Phishing Detection Using Deep Learning: A Systematic Review
DOI:
https://doi.org/10.31305/trjtm2025.v05.n04.003Keywords:
Phishing detection, Convolutional Neural Networks, URL-based securityAbstract
Phishing is one of the important cybersecurity threats and hence requires advanced mechanisms to detect it. This review paper discusses Convolutional Neural Network (CNN) techniques about phishing detection that focus on the capability of detecting spatial patterns from URLs, and URL-based phishing detection. The studies that were in this review show character-level CNNs, which give as high as 98.58% accuracy, in which such subtle manipulations in URLs can be identified but there have been challenges such as training time is long. Hybrid models, such as CNN-LSTM integration, achieve an accuracy of 98.34% but are highly dependent on PhishTank data, reducing their applicability. Temporal Convolutional Networks (TCNs) by another author provides an accuracy of 98.95% but the efficacy for real-time applications hasn't been proven. While CNNs are excellent at pattern structure (such as text-to-image translation), problems such as data set bias and computational power make scalability difficult. Future research should focus on lightweightness, varying datasets and hybrid models that will increase the real-world deployability and counter polymorphic phishing.
References
Aljofey, Q. Jiang, Q. Qu, M. Huang, and J.-P. Niyigena, “An effective phishing detection model based on character level convolutional neural network from URL,” Electronics, vol. 9, no. 9, p. 1514, 2020. [Online]. Available: https://doi.org/10.3390/electronics9091514
S. Ariyadasa, S. Fernando, and S. Fernando, “Detecting phishing attacks using a combined model of LSTM and CNN,” Int. J. Adv. Appl. Sci., vol. 7, pp. 56–67, 2020. [Online]. Available: https://doi.org/10.21833/ijaas.2020.07.007
E. A. Aldakheel, M. Zakariah, G. A. Gashgari, F. A. Almarshad, and A. I. A. Alzahrani, “A deep learning-based innovative technique for phishing detection in modern security with uniform resource locators,” Sensors, vol. 23, p. 4403, 2023. [Online]. Available: https://doi.org/10.3390/s23094403
F. S. Alsubaei, A. A. Almazroi, and N. Ayub, “Enhancing phishing detection: A novel hybrid deep learning framework for cybercrime forensics,” IEEE Access, vol. 12, pp. 8373–8389, 2024. [Online]. Available: https://doi.org/10.1109/ACCESS.2024.3351946
M. A. Remmide, F. Boumahdi, N. Boustia, C. L. Feknous, and R. Della, “Detection of phishing URLs using temporal convolutional network,” Procedia Computer Science, vol. 212, pp. 74–82, 2022. [Online]. Available: https://doi.org/10.1016/j.procs.2022.10.209
M. W. Shaukat, R. Amin, M. M. A. Muslam, A. H. Alshehri, and J. Xie, “A hybrid approach for alluring ads phishing attack detection using machine learning,” Sensors, vol. 23, no. 19, p. 8070, 2023. [Online]. Available: https://doi.org/10.3390/s23198070
T. Karthikeyan, M. Govindarajan, and V. Vijayakumar, “An effective fraud detection using competitive swarm optimization based deep neural network,” Measurement: Sensors, vol. 27, p. 100793, 2023. [Online]. Available: https://doi.org/10.1016/j.measen.2023.100793
M. Korkmaz, E. Kocyigit, O. K. Sahingoz, and B. Diri, “A hybrid phishing detection system using deep learning-based URL and content analysis,” Elektronika ir Elektrotechnika, vol. 28, no. 5, pp. 80–89, 2022. [Online]. Available: https://doi.org/10.5755/j02.eie.31197
M. Dewis and T. Viana, “Phish Responder: A hybrid machine learning approach to detect phishing and spam emails,” Appl. Syst. Innov., vol. 5, p. 73, 2022. [Online]. Available: https://doi.org/10.3390/asi5040073
E. A. Mityukov et al., “Phishing detection using machine learning techniques,” IOP Conf. Ser.: Mater. Sci. Eng., vol. 537, no. 5, p. 052014, 2019. [Online]. Available: https://doi.org/10.1088/1757-899X/537/5/052014
Y. Lin et al., “Phishpedia: A hybrid deep learning based approach to visually identify phishing webpages,” in Proc. 30th USENIX Security Symp. (USENIX Security 21), 2021, pp. 3793–3810. [Online]. Available: https://www.usenix.org/conference/usenixsecurity21/presentation/lin
