GraPhish: A graph-based approach for phishing detection from encrypted TLS traffic

Simple item page
dc.contributor.authorManguli, K.
dc.contributor.authorKondaiah, C.
dc.contributor.authorPais, A.R.
dc.contributor.authorRao, R.S.
dc.date.accessioned2026-02-03T13:19:18Z
dc.date.issued2025
dc.description.abstractPhishing has increased substantially over the last few years, with cybercriminals deceiving users via spurious websites or confusing mails to steal confidential data like username and password. Even with browser-integrated security indicators like HTTPS prefixes and padlock symbols, new phishing strategies have circumvented these security features. This paper proposes GraPhish, a novel graph-based phishing detection framework that leverages encrypted TLS traffic features. We constructed an in-house dataset and proposed an effective method for graph generation based solely on TLS-based features. Our model performs better than traditional machine learning algorithms. GraPhish achieved an accuracy of 94.82%, a precision of 96.28%, a recall of 92.11%, and an improved AUC-ROC score of 98.29%. © 2025 Elsevier Ltd
dc.identifier.citationJournal of Information Security and Applications, 2025, 94, , pp. -
dc.identifier.issn22142134
dc.identifier.urihttps://doi.org/10.1016/j.jisa.2025.104216
dc.identifier.urihttps://idr.nitk.ac.in/handle/123456789/20007
dc.publisherElsevier Ltd
dc.subjectComputer crime
dc.subjectCryptography
dc.subjectGraph neural networks
dc.subjectHTTP
dc.subjectLearning algorithms
dc.subjectLearning systems
dc.subjectMachine learning
dc.subjectNetwork security
dc.subjectPhishing
dc.subjectSeebeck effect
dc.subjectConfidential data
dc.subjectCybercriminals
dc.subjectDetection framework
dc.subjectGraph-based
dc.subjectGraphish
dc.subjectPhishing detections
dc.subjectSecurity features
dc.subjectTLS feature
dc.subjectGraphic methods
dc.titleGraPhish: A graph-based approach for phishing detection from encrypted TLS traffic

Files

Collections

Journal Articles