By: Jampula Navaneeth1
1Vel Tech University, Chennai, India
2International Center for AI and Cyber Security Research and Innovations, Asia University, Taiwan Email: navaneethjampula@gmail.com
Abstract
The techniques, methods, and tools employed by phishing attacks are intricate and bear the primary intention of capturing users’ confidential details and include phishing via content injection, social engineering, online social networks, and mobile applications. Due to these attacks, several methods were designed to detect phishing attacks whereby, deep learning algorithms were found to give encouraging outcomes. Nevertheless, the outcomes and the respective findings as well as the lessons learnt are scattered over many studies and there is a research gap to provide an integrated picture of employing deep learning algorithms in the context of anti-phishing. So this article shows the different applications that are used for phishing detecting.
Keywords: Phishing attacks, Deep Learning, Applications
Introduction
Deep learning algorithms have given optimum solutions in various research issues like face detection and image analysis techniques. They were also correctly used for several other cybersecurity issues, including a number of them: malware identification, phishing identification, intrusion identification, spam mail identification and website camouflage identification. While deep learning algorithms has been recently applied for phishing detection, there is no comprehensive survey on such work. Hence, it is the intent of this article to provide a brief description as to where and how DL algorithms have been applied [1].
Figure 1: Various real-time applications of DL for Phishing Detection
Phishing Email Filtering:
A prominent application of the deep learning models, including recurrent ones, to detect phishing attempts in the email filtering systems. These models include everything in an email, including the sender’s address, the body of the message, links, if any, and other properties. These models are trained on email archives that contain both phishing and normal/legitimate emails and are thus capable of identifying such mails. For instance, the latest Gmail developed by Google uses deep learning to filter out phishing emails retaining a high detection level combined with a low false positive rate [2].
Phishing URL Analysis:
The identification of the phishing URLs in real-time, we had proposed the phishing detection system. Most times the URL of the phishing website is somehow similar to the genuine one. Some elements on the URLs can as well be identified and detected by the deep learning models for the purpose of coming up with methods of identifying and marking out potential phishing sites All structures within the URLs can be analyzed for any anomalies that would suggest phishing sites [3]. These models take into account such features as the age of the domain, the length of the URL, and the appearance of the symbols that look suspicious. This method is developed by popular web browsers such as the Google Chrome and Firefox, which alert users of the possible risks in a site before it is opened [4].
Phishing Website Content Analysis:
They also apply deep learning to understand the content of the sites. Signed text, pictures and the general layout structure of a webpage is analysed and profound learning models are used to estimate whether the site appears like a genuine site. Such technologies are present in the products of some companies, for instance, Office 365’s Advanced Threat Protection used by Microsoft to prevent users from phishing [5].
Natural Language Processing:
The common aspect of phishing emails is the use of offense or sweet talking with the aim of making the users reveal their secrets. Emails containing phishing can be detected through the use of deep learning models that use concepts from NLP. These models can easily assess statements and find out that authors are bearing ill will towards others [6]. Some of the cybersecurity solution providers such as Symantec have incorporated NLP-based deep learning models to improve the process of detecting phishing attacks [7].
Conclusion
Phishing has become a major problem in the world today and deep learning is now a very central technique used in preventing phishing. Due to the nature of big data, the software has high efficiency when it comes to detecting complicated scams, including phishing ones. Ranging from email filtering and URL analysis techniques to user behaviour monitoring and real-time detection systems, deep learning concepts are contributing significantly to fortifying web security. Given the nature of threats developing in modern cyberspace, deep learning’s contribution to phishing detection is likely to grow even more important, offering strong user protection and organizational security.
References:
- C. Catal, G. Giray, B. Tekinerdogan, S. Kumar, and S. Shukla, “Applications of deep learning for phishing detection: a systematic literature review,” Knowl Inf Syst, vol. 64, no. 6, pp. 1457–1500, Jun. 2022, doi: 10.1007/s10115-022-01672-x.
- S. Magdy, Y. Abouelseoud, and M. Mikhail, “Efficient spam and phishing emails filtering based on deep learning,” Computer Networks, vol. 206, p. 108826, Apr. 2022, doi: 10.1016/j.comnet.2022.108826.
- P. Pappachan, N. S. Adi, G. Firmansyah, and M. Rahaman, “Deep Learning-Based Forensics and Anti-Forensics,” in Digital Forensics and Cyber Crime Investigation, CRC Press, 2024.
- S. Singh, M. P. Singh, and R. Pandey, “Phishing Detection from URLs Using Deep Learning Approach,” in 2020 5th International Conference on Computing, Communication and Security (ICCCS), Oct. 2020, pp. 1–4. doi: 10.1109/ICCCS49678.2020.9277459.
- M. Korkmaz, E. Kocyigit, O. Sahingoz, and B. Di̇ri̇, “A Hybrid Phishing Detection System Using Deep Learning-based URL and Content Analysis,” Elektronika ir Elektrotechnika, vol. 28, no. 5, 2022, doi: 10.5755/j02.eie.31197.
- M. Rahaman, B. Chappu, N. Anwar, and P. K. Hadi, “Analysis of Attacks on Private Cloud Computing Services that Implicate Denial of Services (DoS),” vol. 4, 2022.
- E. Benavides-Astudillo, W. Fuertes, S. Sanchez-Gordon, D. Nuñez-Agurto, and G. Rodríguez-Galán, “A Phishing-Attack-Detection Model Using Natural Language Processing and Deep Learning,” Applied Sciences, vol. 13, no. 9, Art. no. 9, Jan. 2023, doi: 10.3390/app13095275.
- Gupta, B. B., Gaurav, A., Arya, V., Alhalabi, W., Alsalman, D., & Vijayakumar, P. (2024). Enhancing user prompt confidentiality in Large Language Models through advanced differential encryption. Computers and Electrical Engineering, 116, 109215.
- Raj, B., Gupta, B. B., Yamaguchi, S., & Gill, S. S. (Eds.). (2023). AI for big data-based engineering applications from security perspectives. CRC Press.
- Gupta, G. P., Tripathi, R., Gupta, B. B., & Chui, K. T. (Eds.). (2023). Big data analytics in fog-enabled IoT networks: Towards a privacy and security perspective. CRC Press.
Cite As
Navaneeth J. (2024) Real-World Applications of Deep Learning in Phishing Detection, Insights2Techinfo, pp.1