DAFPD: The Dynamic and Adaptive Framework for Enhanced Phishing Detection Techniques
Received: 18 June 2025 | Revised: 13 July 2025, 29 July 2025, 31 August 2025, 16 September 2025, 23 September 2025, and 11 October 2025 | Accepted: 13 October 2025 | Online: 14 December 2025
Corresponding author: Sangeeta Srivastava
Abstract
This study introduces the Dynamic and Adaptive Framework for Enhanced Phishing Detection (DAFPD) that uses multi-stage machine learning and deep learning for real-time, explainable phishing detection. DAFPD captures dynamic features (lexical, host-based, content-based, graph-based) and uses transformer models (BERT, RoBERTa) and Graph Neural Networks (GNNs) to accurately contextualize information. Python and Anaconda with PhishTank live dataset were used to perform these experiments. The detection pipeline consists of a light-weight heuristic filter, a deep learning phase with the combination of CNN-LSTM and transformers, and an ensemble learning aided with autoencoder-based zero-day attack anomaly detectors. For on-chain transactions, reinforcement learning (Deep Q-Networks) automatically determines thresholds and features. Explainable AI techniques, such as SHapley Additive exPlanations (SHAP) and Local Interpretable Model-agnostic Explanations (LIME), provide justifications of the model predictions. Enabling cloud services with an "as a service" implementation, DAFPD communicates with Security Information and Event Management (SIEM) to block threats as they occur. The experimental results demonstrate that the DAFPD achieves significantly better performance.
Keywords:
phishing detection, machine learning, Graph Neural Networks (GNNs), anomaly detection, reinforcement learningDownloads
References
R. K. Ayeni, A. A. Adebiyi, J. O. Okesola, and E. Igbekele, "Phishing Attacks and Detection Techniques: A Systematic Review," in 2024 International Conference on Science, Engineering and Business for Driving Sustainable Development Goals, Omu-Aran, Nigeria, Apr. 2024, pp. 1–17. DOI: https://doi.org/10.1109/SEB4SDG60871.2024.10630203
M. Schmitt and I. Flechais, "Digital Deception: Generative Artificial Intelligence in Social Engineering and Phishing," Artificial Intelligence Review, vol. 57, no. 12, Oct. 2024, Art. no. 324. DOI: https://doi.org/10.1007/s10462-024-10973-2
M. Nanda, M. Saraswat, and P. K. Sharma, "Enhancing Cybersecurity: A Review and Comparative Analysis of Convolutional Neural Network Approaches for Detecting URL-based Phishing Attacks," e-Prime - Advances in Electrical Engineering, Electronics and Energy, vol. 8, June 2024, Art. no. 100533. DOI: https://doi.org/10.1016/j.prime.2024.100533
A. Darem, "Anti-Phishing Awareness Delivery Methods," Engineering, Technology & Applied Science Research, vol. 11, no. 6, pp. 7944–7949, Dec. 2021. DOI: https://doi.org/10.48084/etasr.4600
S. K. Gupta, S. Srivastava, and V. Gandotra, "SMISHBAN: Framework for Detecting SMSHING SMS and Phishing Email Using Machine Learning Algorithms," in Innovative Computing and Communications, vol. 1435, A. E. Hassanien, S. Anand, A. Jaiswal, and P. Kumar, Eds. Singapore: Springer Nature Singapore, 2025, pp. 289–301. DOI: https://doi.org/10.1007/978-981-96-6906-6_20
"Phishing Activity Trends Reports," Anti-Phishing Working Group, Mar. 2025. https://apwg.org/trendsreports/.
A. K. Jain and B. B. Gupta, "A Novel Approach to Protect Against Phishing Attacks at Client Side Using Auto-updated White-list," EURASIP Journal on Information Security, vol. 2016, no. 1, Dec. 2016, Art. no. 9. DOI: https://doi.org/10.1186/s13635-016-0034-3
A. A. Akinyelu and A. O. Adewumi, "Classification of Phishing Email Using Random Forest Machine Learning Technique," Journal of Applied Mathematics, vol. 2014, pp. 1–6, 2014. DOI: https://doi.org/10.1155/2014/425731
M. Karthick Kumar and N. Sivakumar, "URL Phishing Attack Detection using Machine Learning Algorithms," in 2024 OPJU International Technology Conference on Smart Computing for Innovation and Advancement in Industry 4.0, Raigarh, India, June 2024, pp. 1–8. DOI: https://doi.org/10.1109/OTCON60325.2024.10687804
M. A. Uddin and I. H. Sarker, "An Explainable Transformer-Based Model for Phishing Email Detection: A Large Language Model Approach." SSRN PrePrint, 2024. DOI: https://doi.org/10.2139/ssrn.4785953
G. Karat, J. M. Kannimoola, N. Nair, A. Vazhayil, V. G. Sujadevi, and P. Poornachandran, "CNN-LSTM Hybrid Model for Enhanced Malware Analysis and Detection," Procedia Computer Science, vol. 233, pp. 492–503, 2024. DOI: https://doi.org/10.1016/j.procs.2024.03.239
S. Ratra, M. Ghosh, N. Baliyan, J. Rashmitha Mohan, and S. Singh, "Graph Neural Network Based Phishing Account Detection in Ethereum," The Computer Journal, vol. 67, no. 12, pp. 3160–3168, Dec. 2024. DOI: https://doi.org/10.1093/comjnl/bxae079
S. Fan, H. Xu, S. Fu, Y. Luo, and M. Xu, "Edge-feature Modeling-based Topological Graph Neural Networks for Phishing Scams Detection on Ethereum," in 2024 IEEE/ACM 32nd International Symposium on Quality of Service, Guangzhou, China, June 2024, pp. 1–10. DOI: https://doi.org/10.1109/IWQoS61813.2024.10682857
H. Kamal, S. Gautam, D. Mehrotra, and M. S. Sharif, "Reinforcement Learning Model for Detecting Phishing Websites," in Cybersecurity and Artificial Intelligence, H. Jahankhani, G. Bowen, M. S. Sharif, and O. Hussien, Eds. Cham, Switzerland: Springer Nature Switzerland, 2024, pp. 309–326. DOI: https://doi.org/10.1007/978-3-031-52272-7_13
S. K. Birthriya, P. Ahlawat, and A. K. Jain, "Phishing URL Detection using Deep Q-Networks with Convolutional Neural Networks," in 2024 International Conference on Intelligent Systems for Cybersecurity, Gurugram, India, May 2024, pp. 1–6. DOI: https://doi.org/10.1109/ISCS61804.2024.10581203
D. Gaspar, P. Silva, and C. Silva, "Explainable AI for Intrusion Detection Systems: LIME and SHAP Applicability on Multi-Layer Perceptron," IEEE Access, vol. 12, pp. 30164–30175, 2024. DOI: https://doi.org/10.1109/ACCESS.2024.3368377
S. K. Gupta, "Experimental Dataset." GitHub, Nov. 2025, [Online]. Available: https://github.com/ProfSudhir/experimental-dataset.
A. A. Albishri and M. M. Dessouky, "A Comparative Analysis of Machine Learning Techniques for URL Phishing Detection," Engineering, Technology & Applied Science Research, vol. 14, no. 6, pp. 18495–18501, Dec. 2024. DOI: https://doi.org/10.48084/etasr.8920
Downloads
How to Cite
License
Copyright (c) 2025 Sudhir Kumar Gupta, Sangeeta Srivastava, Vandana Gandotra
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
