PhishTransformer: A Novel Approach to Detect Phishing Attacks Using URL Collection and Transformer-Reference-Cited by-同舟云学术

PhishTransformer: A Novel Approach to Detect Phishing Attacks Using URL Collection and Transformer

Published:2023-12-20 Issue:1 Volume:13 Page:30
ISSN:2079-9292
Container-title:Electronics
language:en
Short-container-title:Electronics

Author:

Asiri Sultan¹²^ORCID,Xiao Yang¹^ORCID,Li Tieshan³^ORCID

Affiliation:

1. Department of Computer Science, The University of Alabama, Tuscaloosa, AL 3487-02903, USA

2. Department of Computer Science, King Khalid University, Abha 62529, Saudi Arabia

3. School of Automation Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China

Abstract

Phishing attacks are a major threat to online security, resulting in millions of dollars in losses. These attacks constantly evolve, forcing the cyber security community to improve detection systems. One major problem with current detection systems is that they cannot detect new phishing attacks, such as Browser in the Browser (BiTB) and malvertising attacks. These attacks hide behind legitimate Uniform Resource Locators (URLs) and can evade detection systems that only analyze a web page URL without exploring the page content. To address this problem, we propose PhishTransformer, a deep-learning model that can detect phishing attacks by analyzing URLs and page content. We propose only using URLs embedded within a webpage, such as hyperlinks and JFrames, to train PhishTransformer. This helps reduce the number of features that need to be extracted from the page content, which makes training the model more efficient. PhishTransformer combines convolutional neural networks and transformer encoders to extract features from website URLs and page content. These features are then used to train a classifier that can distinguish between phishing attacks and legitimate websites. We tested PhishTransformer on a dataset of 10,000 URLs. Our results show that PhishTransformer can achieve an F1-score of 99%, precision of 99%, and recall of 99%. This result suggests that PhishTransformer is a promising new approach to phishing detection.

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering

Link

https://www.mdpi.com/2079-9292/13/1/30/pdf

Reference29 articles.

1. A Survey of Intelligent Detection Designs of HTML URL Phishing Attacks;Asiri;IEEE Access,2023

2. Rekouche, K. (2011). Early phishing. arXiv.

3. Ollmann, G. (2004). The phishing guide understanding & preventing phishing attacks. Ngs Softw. Insight Secur. Res., 1–72.

4. Fighting against phishing attacks: State of the art and future challenges;Gupta;Neural Comput. Appl.,2017

5. Differentiated Virtual Passwords, Secret Little Functions, and Codebooks for Protecting Users from Password Theft;Xiao;IEEE Syst. J.,2014

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Towards Improving Phishing Detection System Using Human in the Loop Deep Learning Model;Proceedings of the 2024 ACM Southeast Conference on ZZZ;2024-04-18