Abstract
Phishing is one of the most effective ways in which cybercriminals get sensitive details such as credentials for online banking, digital wallets, state secrets, and many more from potential victims. They do this by spamming users with malicious URLs with the sole purpose of tricking them into divulging sensitive information which is later used for various cybercrimes. In this research, we did a comprehensive review of current state-of-the-art machine learning and deep learning phishing detection techniques to expose their vulnerabilities and future research direction. For better analysis and observation, we split machine learning techniques into Bayesian, non-Bayesian, and deep learning. We reviewed the most recent advances in Bayesian and non-Bayesian-based classifiers before exploiting their corresponding weaknesses to indicate future research direction. While exploiting weaknesses in both Bayesian and non-Bayesian classifiers, we also compared each performance with a deep learning classifier. For a proper review of deep learning-based classifiers, we looked at Recurrent Neural Networks (RNN), Convolutional Neural Networks (CNN), and Long Short Term Memory Networks (LSTMs). We did an empirical analysis to evaluate the performance of each classifier along with many of the proposed state-of-the-art anti-phishing techniques to identify future research directions, we also made a series of proposals on how the performance of the under-performing algorithm can improved in addition to a two-stage prediction model
Abstract (translated)
网络钓鱼是网络犯罪分子获取潜在受害者敏感信息(如在线银行、数字钱包、国家机密等的凭证)最有效的方式之一。他们通过向用户发送恶意URL来实现这一目的,其唯一目的是诱使用户泄露这些敏感信息,之后用于各种网络犯罪活动。在这项研究中,我们对当前最先进的机器学习和深度学习网络钓鱼检测技术进行了全面回顾,揭示了它们的漏洞以及未来的研究方向。为了更好地进行分析和观察,我们将机器学习技术分为贝叶斯、非贝叶斯及深度学习三类。 在本研究中,我们在探讨其对应弱点之前,首先回顾了基于贝叶斯和非贝叶斯分类器的最新进展,并利用这些弱点指出了未来的研究方向。当探索贝叶斯和非贝叶斯分类器中的弱点时,我们还将每种分类器的表现与深度学习分类器进行了比较。 为了对基于深度学习的分类器进行适当的回顾,我们关注了循环神经网络(RNN)、卷积神经网络(CNN)以及长短期记忆网络(LSTMs)。我们还进行了实证分析来评估每个分类器及许多提议的最先进的反钓鱼技术的表现,以识别未来的研究方向。此外,我们也提出了一系列如何改进表现不佳算法性能的方法,并提出了一个两阶段预测模型。
URL
https://arxiv.org/abs/2411.16751
