Research on phishing webpage detection technology based on CNN-BiLSTM algorithm

Abstract

Abstract The rapid development of the Internet has also brought opportunities for some illegal elements. Network attackers steal sensitive information from victims through phishing webpages to obtain economic benefits. Currently, the commonly used detection methods for phishing webpages, based on blacklist detection and webpage content feature detection, have the problems of being unable to detect newly emerging phishing webpages or requiring manual extraction of webpage features. Therefore, researchers have used Convolution Neural Network (CNN) to detect phishing webpages by automatically extracting URL features. However, its method has some limitations: (1) The memory is limited when the URL is transformed into the feature matrix, and the embedding vector of new words cannot be obtained or the effective information of sensitive words is lost; (2) the long-distance dependent feature of the URL cannot be obtained. In response to the above challenges, we proposes a phishing detection method based on CNN and Bi-directional Long Short-Term Memory (Bi-LSTM) based on existing work: based on sensitive word segmentation-- comprehensively using two existing URL segmentation methods before converting URL into eigenvector matrix; adding Bi-LSTM on the basis of convolutional neural network to obtain URL long-distance dependent features. Experimental results show that this method can achieve high accuracy, recall rate and F1 value.