A Pioneering Study and An Innovative Information Theory-based Approach to Enhance The Transparency in Phishing Detection

Phishing attacks have become a serious and challenging issue for detection, explanation, and defense. Despite more than a decade of research on phishing, encompassing both technical and non-technical remedies, phishing continues to be a serious problem. Nowadays, AI-based phishing detection stands out as one of the most effective solutions for defending against phishing attacks by providing vulnerability (i.e., phishing or benign) predictions for the data. However, it lacks explainability in terms of providing comprehensive interpretations for the predictions, such as identifying the specific information that causes the data to be classified as phishing. To this end, we propose an innovative deep learning-based approach for email (the most common phishing way) phishing attack localization. Our method can not only predict the vulnerability of the email data but also automatically figure out and highlight the most important and phishing-relevant information (i.e., sentences) in each phishing email. The selected information indicates useful explanations for the vulnerability of the phishing email data. The rigorous experiments on seven real-world email datasets show the effectiveness and advancement of our proposed method in providing comprehensive explanations (by successfully figuring out the most important and phishing-relevant information in phishing emails) for the vulnerability of corresponding phishing data with higher performances from nearly (1% to 3%) and (1% to 4%) in two main Label-Accuracy and Cognitive-True-Positive measures, respectively, compared to the state-of-the-art potential baselines.