Comprehensive phishing detection: A multi-channel approach with variants TCN fusion leveraging URL and HTML features

Abstract

Phishing represents a major threat to the financial and privacy security of Internet users, and often serves as a precursor to cyberattacks. While many deep learning-based methods focus on analyzing URLs to detect phishing due to their simplicity and efficiency, they face challenges. Hidden phishing websites may employ tactics like concealing URL addresses, deceiving deep learning models, and attackers frequently change URLs, which presents obstacles to effective detection. In this study, we introduce a robust multi-channel temporal convolutional network (TCN) approach designed for precise phishing website detection, emphasizing the extraction of features from both URL and HTML components. Our hybrid methodology combines URL character embedding and various handcrafted features, using a two-channel input structure. These inputs undergo embedding and SpatialDropout1D before integration into diverse TCN layers, capturing features effectively. Outputs from TCN layers in both channels are concatenated, globally max-pooled, and late fused for binary webpage classification. Our approach demonstrates notable contributions, including novel features, meticulous architecture, and heightened accuracy. Experimentally, our approach achieves 99.81% accuracy on our dataset and 98.16% and 98.96% on two benchmark datasets, respectively. It outperforms state-of-the-art methods on real phishing webpages, demonstrating superior performance with reduced reliance on labeled data.