Affordable Access

deepdyve-link
Publisher Website

Applications of deep learning for phishing detection: a systematic literature review.

Authors
  • Catal, Cagatay1
  • Giray, Görkem2
  • Tekinerdogan, Bedir3
  • Kumar, Sandeep4
  • Shukla, Suyash4
  • 1 Department of Computer Science and Engineering, Qatar University, Doha, Qatar. , (Qatar)
  • 2 Independent Researcher, Izmir, Turkey. , (Turkey)
  • 3 Information Technology Group, Wageningen University & Research, Wageningen, The Netherlands. , (Netherlands)
  • 4 Department of Computer Science and Engineering, Indian Institute of Technology Roorkee, Roorkee, India. , (India)
Type
Published Article
Journal
Knowledge and Information Systems
Publisher
Springer-Verlag
Publication Date
Jan 01, 2022
Volume
64
Issue
6
Pages
1457–1500
Identifiers
DOI: 10.1007/s10115-022-01672-x
PMID: 35645443
Source
Medline
Keywords
Language
English
License
Unknown

Abstract

Phishing attacks aim to steal confidential information using sophisticated methods, techniques, and tools such as phishing through content injection, social engineering, online social networks, and mobile applications. To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection. Hence, we performed a systematic literature review (SLR) to identify, assess, and synthesize the results on deep learning approaches for phishing detection as reported by the selected scientific publications. We address nine research questions and provide an overview of how deep learning algorithms have been used for phishing detection from several aspects. In total, 43 journal articles were selected from electronic databases to derive the answers for the defined research questions. Our SLR study shows that except for one study, all the provided models applied supervised deep learning algorithms. The widely used data sources were URL-related data, third party information on the website, website content-related data, and email. The most used deep learning algorithms were deep neural networks (DNN), convolutional neural networks, and recurrent neural networks/long short-term memory networks. DNN and hybrid deep learning algorithms provided the best performance among other deep learning-based algorithms. 72% of the studies did not apply any feature selection algorithm to build the prediction model. PhishTank was the most used dataset among other datasets. While Keras and Tensorflow were the most preferred deep learning frameworks, 46% of the articles did not mention any framework. This study also highlights several challenges for phishing detection to pave the way for further research. © The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature 2022.

Report this publication

Statistics

Seen <100 times