Research On Deep Learning Based Phishing Attack Detection

With the rapid development of the Internet,the network security problems brought by it are becoming more and more serious.Phishing,as one of the scam technologies to steal users' personal information,is very serious.At present,improving the safety awareness of network users and enhancing safety technology have become one of the focuses of research in the field of network security.Currently,the phishing detection technology based on URLs features mainly includes machine learning methods and deep learning methods.Because traditional machine learning methods rely more on feature mining,they are more time-consuming and rely on domain knowledge.Therefore,some scholars use deep learning models to study phishing detection problems.Because the deep learning method avoids the work of constructing traditional features based on URLs,it takes advantage of the model to automatically mine potential features,and greatly improves the recognition of phishing websites.The research in this paper considers the advantages of deep learning methods for feature extraction and the detection capabilities of traditional machine learning models,and proposes a machine learning detection model based on deep learning mining features.Brief description,using the complexity of the deep learning model to extract more features from the URLs string;But to avoid the relatively simple classification detection mode of the last layer of deep learning,instead choose to use the nonlinear classification in the traditional machine learning model or integrated model for classification detection of phishing websites.In this way,not only the deep learning method's ability to mine features,but also the classification ability of the machine learning model can be combined.Then according to this method,this article mainly contains three aspects of experimental content:First,from the perspective of URLs,consider the deep learning method of choice.Therefore,this paper chooses LSTM,BiGRU and BiGRU-Attention models to introduce their differences and effects in representing URLs.Second,use the best BiGRU-Attention in the previous model to extract the features of the URL string,and then train the traditional machine learning methods SVM,Random Forest and XGBoost model with the traditional features based on URLs and the combined features of the two,and compare the different features Difference.Third,use the URL data sets of different time period and source to analyze the differences in phishing detection effects caused by the differences in data sets.Finally,a fusion detection model based on BiGRU-Attention model for feature extraction and XGBoost as a classification is obtained.And under the verification of multiple data sets,the effect is the best in the comparison of several models.