Show simple item record

Applications of deep learning for phishing detection: a systematic literature review

AuthorCatal, Cagatay
AuthorGiray, Görkem
AuthorTekinerdogan, Bedir
AuthorKumar, Sandeep
AuthorShukla, Suyash
Available date2022-11-30T11:23:19Z
Publication Date2022
Publication NameKnowledge and Information Systems
ResourceScopus
Resource2-s2.0-85130701241
URIhttp://dx.doi.org/10.1007/s10115-022-01672-x
URIhttp://hdl.handle.net/10576/36777
AbstractPhishing attacks aim to steal confidential information using sophisticated methods, techniques, and tools such as phishing through content injection, social engineering, online social networks, and mobile applications. To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection. Hence, we performed a systematic literature review (SLR) to identify, assess, and synthesize the results on deep learning approaches for phishing detection as reported by the selected scientific publications. We address nine research questions and provide an overview of how deep learning algorithms have been used for phishing detection from several aspects. In total, 43 journal articles were selected from electronic databases to derive the answers for the defined research questions. Our SLR study shows that except for one study, all the provided models applied supervised deep learning algorithms. The widely used data sources were URL-related data, third party information on the website, website content-related data, and email. The most used deep learning algorithms were deep neural networks (DNN), convolutional neural networks, and recurrent neural networks/long short-term memory networks. DNN and hybrid deep learning algorithms provided the best performance among other deep learning-based algorithms. 72% of the studies did not apply any feature selection algorithm to build the prediction model. PhishTank was the most used dataset among other datasets. While Keras and Tensorflow were the most preferred deep learning frameworks, 46% of the articles did not mention any framework. This study also highlights several challenges for phishing detection to pave the way for further research. 2022, The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature.
SponsorThe authors would like to acknowledge funding received under the Scheme for Promotion of Academic and Research Collaboration (SPARC) Scheme, Ministry of Education, Government of India. This publication is an outcome of the R&D work undertaken in the project funded under SPARC, Ministry of Education, Government of India.
Languageen
PublisherSpringer Science and Business Media Deutschland GmbH
SubjectCybersecurity; Deep learning; Machine learning; Malicious URL prediction; Phishing detection; Systematic literature review (SLR)
TitleApplications of deep learning for phishing detection: a systematic literature review
TypeArticle
Pagination1457-1500
Issue Number6
Volume Number64
dc.accessType Open Access


Files in this item

Thumbnail
Name:
s10115-022-01672-x.pdf
Size:
2.616Mb
Format:
PDF
View/Open

This item appears in the following Collection(s)

Show simple item record