AbstractPhishing attacks remain one of the most prevalent and damaging cybersecurity threats,exploiting deceptive emails and malicious URLs to compromise sensitive information. Asphishing strategies continue to evolve, traditional rule-based detection systems have proveninsufficient, leading to increased adoption of machine learning (ML) and deep learning (DL)approaches. Nevertheless, existing studies indicate that no single algorithm consistentlyperforms well across different phishing modalities. This paper presents a hybrid phishing detection framework that integrates ML and DL techniques to effectively address email-based and URL-based phishing attacks. Using publicly available benchmark datasets, a range of ML and DL models are evaluated within a unified experimental framework. The resultsdemonstrate that deep learning models are particularly effective for phishing email detection,with the Bidirectional Gated Recurrent Unit (Bi-GRU) achieving the highest performancedue to its ability to model bidirectional contextual dependencies in textual data. Conversely,for URL-based phishing detection, traditional ML models outperform deep learningarchitectures, with XGBoost delivering the best overall results by capturing non-linearrelationships among engineered URL features. These findings highlight the importance ofmodality-aware model selection and confirm that a one-size-fits-all approach is inadequate.The proposed hybrid framework offers a robust and reproducible solution for real-worldphishing detection systems.
Akthar Shaheda Blessington Naveen Palaparthi (Wed,) studied this question.