Phishing continues to be a prevalent threat in cybersecurity, using deceptive URLs to undermine user information and system integrity. Conventional machine learning methods, though effective when handcrafted features are used, tend to perform poorly in generalizing against more obfuscated patterns of attacks. This paper presents an effective phishing URL detection system that takes advantage of the contextual strengths of quantized Large Language Models (LLMs)—namely Mistral-7B and Mixtral-8x7B—combined with interpretable gradient boosting models like CatBoost. The LLMs are employed with prompt-based inference for semantic URL evaluation, whereas the CatBoost model employs lexical and statistical features for structured classification. Tested on a balanced dataset of more than 2.28 million URLs, the system has high accuracy and low false positive rates. SHAP-based visualizations are employed to offer transparent explanations for model decisions. The findings prove the real-world feasibility of integrating effective LLM reasoning with conventional ML in real-time phishing defense systems, particularly in resource-limited settings.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Leveraging Large Language Models for Enhanced URL Phishing Detection

  • Rohit Yadav,
  • Rohini Bhosale,
  • Rahul Rathod,
  • Prashant Dhotre,
  • Yashraj Salunkhe Patil

摘要

Phishing continues to be a prevalent threat in cybersecurity, using deceptive URLs to undermine user information and system integrity. Conventional machine learning methods, though effective when handcrafted features are used, tend to perform poorly in generalizing against more obfuscated patterns of attacks. This paper presents an effective phishing URL detection system that takes advantage of the contextual strengths of quantized Large Language Models (LLMs)—namely Mistral-7B and Mixtral-8x7B—combined with interpretable gradient boosting models like CatBoost. The LLMs are employed with prompt-based inference for semantic URL evaluation, whereas the CatBoost model employs lexical and statistical features for structured classification. Tested on a balanced dataset of more than 2.28 million URLs, the system has high accuracy and low false positive rates. SHAP-based visualizations are employed to offer transparent explanations for model decisions. The findings prove the real-world feasibility of integrating effective LLM reasoning with conventional ML in real-time phishing defense systems, particularly in resource-limited settings.