A Deep Learning Filter that Blocks Phishing Campaigns Using Intelligent English Text Recognition Methods

Most of the sophisticated attacks in the modern age of cybercrime are based, among other things, on specialized phishing campaigns. A challenge in identifying phishing campaigns is defining a classification of patterns that can be generalized and used in different areas and campaigns of a different nature. Although efforts have been made to establish a general labeling scheme in their classification, there is still limited data labeled in such a format. The usual approaches are based on feature engineering to correctly identify phishing campaigns, exporting lexical, syntactic, and semantic features, e.g., previous phrases. In this context, the most recent approaches have taken advantage of modern neural network architectures to record hidden information at the phrase and text levels, e.g., Long Short-Term Memory (LSTM) and Convolutional Neural Networks (CNNs). However, these models lose semantic information related to the specific problem, resulting in a variation in their performance, depending on the different data sets and the corresponding standards used for labeling. In this paper, we propose to extend word embeddings with word vectors that indicate the semantic similarity of each word with each phishing campaigns template tag. These embedded keywords are calculated based on semantic subfields corresponding to each phishing campaign tag, constructed based on the automatic extraction of keywords representing these tags. Combining general word integrations with vectors is calculated based on word similarity using a set of sequential Kalman filters, which can then power any neural architecture such as LSTM or CNN to predict each phishing campaign. Our experiments use a data indicator to evaluate our approach and achieve remarkable results that reinforce the state-of-the-art.