Towards Improving Phishing Detection System Using Human in the Loop Deep Learning Model

Phishing attacks are cyber attacks that deceive victims into revealing sensitive information or downloading malware. They serve as a gateway to various malware attacks, including ransomware attacks. These attacks cause millions of dollars in losses for individuals and organizations annually. The frequency of phishing attacks continues to rise, with attackers constantly developing new techniques to bypass detection systems. One example is hidden malicious links within seemingly legitimate web pages, making them difficult for humans to detect, such as browser-in-the-browser attacks (BiTB). Therefore, relying solely on fixed detection systems can make one vulnerable to phishing attacks. Therefore, the critical need for a system that can continuously improve over time arises. This paper proposes enhancing a detection system by incorporating human feedback. To achieve this, we have designed a human-in-the-loop deep learning active system that uses human feedback to enhance the model's performance. We use PhishTransformer as our initial model. We then gathered new data for testing and accessed it through our browser extension. Subsequently, we collect new data for each version of the model. The initial model is retrained three times with the new data, saving the model after each iteration. We then retest the model using the test data and train the next version. The evaluation of each model version is based on the following metrics: accuracy, loss, precision, recall, and F1 score. Our model shows an improvement of around 5% of all metrics from the base model into the Version 3 model.