Litcius/Paper detail

Look before you leap: Detecting phishing web pages by exploiting raw URL and HTML characteristics

Chidimma Opara, Yingke Chen, Bo Wei

2023Expert Systems with Applications104 citationsDOIOpen Access PDF

Abstract

Phishing websites distribute unsolicited content and are frequently used to commit email and internet fraud; detecting them before any user information is submitted is critical. Several efforts have been made to detect these phishing websites in recent years. Most existing approaches use hand-crafted lexical and statistical features from a website’s textual content to train classification models to detect phishing web pages. However, these phishing detection approaches have a few challenges, including (1) the tediousness of extracting hand-crafted features, which require specialized domain knowledge to determine which features are useful for a particular platform; and (2) the difficulties encountered by models built on hand-crafted features to capture the semantic patterns in words and characters in URL and HTML content. To address these challenges, this paper proposes WebPhish, an end-to-end deep neural network trained using embedded raw URLs and HTML content to detect website phishing attacks. First, the proposed model automatically employs an embedding technique to extract the corresponding characters into homologous dense vectors. Then, the concatenation layer merges the URL and HTML embedding matrices. Following that, Convolutional layers are used to model its semantic dependencies. Extensive experiments were conducted with real-world phishing data, which yielded an accuracy of 98.1%, showing that WebPhish outperforms baseline detection approaches in identifying phishing pages.

Topics & Concepts

PhishingComputer scienceWeb pageInformation retrievalThe InternetWorld Wide WebDomain (mathematical analysis)Artificial intelligenceMathematicsMathematical analysisSpam and Phishing DetectionAdvanced Malware Detection TechniquesMisinformation and Its Impacts
Look before you leap: Detecting phishing web pages by exploiting raw URL and HTML characteristics | Litcius