Evaluating Deep Learning Models for Website Phishing Attack Detection: A Comparative Analysis

Authors

  • Abdullahi Raji Egigogo Federal University of Technology Minna
  • Ismaila Idris Federal University of Technology Minna
  • Morufu Olalere National Open University
  • Abisoye Opeyemi Aderiike Federal University of Technology Minna

Keywords:

Deep learning models, Hybrid architectures, Phishing detection, Performance evaluation, Cybersecurity threats
doi https://doi.org/10.56134/jst.v3i2.100

Abstract

Phishing attacks remain a significant security threat in cyberspace, targeting individuals and businesses to steal confidential information. Traditional detection methods often struggle to identify newly created or altered phishing sites, highlighting the need for more adaptive solutions. This study evaluates the performance of various deep learning (DL) models for detecting online phishing attacks. A comparative analysis of single and hybrid DL models, including CNN, LSTM, BiGRU, and their combinations, is conducted. The evaluation is based on metrics such as accuracy, precision, recall, and F1-score, derived from 17 peer-reviewed publications published between 2019 and 2024. Results indicate that hybrid models, particularly ODAE-WPDC, exhibit superior performance, achieving accuracy rates of up to 99.28% and robust results across all metrics. Single models, such as CNN and BiGRU, also demonstrate strong performance, with accuracy ranging from 97% to 99.5%. This research underscores the efficacy of deep learning architectures in phishing detection and offers practical guidance for selecting optimal models based on specific requirements.

Downloads

Download data is not yet available.

References

Adebowale, M. A., Lwin, K. T., & Hossain, M. A. (2019). Deep Learning with Convolutional Neural Network and Long Short-Term Memory for Phishing Detection. 2019 13th International Conference on Software, Knowledge, Information Management and Applications (SKIMA), 1–8. https://api.semanticscholar.org/CorpusID:211058598

Adebowale, M. A., Lwin, K. T., & Hossain, M. A. (2023). Intelligent phishing detection scheme using deep learning algorithms. Journal of Enterprise Information Management, 36(3), 747–766. https://doi.org/https://doi.org/10.1108/JEIM-01-2020-0036

Admin. (2024). Teknologi Deep Learning: Mendorong Batasan Inovasi di Berbagai Industri. Pusdasi.Uma.Ac.Id. https://pusdasi.uma.ac.id/teknologi-deep-learning-mendorong-batasan-inovasi-di-berbagai-industri/

Afinda, A. M. (2024). Neural Network: Cikal Bakal Revolusi Deep Learning. Www.Dicoding.Com. https://www.dicoding.com/blog/neural-network-cikal-bakal-revolusi-deep-learning/

Alabdan, R. (2020). Phishing attacks survey: Types, vectors, and technical approaches. Future Internet, 12(10), 168. https://doi.org/https://doi.org/10.3390/fi12100168

Ali, M. M., & Mohd Zaharon, N. F. (2024). Phishing A cyber fraud: The types, implications and governance. International Journal of Educational Reform, 33(1), 101–121. https://doi.org/https://doi.org/10.1177/10567879221082966

Aljofey, A., Jiang, Q., Qu, Q., & Huang, M. (2020). An Effective Phishing Detection Model Based on Character Level Convolutional Neural Network from URL. https://doi.org/10.3390/electronics9091514

Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, 563060. https://doi.org/https://doi.org/10.3389/fcomp.2021.563060

Almomani, A., Alauthman, M., Shatnawi, M. T., Alweshah, M., Alrosan, A., Alomoush, W., & Gupta, B. B. (2022). Phishing Website Detection With Semantic Features Based on Machine Learning Classifiers: A Comparative Study. Int. J. Semantic Web Inf. Syst., 18, 1–24. https://api.semanticscholar.org/CorpusID:246920682

Alqahtani, H., Alotaibi, S. S., Alrayes, F. S., Al-Turaiki, I., Alissa, K. A., Aziz, A. S. A., Maray, M., & Al Duhayyim, M. (2022). Evolutionary Algorithm with Deep Auto Encoder Network Based Website Phishing Detection and Classification. Applied Sciences (Switzerland), 12(15). https://doi.org/10.3390/app12157441

Alshingiti, Z., Alaqel, R., Al-Muhtadi, J., Haq, Q. E. U., Saleem, K., & Faheem, M. H. (2023). A Deep Learning-Based Phishing Detection System Using CNN, LSTM, and LSTM-CNN. Electronics (Switzerland), 12(1). https://doi.org/10.3390/electronics12010232

Alzubaidi, L., Zhang, J., Humaidi, A. J., Al-Dujaili, A., Duan, Y., Al-Shamma, O., Santamaría, J., Fadhel, M. A., Al-Amidie, M., & Farhan, L. (2021). Review of deep learning: concepts, CNN architectures, challenges, applications, future directions. Journal of Big Data, 8(1). https://doi.org/10.1186/s40537-021-00444-8

Amazon. (2024). Apa itu Deep Learning? Aws.Amazon.Com. https://aws.amazon.com/id/what-is/deep-learning/

Assefa, A., & Katarya, R. (2022). Intelligent Phishing Website Detection Using Deep Learning. 2022 8th International Conference on Advanced Computing and Communication Systems (ICACCS), 1, 1741–1745. https://doi.org/10.1109/ICACCS54159.2022.9785003

Chaudhary, S. (2012). Recognition of phishing attacks utilizing anomalies in phishing websites.

