NDLP Phishing: A Fine-Tuned Application to Detect Phishing Attacks Based on Natural Language Processing and Deep Learning

Abstract

Phishing is a cyberattack that aims to deceive and harm users socially or economically. The most elaborate method to carry out this type of attack is through phishing web pages. For an untrained eye, it is not easy to distinguish whether a page is phishing. Different solutions combat this type of attack, such as those using deep learning (DL). Still, they need to be more aligned with the body text of web pages, taking into account their linguistic characteristics, or they will only exist as a model without providing practical application. This study aims to develop a lightweight tool, an extension for installation in the Google Chrome web browser that enables the detection of phishing attacks using DL and natural language processing (NLP) techniques. This proposed tool is NDLP Phishing (NDLP is a combination of the acronyms NLP and DL). First, we selected and adjusted the hyperparameters of BiGRU layers, dropout, batch Size, epochs, BiGRU neurons, and GloVe dimension of a BiGRU detection model based on DL and NLP. Second, an extension was developed for Google Chrome based on the fine-tuned model. The results of our experiments show a set of optimal hyperparameters to train the model. Subsequently, we applied these hyperparameters and achieved a mean accuracy of 98.55%. The code for the algorithms that generated the prediction model and the code for the Google Chrome extension are shared on GitHub.