GraPhish: A graph-based approach for phishing detection from encrypted TLS traffic

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-08-30 DOI:10.1016/j.jisa.2025.104216

Kartik Manguli , Cheemaladinne Kondaiah , Alwyn Roshan Pais , Routhu Srinivasa Rao

引用次数: 0

Abstract

Phishing has increased substantially over the last few years, with cybercriminals deceiving users via spurious websites or confusing mails to steal confidential data like username and password. Even with browser-integrated security indicators like HTTPS prefixes and padlock symbols, new phishing strategies have circumvented these security features. This paper proposes GraPhish, a novel graph-based phishing detection framework that leverages encrypted TLS traffic features. We constructed an in-house dataset and proposed an effective method for graph generation based solely on TLS-based features. Our model performs better than traditional machine learning algorithms. GraPhish achieved an accuracy of 94.82%, a precision of 96.28%, a recall of 92.11%, and an improved AUC-ROC score of 98.29%.

查看原文本刊更多论文

GraPhish：一种基于图的方法，用于从加密的TLS流量中检测网络钓鱼

在过去几年中，网络钓鱼的数量大幅增加，网络犯罪分子通过虚假网站或混淆邮件欺骗用户，窃取用户名和密码等机密数据。即使有浏览器集成的安全指标，如HTTPS前缀和挂锁符号，新的网络钓鱼策略也绕过了这些安全功能。本文提出了GraPhish，一个新的基于图形的网络钓鱼检测框架，它利用了加密的TLS流量特征。我们构建了一个内部数据集，并提出了一种有效的基于tls特征的图生成方法。我们的模型比传统的机器学习算法表现得更好。GraPhish的准确率为94.82%，精密度为96.28%，召回率为92.11%，改进的AUC-ROC评分为98.29%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.