Detecting phishing attacks using a combined model of LSTM and CNN

Abstract: Phishing, a social engineering crime which has been existing for more than two decades, has gained significant research attention to find better solutions to face against the very dynamic strategies of phishing. The financial sector is the primary target of phishing, and there are many different approaches to combat phishing attacks. Software-based detection approaches are more prominent in phishing detection; however, still, there is no robust solution that can stable for a long period. The primary purpose of… Show more

“…Meanwhile, the LSTM-CNN and LSTM models achieved accuracies of 97.6% and 96.8%, respectively. Ariyadasa et al [4] proposed a phishing detection method using a combined model of LSTM and CNN deep networks to process both URLs and HTML pages. The URLs were learned through an LSTM network with 1D CNN, while the HTML features were learned using another 1D CNN network.…”

“…The phishing attack runs on exploiting the vulnerabilities and naivety of users, seeking to deceive them through electronic communications by creating fraudulent websites that closely resemble legitimate ones. In order to counter this threat effectively, enhancing user awareness becomes crucial as it empowers them to recognize and prevent phishing attacks [4], [11].…”

“…This is called software-based detection, where several approaches are carried out in the literature, such as list-based, visual similarity, heuristics-based approaches, machine learning, etc. Each approach has its advantages and disadvantages; for example, the blacklist approach fails to reveal non-blacklisted phishing sites (called zero-day attacks), and the image analysis of visual similarity techniques is time-and space-consuming [4], [11]. Recently, baseline machine learning and deep learning approaches have been widely implemented in the phishing detection field; this was reinforced by the rapid development and many subsequent successful studies.…”

“…Recently, baseline machine learning and deep learning approaches have been widely implemented in the phishing detection field; this was reinforced by the rapid development and many subsequent successful studies. But the DL methods eclipse the problem of discovering complex structures in high-dimensional data, and it also surpasses the manual feature extraction problem of machine learning [4]. Convolutional neural networks (CNN) and long-and short-term memory (LSTM) are among the most powerful deep learning models that have shown excellent results in detecting phishing websites.…”

A Permutaion Importance Based feature selection method and Deep Learning Model to Detect Phishing Websites

“…Meanwhile, the LSTM-CNN and LSTM models achieved accuracies of 97.6% and 96.8%, respectively. Ariyadasa et al [4] proposed a phishing detection method using a combined model of LSTM and CNN deep networks to process both URLs and HTML pages. The URLs were learned through an LSTM network with 1D CNN, while the HTML features were learned using another 1D CNN network.…”

“…The phishing attack runs on exploiting the vulnerabilities and naivety of users, seeking to deceive them through electronic communications by creating fraudulent websites that closely resemble legitimate ones. In order to counter this threat effectively, enhancing user awareness becomes crucial as it empowers them to recognize and prevent phishing attacks [4], [11].…”

“…This is called software-based detection, where several approaches are carried out in the literature, such as list-based, visual similarity, heuristics-based approaches, machine learning, etc. Each approach has its advantages and disadvantages; for example, the blacklist approach fails to reveal non-blacklisted phishing sites (called zero-day attacks), and the image analysis of visual similarity techniques is time-and space-consuming [4], [11]. Recently, baseline machine learning and deep learning approaches have been widely implemented in the phishing detection field; this was reinforced by the rapid development and many subsequent successful studies.…”

“…Recently, baseline machine learning and deep learning approaches have been widely implemented in the phishing detection field; this was reinforced by the rapid development and many subsequent successful studies. But the DL methods eclipse the problem of discovering complex structures in high-dimensional data, and it also surpasses the manual feature extraction problem of machine learning [4]. Convolutional neural networks (CNN) and long-and short-term memory (LSTM) are among the most powerful deep learning models that have shown excellent results in detecting phishing websites.…”

A Permutaion Importance Based feature selection method and Deep Learning Model to Detect Phishing Websites

Unmasking Phishing Attempts: A Study on Detection in Spanish Emails

Comparative Analysis of Machine Learning Algorithms for Phishing Website Detection