Citra. (2024). Deep Learning. Wangs.Id. https://www.wangs.id/literasi-bersama/apa-itu-deep-learning/

Do, N. Q., Selamat, A., Krejcar, O., Herrera-Viedma, E., & Fujita, H. (2022). Deep Learning for Phishing Detection: Taxonomy, Current Challenges and Future Directions. IEEE Access, 10, 36429–36463. https://doi.org/10.1109/ACCESS.2022.3151903

Do, N. Q., Selamat, A., Krejcar, O., Yokoi, T., & Fujita, H. (2021). Phishing Webpage Classification via Deep Learning-Based Algorithms: An Empirical Study. Applied Sciences. https://api.semanticscholar.org/CorpusID:244611674

Eka Purwiantono, F., & Tjahyanto, A. (2017). Model Klasifikasi untuk Deteksi Situs Phising di Indonesia. Institut Teknologi Sepuluh Nompember Surabaya, 156. https://doi.org/10.13140/RG.2.2.29627.52003

Feng, T., & Yue, C. (2020). Visualizing and interpreting RNN Models in URL-based phishing detection. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, 13–24. https://doi.org/10.1145/3381991.3395602

Gupta, B. B., Tewari, A., Jain, A. K., & Agrawal, D. P. (2017). Fighting against phishing attacks: state of the art and future challenges. Neural Computing and Applications, 28, 3629–3654. https://doi.org/https://doi.org/10.1007/s00521-016-2275-y

Hazzataqiy, H. (2024). Penerapan Deep Learning dalam Pengenalan Pola dan Analisis Data. Kompasiana.Com. https://www.kompasiana.com/hazzataqiyhiroshi4541/674586d5ed641506835ac272/penerapan-deep-learning-dalam-pengenalan-pola-dan-analisis-data

Hidayanto, A. C., Gamaliel, Y. Y., & Hutagalung, M. (2022). Pengembangan Deep Learning untuk Mendeteksi Situs Phising dengan Menggunakan Convolutional Neural Network. Institut Teknologi Harapan Bangsa. https://repository.ithb.ac.id/id/eprint/56/9/1318013_Paper-TA.pdf

Irawan, A. S. Y., Heryana, N., Hopipah, H. S., & Rahma, D. (2021). Identifikasi Website Phishing dengan Perbandingan Algoritma Klasifikasi. Syntax : Jurnal Informatika, 10(01), 57–67. https://doi.org/10.35706/SYJI.V10I01.5292

Iswahyudi, M. S., Irmawati, I., Widians, J. A., Mahendra, G. S., Pratiwi, M., Hayati, N., Pomalingo, S., Miranda, E., Waryono, W., & Yanuarsyah, H. I. (2023). Aplikasi Machine Learning di Berbagai Bidang: Solusi Cerdas Untuk Masa Depan. PT. Sonpedia Publishing Indonesia.

James, L. (2005). Phishing exposed. Elsevier.

Kara, I., Ok, M., & Ozaday, A. (2022). Characteristics of Understanding URLs and Domain Names Features: The Detection of Phishing Websites With Machine Learning Methods. IEEE Access, 10, 124420–124428. https://api.semanticscholar.org/CorpusID:253660812

Mahmud, A. F., & Wirawan, S. (2024). Deteksi Phishing Website menggunakan Machine Learning Metode Klasifikasi. Jurnal Sistem Informasi, 13, 1368–1380. https://sistemasi.ftik.unisi.ac.id/index.php/stmsi/article/viewFile/3456/781

Manoj, P., Bhuvan Kumar, Y., Rakshitha, D., & Megha, G. (2021). Detection and classification of phishing websites. Trends in Computer Science and Information Technology, 053–059. https://doi.org/10.17352/tcsit.000040

Mohammad, R. M., Thabtah, F., & McCluskey, L. (2015). Tutorial and critical analysis of phishing websites methods. Computer Science Review, 17, 1–24. https://doi.org/https://doi.org/10.1016/j.cosrev.2015.04.001

Mourtaji, Y., Bouhorma, M., Alghazzawi, D., Aldabbagh, G., & Alghamdi, A. (2021). Hybrid Rule-Based Solution for Phishing URL Detection Using Convolutional Neural Network. Wireless Communications and Mobile Computing, 2021. https://doi.org/10.1155/2021/8241104

Nada, M. (2019). Penerapan Deep Learning Menggunakan Convolutional Neural Network (CNN). Medium.Com. https://medium.com/@mukhlishatunnada02/penerapan-deep-learning-menggunakan-convolutional-neural-network-cnn-d02dc6532f5b

