PDHF: Effective phishing detection model combining optimal artificial and automatic deep features

Abstract

Currently, the increasing number of high-volume phishing attacks is among the largest threats to networking environments on a daily basis. During such a severe attack, researchers prefer to extract numerous features to improve the accuracy of phishing detection. However, the redundant features that may exist in the extracted feature set may be adapted by phishing attackers, not only degrading detection performance but also shortening the effective time of the constructed detection models. To address these problems, this study proposes phishing detection based on hybrid features (PDHF), a novel phishing detection model based on a combination of optimal artificial and automatic deep learning features. The optimal artificial phishing features are obtained by removing redundant features based on the newly designed feature importance evaluation index and an improved bidirectional search algorithm. To extend the effective time of phishing detection, deep features are learned from URLs using a one-dimensional character convolutional neural network (CNN) and a disorderly quantized attention mechanism. The experimental results show that PDHF outperforms many state-of-the-art methods and achieves an accuracy of 0.9965, precision of 0.9942, recall of 0.9940, and F1-score of 0.9941. These results can help in the development of a security plug-in for clients, browsers, and various instant messaging tools that run on network edges, personal computers, smartphones, and other personal terminals.