Abstract:With the proliferation of the World Wide Web and the increasing sophistication of cyber threats, phishing attacks have emerged as a significant concern for individuals and organizations alike. Phishing attacks, commonly executed through deceptive URLs, aim to deceive users into divulging sensitive information, leading to financial loss, identity theft, or compromising sensitive data. It continues to pose a significant threat to individuals and organizations in today's digital landscape, necessitating the development of effective and efficient detection frameworks. This article presents PhiUSIIL, a Phi shing U RL detection framework based on S imilarity I ndex and I ncremental L earning. The similarity index helps effectively identify visual similarity-based attacks such as zero-width characters, homograph, punycode, homophone, bit squatting, and combosquatting attacks. The incremental learning approach allows the framework to continuously update its knowledge base with new data. Further, implementing diverse security profiles accommodates diverse security requirements of users or organizations. PhiUSIIL extracts URL features, downloads the webpage from URL to extract HTML features, and derives new features from existing information to construct a phishing URL dataset, named PhiUSIIL phishing URL dataset, encompassing 134850 legitimate and 100945 phishing URLs. The proposed phishing URL detection framework has extensively experimented with the PhiUSIIL phishing URL dataset. The constructed dataset helps to improve the detection accuracy when used during pre-training approach. PhiUSIIL achieved an accuracy of 99.24% when experimented with a fully incremental training approach and 99.79% when experimented with a pre-training approach. The experimental results show its effectiveness and ensure the framework remains effective and up-to-date against emerging and sophisticated phishing techniques.

PhiUSIIL: A diverse security profile empowered phishing URL detection framework based on similarity index and incremental learning

Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages

Automated Phishing Detection Using URLs and Webpages

An effective detection approach for phishing websites using URL and HTML features

A Sophisticated Framework for the Accurate Detection of Phishing Websites

PhishMatch: A Layered Approach for Effective Detection of Phishing URLs

DeltaPhish: Detecting Phishing Webpages in Compromised Websites

Multilayer Approach to Defend Phishing Attacks

HinPhish: an Effective Phishing Detection Approach Based on Heterogeneous Information Networks

An efficient multistage phishing website detection model based on the CASE feature framework: Aiming at the real web environment

Phishing URL Detection: A Real-Case Scenario Through Login URLs

A Hybrid Framework for Improved Weighted Quantum Particle Swarm Optimization and Fast Mask Recurrent CNN to Enhance Phishing-URL Prediction Performance

Detection of Malware using Phishing Alarm

The applicability of a hybrid framework for automated phishing detection

Walkthrough phishing detection techniques

PhishIntel: Toward Practical Deployment of Reference-based Phishing Detection

PhishSim: Aiding Phishing Website Detection with a Feature-Free Tool

Exploring the Efficacy of Federated-Continual Learning Nodes with Attention-Based Classifier for Robust Web Phishing Detection: An Empirical Investigation

Hybrid Optimization Enabled Squeeze Net For Phishing Attack Detection

Phishing Website Detection through Multi-Model Analysis of HTML Content

A Framework for Preparing a Balanced and Comprehensive Phishing Dataset