Nursyafitri, G. D. (2023). Memahami Deep Learning, Bagian Machine Learning. Dqlab.Id. https://dqlab.id/memahami-deep-learning-bagian-machine-learning

Opara, C. C., Chen, Y., & Bo.wei. (2020). Look Before You Leap: Detecting Phishing Web Pages by Exploiting Raw URL And HTML Characteristics. Expert Syst. Appl., 236, 121183. https://api.semanticscholar.org/CorpusID:226282035

Ozcan, A., Catal, C., Donmez, E., & Senturk, B. (2021). A hybrid DNN–LSTM model for detecting phishing URLs. Neural Computing and Applications. https://doi.org/10.1007/s00521-021-06401-z

Pilo, R. (2023). Deep Learning: Model AI yang Terinspirasi dari Otak Manusia. Phintraco.Com. https://phintraco.com/deep-learning/

Puskomedia. (2024). Machine Learning dan Deep Learning: Menambah Kehebatan Komputasi dan Analisis Data. Www.Puskomedia.Id. https://www.puskomedia.id/blog/machine-learning-dan-deep-learning-menambah-kehebatan-komputasi-dan-analisis-data/

Santoso, J. T. (2023). Teknologi Keamanan Siber (Cyber Security). Penerbit Yayasan Prima Agus Teknik, 1–173.

Somesha, M., Pais, A. R., Rao, R. S., & Rathour, V. S. (2020a). Efficient deep learning techniques for the detection of phishing websites. Sadhana - Academy Proceedings in Engineering Sciences, 45(1). https://doi.org/10.1007/s12046-020-01392-4

Somesha, M., Pais, A. R., Rao, R. S., & Rathour, V. S. (2020b). Efficient deep learning techniques for the detection of phishing websites. 45(1).

Sultana, R., Rahman, M. A., & Khan, M. I. (2023). Hybrid Model Based Phishing Websites Detection Using Deep Learning Technique. 2023 26th International Conference on Computer and Information Technology (ICCIT), 1–6. https://api.semanticscholar.org/CorpusID:268044677

Tang, L., & Mahmoud, Q. H. (2022). A Deep Learning-Based Framework for Phishing Website Detection. IEEE Access, 10, 1509–1521. https://doi.org/10.1109/ACCESS.2021.3137636

Tesfom, B., Belay, F., Daniel, S., Salem, R., & Otoum, S. (2023). Phishing Detection Using Deep Learning and Machine Learning Algorithms: Comparative Analysis. 2023 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Tec, 684–689. https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361457

Wahyuni, S., Darnila, E., Gustiana, Z., Prayoga, J., Saffiera, C. A., Eka, M., Fadhilah, C., & others. (2024). Data Science. Serasi Media Teknologi.

Wang, C., & Chen, Y. (2022). TCURL: Exploring hybrid transformer and convolutional neural network on phishing URL detection. Knowledge-Based Systems, 258. https://doi.org/10.1016/j.knosys.2022.109955

Wang, W., Zhang, F., Luo, X., & Zhang, S. (2019). PDRCNN: Precise Phishing Detection with Recurrent Convolutional Neural Networks. Security and Communication Networks, 2019. https://doi.org/10.1155/2019/2595794

Wu, T., Wang, M., Xi, Y., & Zhao, Z. (2022). Malicious URL Detection Model Based on Bidirectional Gated Recurrent Unit and Attention Mechanism. Applied Sciences (Switzerland), 12(23). https://doi.org/10.3390/app122312367

Yu, S., An, C., Yu, T., Zhao, Z., Li, T., & Wang, J. (2022). Phishing Detection Based on Multi-Feature Neural Network. 2022 IEEE International Performance, Computing, and Communications Conference (IPCCC), 73–79. https://doi.org/10.1109/IPCCC55026.2022.9894337

Zhang, Q., Bu, Y., Chen, B., Zhang, S., & Lu, X. (2021). Research on phishing webpage detection technology based on CNN-BiLSTM algorithm. Journal of Physics: Conference Series, 1738(1). https://doi.org/10.1088/1742-6596/1738/1/012131

Zheng, F., Yan, Q., Leung, V. C. M., Yu, F. R., & Ming, Z. (2022). HDP-CNN: Highway deep pyramid convolution neural network combining word-level and character-level representations for phishing website detection. COMPUTERS & SECURITY, 114. https://doi.org/10.1016/j.cose.2021.102584

Published

2024-12-02
CITATION
DOI: 10.56134/jst.v3i2.100
Published: 2024-12-02

How to Cite

Raji Egigogo, A., Ismaila Idris, Olalere, M., & Opeyemi Aderiike, A. (2024). Evaluating Deep Learning Models for Website Phishing Attack Detection: A Comparative Analysis. Ceddi Journal of Information System and Technology (JST), 3(2), 19–29. https://doi.org/10.56134/jst.v3i2.100

Issue

Section

Articles