<p>Phishing is considered one of the most widespread and dynamic cyber threats, as attackers use deceitful URL structures to circumvent traditional detection tools. Despite promising performances of machine learning-based phishing detection techniques, the majority of existing models are evaluated under clean conditions, failing to account for adversarial URL evasion methods including obfuscation, encoding manipulation, homoglyph substitutions, token padding, and subdomain reordering. This weakness grossly compromises their practical performance in real-world deployments. Phishing URL detection is modelled as a lightweight binary classification problem supported by an explicit adversarial threat model. Lexical, structural, and <i>metadata-based</i> URL features are represented comprehensively without relying on raw URL strings or deep packet inspection (DPI), preserving user privacy and enabling broad deployment. To mitigate adversarial vulnerabilities, the Adversarial-Resilient Lightweight Random Forest (AR-LRF) model is proposed, combining controlled ensemble complexity with simulated adversarial perturbations applied during training. Extensive experiments on a large-scale imbalanced real-world dataset (91% benign, 9% phishing) consisting of 650,000 URLs were evaluated across accuracy, precision, recall, F1-score, and ROC-AUC under clean and adversarial conditions against five baseline classifiers: Logistic Regression, Decision Tree, Random Forest, Support Vector Machine, and Naïve Bayes. The AR-LRF achieves 99.78% accuracy and ROC-AUC of 0.9999 on clean data, with significantly lower performance degradation under adversarial perturbations. Feature importance and confidence stability analyses further validate the model’s resilience, positioning AR-LRF as a viable, lightweight, and deployable tool for modern cybersecurity infrastructure.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Adversarial-resilient lightweight phishing url detection: Evaluating lexical & metadata features under evasion techniques

  • Ayan Chaudhuri,
  • Mohankumar B

摘要

Phishing is considered one of the most widespread and dynamic cyber threats, as attackers use deceitful URL structures to circumvent traditional detection tools. Despite promising performances of machine learning-based phishing detection techniques, the majority of existing models are evaluated under clean conditions, failing to account for adversarial URL evasion methods including obfuscation, encoding manipulation, homoglyph substitutions, token padding, and subdomain reordering. This weakness grossly compromises their practical performance in real-world deployments. Phishing URL detection is modelled as a lightweight binary classification problem supported by an explicit adversarial threat model. Lexical, structural, and metadata-based URL features are represented comprehensively without relying on raw URL strings or deep packet inspection (DPI), preserving user privacy and enabling broad deployment. To mitigate adversarial vulnerabilities, the Adversarial-Resilient Lightweight Random Forest (AR-LRF) model is proposed, combining controlled ensemble complexity with simulated adversarial perturbations applied during training. Extensive experiments on a large-scale imbalanced real-world dataset (91% benign, 9% phishing) consisting of 650,000 URLs were evaluated across accuracy, precision, recall, F1-score, and ROC-AUC under clean and adversarial conditions against five baseline classifiers: Logistic Regression, Decision Tree, Random Forest, Support Vector Machine, and Naïve Bayes. The AR-LRF achieves 99.78% accuracy and ROC-AUC of 0.9999 on clean data, with significantly lower performance degradation under adversarial perturbations. Feature importance and confidence stability analyses further validate the model’s resilience, positioning AR-LRF as a viable, lightweight, and deployable tool for modern cybersecurity infrastructure.