Improving Machine Learning Models for URL Phishing Detection Using Synthetic Data
摘要
Phishing is one of the most prevalent forms of cybercrime due to its low cost, limited technical requirements, and the ability to send massive campaigns of phishing emails. Such attacks can severely compromise critical infrastructures by targeting employees or systems with deceptive links that lead to credential theft, malware infection, or unauthorised access. The success of these attacks shows the need to improve the methods for phishing detection. In this work, we aim to generate phishing URLs to augment datasets, in order to improve the generalisation capabilities of machine and deep learning models. To achieve this, we compare three augmentation techniques, SMOTE, GANs and a SLM, against a baseline model trained solely on the original, unbalanced data. These techniques were applied to three distinct models: RF, XGB, and CNN. We evaluated the performance of the models using the most used metrics: Accuracy, Precision, Recall, AUC, and F1-score. The experiments demonstrated that the techniques achieved strong results on the test set, but their effectiveness dropped when evaluated on the validation data.