Leveraging Large Language Models for Enhanced URL Phishing Detection
摘要
Phishing continues to be a prevalent threat in cybersecurity, using deceptive URLs to undermine user information and system integrity. Conventional machine learning methods, though effective when handcrafted features are used, tend to perform poorly in generalizing against more obfuscated patterns of attacks. This paper presents an effective phishing URL detection system that takes advantage of the contextual strengths of quantized Large Language Models (LLMs)—namely Mistral-7B and Mixtral-8x7B—combined with interpretable gradient boosting models like CatBoost. The LLMs are employed with prompt-based inference for semantic URL evaluation, whereas the CatBoost model employs lexical and statistical features for structured classification. Tested on a balanced dataset of more than 2.28 million URLs, the system has high accuracy and low false positive rates. SHAP-based visualizations are employed to offer transparent explanations for model decisions. The findings prove the real-world feasibility of integrating effective LLM reasoning with conventional ML in real-time phishing defense systems, particularly in resource-limited settings.