<![CDATA[Phishing is one of the most prevalent and damaging cyberattacks globally, exploiting social engineering techniques to deceive users into revealing sensitive information. The increasing sophistication of phishing attacks demands detection models that are both accurate and interpretable. This study proposes an Explainable Deep Learning model that combines Convolutional Neural Network (CNN) and Bidirectional Long Short-Term Memory (BiLSTM) architectures to detect phishing attacks effectively. The model is trained using datasets from PhishTank and the UCI Machine Learning Repository, with preprocessing steps involving normalization, categorical encoding, and class balancing through the Synthetic Minority Oversampling Technique (SMOTE). To enhance model transparency, the SHapley Additive Explanations (SHAP) method is integrated, providing insights into the feature contributions that influence model predictions. Experimental results demonstrate that the proposed CNN + BiLSTM model achieves superior performance with an accuracy of 98.45%, precision of 97.80%, recall of 98.60%, F1-score of 98.20%, and an AUC-ROC value of 0.992, outperforming baseline models such as Support Vector Machine and Random Forest. The SHAP analysis identifies key influencing features, including HTTPS usage, URL length, domain age, and IP address presence, which contribute significantly to classification decisions. Overall, the integration of explainability enhances the model’s transparency and user trust, offering a reliable approach for developing intelligent phishing detection systems that support cybersecurity operations and forensic audits. The findings demonstrate that integrating explainability into deep learning improves both accuracy and interpretability in phishing detection tasks.]]>
Copyrights © 2025
