Detecting Cloud-Based Phishing Attacks by Combining Deep Learning Models

Add code
Apr 05, 2022
Medha Atre, Birendra Jha, Ashwini Rao
Figure 1 for Detecting Cloud-Based Phishing Attacks by Combining Deep Learning Models
Figure 2 for Detecting Cloud-Based Phishing Attacks by Combining Deep Learning Models
Figure 3 for Detecting Cloud-Based Phishing Attacks by Combining Deep Learning Models
Figure 4 for Detecting Cloud-Based Phishing Attacks by Combining Deep Learning Models

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Web-based phishing attacks nowadays exploit popular cloud web hosting services and apps such as Google Sites and Typeform for hosting their attacks. Since these attacks originate from reputable domains and IP addresses of the cloud services, traditional phishing detection methods such as IP reputation monitoring and blacklisting are not very effective. Here we investigate the effectiveness of deep learning models in detecting this class of cloud-based phishing attacks. Specifically, we evaluate deep learning models for three phishing detection methods--LSTM model for URL analysis, YOLOv2 model for logo analysis, and triplet network model for visual similarity analysis. We train the models using well-known datasets and test their performance on phishing attacks in the wild. Our results qualitatively explain why the models succeed or fail. Furthermore, our results highlight how combining results from the individual models can improve the effectiveness of detecting cloud-based phishing attacks.

View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon