IEEE Access (Jan 2024)
Enhancing Smishing Detection: A Deep Learning Approach for Improved Accuracy and Reduced False Positives
Abstract
The widespread use of smartphones and their constant connection to the Internet makes them vulnerable to phishing attacks. Phishing is the act of sending malicious content such as emails to unsuspecting individuals. Smishing, a hybrid of Short Message Service (SMS) and phishing is a well-known cybersecurity problem in which attackers send malicious SMS messages to their targets. This practice is deceptive and aims to mislead individuals into exposing personal information or completing certain activities through text messages. Although researchers have presented various techniques to detect smishing, there is still a lack of methods to significantly reduce false-positive predictions, which are incorrect classifications of legitimate messages as malicious. The proposed method leverages the effectiveness of deep learning to automatically extract significant features from text messages to determine whether it is smish or legitimate. Comparative analysis is performed with traditional machine learning models to highlight the superiority of deep learning models in smishing attack detection. This work aggregates Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM). Results reveal that the proposed CNN-LSTM architecture shows robust performance by achieving a 0.9974 accuracy score and a high precision score, indicating a low number of false positives in detecting smishing attacks. The model also demonstrated high recall and F1-score, indicating robust performance. The proposed method has a lot of real-world implications, such as helping to design proactive defence mechanisms against smishing attacks and improving cybersecurity in the mobile communication sector.
Keywords