Applications of deep learning for phishing detection: a systematic literature review

Phishing attacks aim to steal confidential information using sophisticated methods, techniques, and tools such as phishing through content injection, social engineering, online social networks, and mobile applications. To avoid and mitigate the risks of these attacks, several phishing detection appr...

Descripción completa

Detalles Bibliográficos
Autores principales: Catal, Cagatay, Giray, Görkem, Tekinerdogan, Bedir, Kumar, Sandeep, Shukla, Suyash
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Springer London 2022
Materias:
Survey Paper
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9125357/
https://www.ncbi.nlm.nih.gov/pubmed/35645443
http://dx.doi.org/10.1007/s10115-022-01672-x
_version_ 1784711932551364608
author Catal, Cagatay
Giray, Görkem
Tekinerdogan, Bedir
Kumar, Sandeep
Shukla, Suyash
author_facet Catal, Cagatay
Giray, Görkem
Tekinerdogan, Bedir
Kumar, Sandeep
Shukla, Suyash
author_sort Catal, Cagatay
collection PubMed
description Phishing attacks aim to steal confidential information using sophisticated methods, techniques, and tools such as phishing through content injection, social engineering, online social networks, and mobile applications. To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection. Hence, we performed a systematic literature review (SLR) to identify, assess, and synthesize the results on deep learning approaches for phishing detection as reported by the selected scientific publications. We address nine research questions and provide an overview of how deep learning algorithms have been used for phishing detection from several aspects. In total, 43 journal articles were selected from electronic databases to derive the answers for the defined research questions. Our SLR study shows that except for one study, all the provided models applied supervised deep learning algorithms. The widely used data sources were URL-related data, third party information on the website, website content-related data, and email. The most used deep learning algorithms were deep neural networks (DNN), convolutional neural networks, and recurrent neural networks/long short-term memory networks. DNN and hybrid deep learning algorithms provided the best performance among other deep learning-based algorithms. 72% of the studies did not apply any feature selection algorithm to build the prediction model. PhishTank was the most used dataset among other datasets. While Keras and Tensorflow were the most preferred deep learning frameworks, 46% of the articles did not mention any framework. This study also highlights several challenges for phishing detection to pave the way for further research.
format Online
Article
Text
id pubmed-9125357
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher Springer London
record_format MEDLINE/PubMed
spelling pubmed-91253572022-05-23 Applications of deep learning for phishing detection: a systematic literature review Catal, Cagatay Giray, Görkem Tekinerdogan, Bedir Kumar, Sandeep Shukla, Suyash Knowl Inf Syst Survey Paper Phishing attacks aim to steal confidential information using sophisticated methods, techniques, and tools such as phishing through content injection, social engineering, online social networks, and mobile applications. To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection. Hence, we performed a systematic literature review (SLR) to identify, assess, and synthesize the results on deep learning approaches for phishing detection as reported by the selected scientific publications. We address nine research questions and provide an overview of how deep learning algorithms have been used for phishing detection from several aspects. In total, 43 journal articles were selected from electronic databases to derive the answers for the defined research questions. Our SLR study shows that except for one study, all the provided models applied supervised deep learning algorithms. The widely used data sources were URL-related data, third party information on the website, website content-related data, and email. The most used deep learning algorithms were deep neural networks (DNN), convolutional neural networks, and recurrent neural networks/long short-term memory networks. DNN and hybrid deep learning algorithms provided the best performance among other deep learning-based algorithms. 72% of the studies did not apply any feature selection algorithm to build the prediction model. PhishTank was the most used dataset among other datasets. While Keras and Tensorflow were the most preferred deep learning frameworks, 46% of the articles did not mention any framework. This study also highlights several challenges for phishing detection to pave the way for further research. Springer London 2022-05-23 2022 /pmc/articles/PMC9125357/ /pubmed/35645443 http://dx.doi.org/10.1007/s10115-022-01672-x Text en © The Author(s), under exclusive licence to Springer-Verlag London Ltd., part of Springer Nature 2022 This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgement of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic.
spellingShingle Survey Paper
Catal, Cagatay
Giray, Görkem
Tekinerdogan, Bedir
Kumar, Sandeep
Shukla, Suyash
Applications of deep learning for phishing detection: a systematic literature review
title Applications of deep learning for phishing detection: a systematic literature review
title_full Applications of deep learning for phishing detection: a systematic literature review
title_fullStr Applications of deep learning for phishing detection: a systematic literature review
title_full_unstemmed Applications of deep learning for phishing detection: a systematic literature review
title_short Applications of deep learning for phishing detection: a systematic literature review
title_sort applications of deep learning for phishing detection: a systematic literature review
topic Survey Paper
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9125357/
https://www.ncbi.nlm.nih.gov/pubmed/35645443
http://dx.doi.org/10.1007/s10115-022-01672-x
work_keys_str_mv AT catalcagatay applicationsofdeeplearningforphishingdetectionasystematicliteraturereview
AT giraygorkem applicationsofdeeplearningforphishingdetectionasystematicliteraturereview
AT tekinerdoganbedir applicationsofdeeplearningforphishingdetectionasystematicliteraturereview
AT kumarsandeep applicationsofdeeplearningforphishingdetectionasystematicliteraturereview
AT shuklasuyash applicationsofdeeplearningforphishingdetectionasystematicliteraturereview

Ejemplares similares