Z. Rojan, “Financial fraud detection based on machine and deep learning: A review,” Indones. J. Comput. Sci., vol. 13, 2024. [Online]. Available: https://doi.org/10.33022/ijcs.v13i3.4059
Y. LeCun, Y. Bengio, and G. Hinton, “Deep learning,” Nature, vol. 521, pp. 436–444, 2015. [Online]. Available: https://doi.org/10.1038/nature14539
V. Shahrivari, M. M. Darabi, and M. Izadi, “Phishing detection using machine learning techniques,” arXiv preprint arXiv:2009.11116, 2020. [Online]. Available: https://doi.org/10.48550/arxiv.2009.11116
Shahroudnejad, “A survey on understanding, visualizations, and explanation of deep neural networks,” arXiv preprint arXiv:2102.01792, 2021. [Online]. Available: https://doi.org/10.48550/arXiv.2102.01792
O. Senouci and N. Benaouda, “Enhancing phishing detection in cloud environments using RNN-LSTM in a deep learning framework,” J. Telecommun. Inf. Technol., 2025. [Online]. Available: https://doi.org/10.26636/jtit.2025.1.1916
L. Halgaš, I. Agrafiotis, and J. R. C. Nurse, “Catching the phish: Detecting phishing attacks using recurrent neural networks (RNNs),” in Lecture Notes in Comput. Sci., 2020, pp. 219–233. [Online]. Available: https://doi.org/10.1007/978-3-030-39303-8_17
J. E. Perfecta and M. Ehikhamenleb, “A phishing detection model using recurrent neural networks in web-based services,” Int. J. Res. Publ. Rev., vol. 5, no. 10, pp. 1234–1245, 2024. [Online]. Available: https://ijrpr.com/uploads/V5ISSUE10/IJRPR34414.pdf
J. L. Elman, “Finding structure in time,” Cogn. Sci., vol. 14, no. 2, pp. 179–211, 1990. [Online]. Available: https://doi.org/10.1207/s15516709cog1402_1
S. Remya, M. Pillai, B. Aparna, S. Subbareddy, and Y. Cho, “BGL-PhishNet: Phishing website detection using hybrid model-BERT, GNN, and LightGBM,” IEEE Access, 2025. [Online]. Available: https://doi.org/10.1109/ACCESS.2025.3551542
Rangapur, T. Kanakam, and D. P., “Phish-Defence: Phishing detection using deep recurrent neural networks,” arXiv preprint arXiv:2110.13424, 2021. [Online]. Available: http://arxiv.org/abs/2110.13424
T. Feng and C. Yue, “Visualizing and interpreting RNN models in URL-based phishing detection,” in Proc. ACM Symp. Access Control Models Technol. (SACMAT), 2020, pp. 13–24. [Online]. Available: https://doi.org/10.1145/3381991.3395602
V. A. Onih, “Phishing detection using machine learning: A model development and integration,” Int. J. Sci. Manag. Res., vol. 7, no. 4, pp. 27–63, 2024. [Online]. Available: https://doi.org/10.37502/ijsmr.2024.7403
S. Subhash and S. Fernando, “Phishing websites dataset,” 2021.
V. Krishna, B. Jose, K. Anilkumar, and O. T. Lee, “Phishing detection using machine learning based URL analysis: A survey,” Int. J. Eng. Res. Technol. (IJERT), vol. 9, no. 13, pp. 156–161, 2021. [Online]. Available: https://www.ijert.org/phishing-detection-using-machine-learning-based-url-analysis-a-survey
R. Mahajan and I. Siddavatam, “Phishing website detection using machine learning algorithms,” Int. J. Comput. Appl., vol. 181, no. 23, 2018.
K. Burbela, “Model of detection of phishing URLs based on machine learning,” M.S. thesis, Faculty of Computing, Blekinge Institute of Technology, Karlskrona, Sweden, 2023.
K. Dutta, “Detecting phishing websites using machine learning technique,” PLoS ONE, vol. 16, no. 10, 2021. [Online]. Available: https://doi.org/10.1371/journal.pone.0258361
V. Le, A. Markopoulou, and M. Faloutsos, “PhishDef: URL names say it all,” in Proc. IEEE INFOCOM, 2011, pp. 191–195. [Online]. Available: https://doi.org/10.1109/INFCOM.2011.5935250
Federal Bureau of Investigation, “2020 Internet Crime Report,” FBI Internet Crime Complaint Center (IC3), 2021. [Online]. Available: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf
Downloads
Published
Issue
Section
Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /home/u495429466/domains/technoreview.co.in/public_html/plugins/generic/citations/CitationsPlugin.php on line 68
