Meda Srikanth, Srinivas Vangipuram Sesha, Rao Killi Chandra Bhushana, Ramesh Repudi, Yamarthi Narasimha Rao
Department of Computer Science and Engineering, RVR&JC College of Engineering, Guntur, Andhra Pradesh, India.
Department of Information Technology, RVR&JC College of Engineering, Guntur, Andhra Pradesh, India.
PeerJ Comput Sci. 2025 Jul 17;11:e3014. doi: 10.7717/peerj-cs.3014. eCollection 2025.
Phishing attacks are now regarded as one of the most prevalent cyberattacks that often compromise the security of different communication and internet networks. Phishing websites are created with the goal of generating cyber threats in order to ascertain the user's financial information. Fake websites are frequently created and circulated online, which results in the loss of essential user assets. Phishing websites can result in monetary loss, intellectual property theft, damage to one's reputation, and disruption of regular business activities. Over the past decade, a number of anti-phishing tactics have been proposed to detect and reduce these attempts. They are still imprecise and ineffective, though. Deep Learning (DL), which can precisely learn the intrinsic features of the websites and recognize phishing websites, is one of the innovative techniques utilized to solve this issue.
In this study, we proposed a novel OptSHQCNN phishing detection method. Pre-deployment and post-deployment are the two phases of the proposed methodology. The dataset undergoes preprocessing in the pre-deployment phase, which includes data balancing, and handling invalid features, irrelevant features, and missing values. The convolutional block attention module (CBAM) then extracts the main characteristics from web page code and linkages. The red kite optimization algorithm (RKOA) selects the significant key attributes in the third stage. The final phase involves classifying the data using the Shallow hybrid quantum-classical convolutional neural network (SHQCNN) model. To improve the effectiveness of the classification approach, the hyperparameters present in the SHQCNN model are fine-tuned using the shuffled shepherd optimization algorithm (SSOA).
In the post-deployment phase, the URL is encoded using Optimized Bidirectional Encoder Representations from Transformers (OptBERT), after which the features are extracted. The retrieved properties are fed into a trained classifier. Next, a prediction of "phishing" or "Legitimate" is produced by the classifier. With a maximum of above 99% accuracy, precision, recall, and F1-score, respectively, the investigation's findings showed that the suggested technique performed better than other popular phishing detection methods. The creation of a security plugin for clients, browsers, and other instant messaging applications that operate on network edges, PCs, smartphones, and other personal terminals can be aided by these findings.
网络钓鱼攻击如今被视为最普遍的网络攻击之一,常常危及不同通信和互联网网络的安全。创建网络钓鱼网站的目的是制造网络威胁,以获取用户的财务信息。虚假网站经常在网上创建和传播,这导致用户重要资产的损失。网络钓鱼网站可能导致金钱损失、知识产权盗窃、声誉受损以及正常商业活动中断。在过去十年中,已经提出了许多反网络钓鱼策略来检测和减少这些攻击。然而,它们仍然不够精确且效果不佳。深度学习(DL)是用于解决此问题的创新技术之一,它可以精确地学习网站的内在特征并识别网络钓鱼网站。
在本研究中,我们提出了一种新颖的OptSHQCNN网络钓鱼检测方法。所提出的方法有预部署和后部署两个阶段。数据集在预部署阶段进行预处理,包括数据平衡以及处理无效特征、无关特征和缺失值。然后,卷积块注意力模块(CBAM)从网页代码和链接中提取主要特征。第三阶段使用红风筝优化算法(RKOA)选择重要的关键属性。最后阶段使用浅混合量子 - 经典卷积神经网络(SHQCNN)模型对数据进行分类。为了提高分类方法的有效性,使用洗牌牧羊人优化算法(SSOA)对SHQCNN模型中的超参数进行微调。
在后部署阶段,使用优化的基于变换器的双向编码器表示(OptBERT)对URL进行编码,然后提取特征。将检索到的属性输入到经过训练的分类器中。接下来,分类器会做出“网络钓鱼”或“合法”的预测。调查结果显示,所建议的技术分别以最高超过99%的准确率、精确率、召回率和F1分数表现优于其他流行的网络钓鱼检测方法。这些发现有助于为在网络边缘、个人电脑、智能手机和其他个人终端上运行的客户端、浏览器及其他即时通讯应用创建安全插件。
