Neuro-Symbolic Integration for Detecting Phishing Attacks

Abstract

Phishing attack is a type of social engineering attack often used to steal user's data, including login credential and credit card numbers. Unsuspecting users visit a website via compromised URL and become victims of devastating loss, unaware of what they are doing. Considering the fatality of phishing attacks that are emphasized by many organizations, the inductive learning approach using reported malicious URLs has been verified in the field of deep learning. The deep learning-based methods, mainly focused on the fitting of a classification task via historical URL observations, have a limitation of recall due to the extremely diverse set of phishing URLs. In the field of the information security, an experienced engineer can cope with the phishing attacks by leveraging the stereotype. To detect phishing attacks, an approach that utilizes expert knowledge is promising. Phishing URL patterns from cyber security experts, Keyword index, Length difference between phishing and benign URLs, and Distribution difference of characters constituting phishing and benign URLs. The pattern information has been utilized to detect phishing URLs in cyber security field. Therefore, the expert knowledge can be used to prevent phishing attacks. We propose a novel integration method of deep learning and logic programmed domain knowledge to use the real-world constraints. We design neural and logic classifiers and propose the joint learning method of each component based on the traditional neuro-symbolic integration.

Document Details

Document Type

Technical Report

Publication Date

Dec 12, 2023

Accession Number

AD1226684

Entities

Tags