PWDGAN: Generating Adversarial Malicious URL Examples for Deceiving Black-Box Phishing Website Detector using GANs

In recent years, the Internet has witnessed a significant increase in phishing attacks. These attacks are not merely deceiving Internet users to get their sensitive information, but phishing attacks are developing more and more sophisticated, using many new techniques to try to bypass the traditional defense solution. With the help of machine learning and deep learning algorithms, there are researched solutions and software products to help improve the ability to detect phishing attacks. In this article, we build a model based on generative adversarial network (GAN) - a deep learning-based framework to conduct black-box attacks using Phishtank and Alexa datasets that try to evade and bypass ML-based phishing detectors. We apply PWDGAN to carry out the attacks against the ML-based black-box classifiers and then deceive successfully these detectors with the rate of detecting malicious samples value of approximately 0% after 500 training epochs. The results of the paper demonstrate the effectiveness of GAN adoption in creating new patterns that can evade and bypass phishing detectors. These newly generated patterns can serve as material for future research in phishing website detection and improve the ability to detect novel anomaly attacks.

Automated summary

In recent years, there has been a significant increase in phishing attacks on the Internet, with attackers using increasingly sophisticated techniques to bypass traditional defense solutions. Research has developed solutions and software products to enhance the ability to detect phishing attacks using machine learning and deep learning algorithms. A model based on generative adversarial network (GAN) was built to evade and bypass ML-based phishing detectors, demonstrating the effectiveness of GAN in creating new patterns that can deceive these detectors.