Manguli, K.Kondaiah, C.Pais, A.R.Rao, R.S.2026-02-032025Journal of Information Security and Applications, 2025, 94, , pp. -22142134https://doi.org/10.1016/j.jisa.2025.104216https://idr.nitk.ac.in/handle/123456789/20007Phishing has increased substantially over the last few years, with cybercriminals deceiving users via spurious websites or confusing mails to steal confidential data like username and password. Even with browser-integrated security indicators like HTTPS prefixes and padlock symbols, new phishing strategies have circumvented these security features. This paper proposes GraPhish, a novel graph-based phishing detection framework that leverages encrypted TLS traffic features. We constructed an in-house dataset and proposed an effective method for graph generation based solely on TLS-based features. Our model performs better than traditional machine learning algorithms. GraPhish achieved an accuracy of 94.82%, a precision of 96.28%, a recall of 92.11%, and an improved AUC-ROC score of 98.29%. © 2025 Elsevier LtdComputer crimeCryptographyGraph neural networksHTTPLearning algorithmsLearning systemsMachine learningNetwork securityPhishingSeebeck effectConfidential dataCybercriminalsDetection frameworkGraph-basedGraphishPhishing detectionsSecurity featuresTLS featureGraphic methods