{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T11:03:11Z","timestamp":1778065391507,"version":"3.51.4"},"reference-count":148,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"University of Pavia through the CRUI-CARE Agreement"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2023]]},"DOI":"10.1109\/access.2023.3247135","type":"journal-article","created":{"date-parts":[[2023,2,28]],"date-time":"2023-02-28T18:52:46Z","timestamp":1677610366000},"page":"18499-18519","source":"Crossref","is-referenced-by-count":132,"title":["Phishing or Not Phishing? A Survey on the Detection of Phishing Websites"],"prefix":"10.1109","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5383-2738","authenticated-orcid":false,"given":"Rasha","family":"Zieni","sequence":"first","affiliation":[{"name":"Department of Electrical, Computer and Biomedical Engineering, Universit&#x00E0; di Pavia, Pavia, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3924-8316","authenticated-orcid":false,"given":"Luisa","family":"Massari","sequence":"additional","affiliation":[{"name":"Department of Electrical, Computer and Biomedical Engineering, Universit&#x00E0; di Pavia, Pavia, Italy"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1015-3142","authenticated-orcid":false,"given":"Maria Carla","family":"Calzarossa","sequence":"additional","affiliation":[{"name":"Department of Electrical, Computer and Biomedical Engineering, Universit&#x00E0; di Pavia, Pavia, Italy"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00021"},{"key":"ref2","volume-title":"Cybersecurity for SMEs\u2014Challenges and Recommendations","year":"2021"},{"key":"ref3","volume-title":"Cyber Security Threat Trends: Phishing, Crypto Top the List","year":"2021"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijhcs.2015.05.005"},{"key":"ref5","volume-title":"Phishing Activity Trends Report-1Q","year":"2022"},{"key":"ref6","volume-title":"Uniform Resource Identifier (URI): Generic Syntax","author":"Berners-Lee","year":"2005"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2018.03.050"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-017-0334-z"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2018.05.003"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-13-9155-2_5"},{"key":"ref11","article-title":"Malicious URL detection using machine learning: A survey","author":"Sahoo","year":"2017","journal-title":"arXiv:1701.07179"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101613"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1674"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-020-00733-2"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2957750"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2752087"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1155\/2017\/5421046"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.032213.00009"},{"key":"ref19","volume-title":"Google Safe Browsing","year":"2022"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3373017.3373020"},{"key":"ref21","first-page":"1","article-title":"An empirical analysis of phishing blacklists","volume-title":"Proc. 6th Conf. Email AntiSpam (CEAS)","author":"Sheng"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00049"},{"key":"ref23","first-page":"379","article-title":"PhishTime: Continuous longitudinal measurement of the effectiveness of anti-phishing blacklists","volume-title":"Proc. 29th USENIX Secur. Symp.","author":"Oest"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102328"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/1456424.1456434"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2012.02.020"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-016-0034-3"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2662362"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2010.5462216"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-72598-7_20"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/AICCSA.2008.4493625"},{"key":"ref32","first-page":"1","article-title":"Large-scale automatic classification of phishing pages","volume-title":"Proc. Netw. Distrib. Syst. Secur. Symp. (NDSS)","author":"Whittaker"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15497-3_17"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1016\/j.jksuci.2017.07.005"},{"key":"ref35","volume-title":"PhishTank","year":"2022"},{"key":"ref36","volume-title":"Curlie","year":"2022"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/ICSC.2011.52"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.3390\/sym12101681"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2009.59"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/1754393.1754394"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/CHINACOM.2006.344718"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.07.006"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/ICIMP.2010.24"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2006.50"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/CICYBS.2009.4925087"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/TENCON.2010.5686582"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2020.3006477"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-02617-1_28"},{"key":"ref49","first-page":"3793","article-title":"Phishpedia: A hybrid deep learning based approach to visually identify phishing webpages","volume-title":"Proc. 30th USENIX Secur. Symp.","author":"Lin"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2006.23"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/INCoS.2013.151"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2743528"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1145\/1460877.1460905"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/seccom.2007.4550367"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2015.04.230"},{"issue":"3","key":"ref56","first-page":"231","article-title":"Web phishing detection based on page spatial layout similarity","volume":"37","author":"Zhang","year":"2013","journal-title":"Informatica"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242659"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom.2014.28"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-39916-2_3"},{"key":"ref60","volume-title":"Digital Image Processing","author":"Gonzalez","year":"2018"},{"key":"ref61","volume-title":"Computer Vision: Algorithms and Applications","author":"Szeliski","year":"2010"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1023\/b:visi.0000029664.99615.94"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1007\/11744023_32"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2008.03.013"},{"issue":"2","key":"ref65","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1023\/A:1026543900054","article-title":"The Earth mover\u2019s distance as a metric for image retrieval","volume":"40","author":"Rubner","year":"2000","journal-title":"Int. J. Comput. Vis."