An expert system for phishing detection: a multimodal hybrid framework integrating deep and shallow machine learning
摘要
Phishing is still one of the most serious cybersecurity threats, resulting in substantial financial and data loss. Most state-of-the-art unimodal detection solutions are not effective in addressing modern phishing attacks that come in multiple modalities including but not limited to text, URLs, visual content and user behaviour. To overcome this limitation, the present work proposes a multimodal hybrid expert system including deep learning and classical machine learning for diagnosis. Our framework handles four heterogeneous data sources: email text (DistilBERT), URL numerical features (MLP), website screenshots (ResNet-18) and behavioural logs (TF-IDF with Logistic Regression). This framework applies a late-fusion approach, aggregating predictions from various models via a Logistic Regression meta-learner. Experimental results show that the Coreflect framework achieves 99.91% accuracy, 1.00 precision and an area under curve (AUC) of 1.00, significantly surpassing individual modalities and existing methods. The findings emphasise the utility of multimodal fusion at increasing the robustness and reliability of real-world phishing detection systems.