Evaluating the effectiveness of Discriminator network in GAN architecture for phishing URL classification

Abstract

Phishing attack by illegitimate URLs is of the most common security challenges for both individuals and companies in ensuring the security of their information resources. The user passwords, credit card information, or other sensitive information can be stolen by clicking on the malicious URL links. Recently, machine learning based approach is being popularly applied to detect phishing URLs. The classifiers, such as SVM, Random Forest, LSTM, etc., are built on the standard datasets to make a prediction about a URL sample is malign or benign one. Some recent researches focus on using GAN network for enrichment of malicious URL samples utilized in classifier training based on deep learning models. In this work, we explore the ability of training a standard GAN architecture which consists of two adversarial networks of Discriminator and Generator. The URL samples are generated by the Generator network will be refined and feed backed to the Generator by the Discriminator. This helps the Generator generate URL samples that are more and more similar to the real ones. Accordingly, the Discriminant network also learns the malicious and clean characteristics of the URL patterns. In order to evaluate the effectiveness of this learning, the experiments are conducted on completely new testing datasets beyond the training datasets. The experimental results are promising with the classification accuracy of both malign and benign URLs are about 97%.