SHAP-Driven Feature Selection with Meta-ensemble Classifiers for Efficient Phishing URL Detection
摘要
Phishing attacks and malicious URLs are growing threats in cybersecurity, making reliable detection methods more critical than ever. This study explores how SHAP-based feature selection and meta-ensemble learning can improve phishing URL classification. We apply SHAP (SHapley Additive ExPlanations) to identify the most crucial features for classification on ISCX-URL-2016 and the UCI Phishing Dataset. We developed a meta-ensemble model that combines XGBoost, SVM, and Random Forest as base learners, with Logistic Regression making the final decision. We performed the training on different sets of SHAP-ranked features (10 to 80 for ISCX, 10 to 30 for UCI) and measured the performance through accuracy, precision, recall, and F1-score metrics. Our findings indicate that while increasing the number of selected features generally improves classification performance, the benefits are none beyond a certain threshold. The best results achieved were an accuracy of 98.73% on ISCX-URL-2016 and 97.64% on the UCI Phishing Dataset, confirming the effectiveness of SHAP-guided feature selection.