Phishing Attack Identification using Hybrid ML Models
Keywords:
Cybersecurity, Deep learning, Hybrid models, Machine learning, Phishing detection, URL analysisAbstract
A phishing attack is a type of threat where attackers steal peoples personal and financial information for bad purposes. Many strategies have been used to stop cyber threats and find patterns in data. Machine Learning and Deep Learning are very important in this area. Some models like Long Short-Term Memory (LSTM), Support Vector Machine (SVM) and Convolutional Neural Networks (CNN) are often used to detect and prevent phishing attacks and other cybersecurity threats. This research provides a method for identifying phishing emails using several machine learning algorithms, such as Support Vector Machine and Logistic Regression (LR). Two different datasets were used in this research. The important features were identified, and they included a mix of content-based, URL lexical-based and domain-based attributes. Then various machine learning models were. Their performance was compared. The results showed that feature selection is crucial in improving the performance of the models. The study also tried to find the important features that help detect phishing websites accurately. The experimental results show that optimized preprocessing and feature selection greatly improve the effectiveness of phishing email detection systems. Phishing attacks are a problem, and using machine learning algorithms and feature selection can help prevent them. Machine Learning and Deep Learning are key to stopping these attacks. Phishing emails and websites can be detected using these methods. The findings of this research can help improve cybersecurity.
References
A. V. Kulkarni and S. Nath, “Human susceptibility to social engineering attacks: An innovative approach to social change,” in Proceedings of the 2024 IEEE International Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI), vol. 2, Mar, pp. 1–6, 2024.
V. Vajrobol, B. B. Gupta, and A. Gaurav, “Mutual information based logistic regression for phishing URL detection,” Cyber Security and Applications, vol. 2, pp. 100044, Jan. 2024.
S. A. Khan, W. Khan, and A. Hussain, “Phishing attacks and websites classification using machine learning and multiple datasets (a comparative analysis),” in International Conference on Intelligent Computing, Cham, Switzerland: Springer International Publishing, Oct. 2020, pp. 301–313.
I. Salihovic, H. Serdarevic, and J. Kevric, “The role of feature selection in machine learning for detection of spam and phishing attacks,” in International Symposium on Innovative and Interdisciplinary Applications of Advanced Technologies, Cham, Switzerland: Springer International Publishing, Jun. 2018, pp. 476–483.
R. A. Lekshmi and S. Thomas, “Detecting malicious URLs using machine learning techniques: A comparative literature review,” International Research Journal of Engineering and Technology, vol. 6, no. 6, Jun. 2019.
D. Sahoo, C. Liu, and S. C. H. Hoi, “Malicious URL detection using machine learning: A survey,” arXiv preprint arXiv:1701.07179, Jan. 2017.
D. Huang, K. Xu, and J. Pei, “Malicious URL detection by dynamically mining patterns without pre-defined elements,” World Wide Web, vol. 17, no. 6, pp. 1375–1394, Nov. 2014.
T. Ige, C. Kiekintveld, and A. Piplai, “Deep learning-based speech and vision synthesis to improve phishing attack detection through a multi-layer adaptive framework,” arXiv preprint arXiv:2402.17249, Feb. 2024.
S. Naseeb, S. Ramzan, A. Raza, M. S. Hashmi, Y. Gu, M. Syafrudin, and N. L. Fitriyani, “Website phishing attack detection using innovative meta learning based ensemble approach,” IEEE Access, early access, Sep. 2025.
M. F. Zia and S. H. Kalidass, “Web Phishing Net (WPN): A scalable machine learning approach for real-time phishing campaign detection,” in Proceedings of the 2024 4th Intelligent Cybersecurity Conference (ICSC), Sep. 2024, pp. 206–213.
R. Vinayakumar, K. P. Soman, and P. Poornachandran, “Evaluating deep learning approaches to characterize and classify malicious URLs,” Journal of Intelligent and Fuzzy Systems, vol. 34, no. 3, pp. 1333–1343, Mar. 2018.
A. A. Alsabri and M. A. Al-Hadi, “A hybrid CNN-BLSTM model for phishing attack detection using deep learning to strengthen internet security,” Sana'a University Journal of Applied Sciences and Technology, vol. 3, no. 4, pp. 964–972, Aug. 2025.