Hybrid Deep Learning and Machine Learning Approaches for Phishing URL Detection: Enhancing Cybersecurity Against Evolving Threats

Phishing is one of the earliest cybersecurity attacks, in which the attackers approach the victims by pretending to be a genuine source in order to obtain sensitive credentials and monetary data. Phishing attacks made the conventional detection methods ineffective, and new-age approaches using machine learning (ML) and deep learning (DL) are necessary. This paper presents a hybrid methodology employing ML and DL methods for detecting phishing URLs in URL-based filtering methods. Throughout this work, the PILU-90K dataset of login and index pages' URLs from genuine and phishing websites is introduced. We test the model's time effect after retraining over different year periods of data and illustrate that its performance weakens as older data is more employed. Our method is to apply time-frequency analysis, TF-IDF feature extraction, and a logistic regression model and obtain a detection rate of 98.50% on the embedded login URL dataset. We also offer a detailed examination of existing phishing trends with an emphasis on the changing methods adopted by cybercriminals. The hybrid model proposed enhances security levels in cyber threat defense through increased phishing detection efficacy and potency. This research encourages the development of smart cybersecurity solutions that evolve with the dynamic nature of phishing attack scenarios.