Enhancing Cybersecurity Through AI: A Transparent, High-Performance System for Detecting and Preventing Phishing-Based Intrusions

Phishing attacks represent one of the most common and damaging forms of cybercrime currently occurring. Phishing involves complex fraudulent schemes aimed at obtaining personal data such as passwords and banking details by either directly attacking the user's computer system through the process of illegal access or tricking the victim into providing such data. With new approaches constantly emerging, current techniques such as blacklists and other static-based methods become less effective and, thus, should be supplemented with new technologies involving artificial intelligence. The objective of this research paper is to develop a system capable of detecting phishing websites with the use of machine learning techniques. The proposed methodology will include the application of experimentally-based techniques. To start with, data gathering from public resources and its preparation will be performed. In the following stage, the effectiveness of multiple models will be tested and compared to determine the best approach to detecting phishing websites. Three models will be designed including a natural language processing-based Bidirectional encoder representations from transformers (BERT) model, convolutional neural network with an attention mechanism model (Convolution Neural Network (CNN) + Attention) and the Random Forest classifier. It appears from the results obtained that the BERT model performed better compared to other models due to its high accuracy and recall rate; however, it possessed a very low level of false positives. It is noteworthy that the CNN+Attention model provides a compromise in terms of accuracy rate and effectiveness of the classifying procedure. Additionally, SHapley Additive exPlanations (SHAP) and Local Interpretable Model-agnostic Explanations (LIME), which are considered interpretable models, have been used in order to reveal what aspects were used by the model to conclude about a certain message being a phishing one. Based on the above outcomes, it can be inferred that using deep learning algorithms along with Natural Language Processing (NLP) techniques is a successful method for detecting phishing attacks. The importance of interpretation and implementation in order to increase efficiency of intelligent systems in reality is also highlighted here.