RPCP-PURI: A robust and precise computational predictor for Phishing Uniform Resource Identification

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2025-03-01 Epub Date: 2024-12-31 DOI:10.1016/j.jisa.2024.103953

Tayyaba Asif , Faiza Mehmood , Syed Ahmed Mazhar Gillani , Muhammad Nabeel Asim , Muhammad Usman Ghani , Waqar Mahmood , Andreas Dengel

{"title":"RPCP-PURI: A robust and precise computational predictor for Phishing Uniform Resource Identification","authors":"Tayyaba Asif , Faiza Mehmood , Syed Ahmed Mazhar Gillani , Muhammad Nabeel Asim , Muhammad Usman Ghani , Waqar Mahmood , Andreas Dengel","doi":"10.1016/j.jisa.2024.103953","DOIUrl":null,"url":null,"abstract":"<div><div>The widespread growth of internet services has led to a substantial increase in traffic across multifarious online applications such as shopping, transportation, e-commerce, and banking. Cyber-criminals are stealing internet users credentials through Phishing Uniform Resource Locator (PURL). To make sure safe usage of web services, researchers have developed several AI-supported PURL predictors. Prime motivation behind development of each new predictor was to extract comprehensive features from URLS and more accurately discriminate benign and phishing URLs. Different predictors are enriched with diverse types of feature extraction strategies and deep potential exploration of these strategies remain unexplored. With an aim to develop more powerful PURL predictor, contributions of this manuscript are manifold: It brings different sets of feature extraction strategies at single platform and explores their individual as well as combine potential. It evaluates and compare the effectiveness of BERT language model for detection of phishing URLs (PURLs). It presents a novel LSTM and CNN-based hybrid predictor, which utilizes DeepWalk-generated URL embeddings to effectively discriminate between phishing and benign URLs. Extensive experimentation across three public benchmark datasets (EBBU2017, phishing sites URLs and Phishing and benign webpages) demonstrates that proposed hybrid predictor surpasses the performance of existing predictors by 0.2%, 1.9% and 1.2% respectively.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103953"},"PeriodicalIF":3.7000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624002552","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/12/31 0:00:00","PubModel":"Epub","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The widespread growth of internet services has led to a substantial increase in traffic across multifarious online applications such as shopping, transportation, e-commerce, and banking. Cyber-criminals are stealing internet users credentials through Phishing Uniform Resource Locator (PURL). To make sure safe usage of web services, researchers have developed several AI-supported PURL predictors. Prime motivation behind development of each new predictor was to extract comprehensive features from URLS and more accurately discriminate benign and phishing URLs. Different predictors are enriched with diverse types of feature extraction strategies and deep potential exploration of these strategies remain unexplored. With an aim to develop more powerful PURL predictor, contributions of this manuscript are manifold: It brings different sets of feature extraction strategies at single platform and explores their individual as well as combine potential. It evaluates and compare the effectiveness of BERT language model for detection of phishing URLs (PURLs). It presents a novel LSTM and CNN-based hybrid predictor, which utilizes DeepWalk-generated URL embeddings to effectively discriminate between phishing and benign URLs. Extensive experimentation across three public benchmark datasets (EBBU2017, phishing sites URLs and Phishing and benign webpages) demonstrates that proposed hybrid predictor surpasses the performance of existing predictors by 0.2%, 1.9% and 1.2% respectively.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

rcpp - puri：一个鲁棒和精确的网络钓鱼统一资源识别计算预测器

互联网服务的广泛发展导致各种在线应用程序（如购物、交通、电子商务和银行）的流量大幅增加。网络犯罪分子通过网络钓鱼统一资源定位器（PURL）窃取互联网用户凭证。为了确保web服务的安全使用，研究人员开发了几个人工智能支持的PURL预测器。开发每个新预测器背后的主要动机是从url中提取全面的特征，并更准确地区分良性和钓鱼url。不同类型的特征提取策略丰富了不同的预测器，这些策略的深度潜力探索尚未得到探索。为了开发更强大的PURL预测器，本文的贡献是多方面的：它在单个平台上引入了不同的特征提取策略集，并探索了它们的单独和组合潜力。评估和比较了BERT语言模型在网络钓鱼url检测中的有效性。它提出了一种新的基于LSTM和cnn的混合预测器，它利用deepwalk生成的URL嵌入来有效区分网络钓鱼和良性URL。在三个公共基准数据集（EBBU2017、网络钓鱼网站url和网络钓鱼和良性网页）上进行的广泛实验表明，所提出的混合预测器的性能分别比现有预测器高出0.2%、1.9%和1.2%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.