good generalization ability, with minor fluctuations in performance across different data folds. The CAPTCHA system, powered by Cloudflare Turnstile, effectively prevented automated brute-force login attempts, enhancing login security without significantly impacting user experience. The heuristic URL detection system successfully identified and blocked malicious links, including obfuscated URLs, before reviews could be submitted, thereby strengthening the platform’s defenses against phishing and malicious activities.