},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1145\/1866423.1866434"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66402-6_22"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2015.7120795"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314391"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.10.004"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-017-0414-0"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1145\/1099554.1099649"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2011.5934995"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2018.11.004"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1145\/1557019.1557153"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2014.2377295"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-20005-3_4"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1109\/ISI.2018.8587410"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.13"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-017-3305-0"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-020-05354-z"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2018.09.029"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1145\/3205977.3205992"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101793"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278569"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1145\/3041008.3041016"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1145\/2699026.2699115"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1145\/2019599.2019606"},{"key":"ref89","article-title":"Behind phishing: An examination of phisher modi operandi","volume-title":"Proc. 1st USENIX Workshop Large-Scale Exploits Emergent Threats (LEET)","author":"McGrath"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2021.04.023"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-46298-1_30"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1007\/s12652-019-01311-4"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-20951-3_21"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1109\/ICWR.2019.8765265"},{"key":"ref95","article-title":"Detecting malicious web links and identifying their attack types","volume-title":"Proc. 2nd USENIX Conf. Web Appl. Develop.","author":"Choi"},{"key":"ref96","first-page":"492","article-title":"An assessment of features related to phishing websites using an automated technique","volume-title":"Proc. Int. Conf. Internet Technol. Secured Trans.","author":"Mohammad"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2018.07.067"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2011.01.046"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2009.05.023"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102421"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1186\/s13638-019-1361-0"},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1109\/TNN.2011.2161999"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2017.2703808"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1007\/s12652-018-0798-z"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101855"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/ISMSIT.2018.8567299"},{"key":"ref107","first-page":"1157","article-title":"An introduction to variable and feature selection","volume":"3","author":"Guyon","year":"2003","journal-title":"J. Mach. Learn. Res."},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2017.7945048"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1109\/CCWC47524.2020.9031269"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2019.0006"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-018-3084-2"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31087-4_27"},{"key":"ref113","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2019.01.064"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3124628"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1049\/iet-ifs.2013.0202"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1007\/s13278-021-00829-w"},{"key":"ref117","volume-title":"Machine Learning","author":"Mitchell","year":"1997"},{"key":"ref118","volume-title":"Machine Learning: A Probabilistic Perspective","author":"Murphy","year":"2012"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1016\/j.neucom.2021.04.112"},{"key":"ref120","volume-title":"Deep Learning","author":"Goodfellow","year":"2016"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.3390\/electronics10111285"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2991403"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1109\/LCN48667.2020.9314775"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1007\/s11280-016-0418-9"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3013699"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1145\/1553374.1553462"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1145\/1961189.1961202"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417233"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.3390\/electronics9091514"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom\/BigDataSE.2019.00024"},{"key":"ref131","article-title":"URLNet: Learning a URL representation with deep learning for malicious URL detection","author":"Le","year":"2018","journal-title":"arXiv:1802.03162"},{"key":"ref132","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN48605.2020.9207707"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1007\/s12046-020-01392-4"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.1155\/2019\/2595794"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2020.107275"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102372"},{"key":"ref137","doi-asserted-by":"publisher","DOI":"10.1016\/j.neunet.2020.02.013"},{"key":"ref138","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2892066"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22263-5_32"},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/8694796"},{"key":"ref141","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-020-04830-w"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.3390\/s19194258"},{"key":"ref143","doi-asserted-by":"publisher","DOI":"10.5121\/ijnsa.2020.12304"},{"key":"ref144","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2969780"},{"key":"ref145","volume-title":"UCI machine learning repository","author":"Dua","year":"2019"},{"key":"ref146","volume-title":"Phishing Dataset for Machine Learning: Feature Evaluation","author":"Tan","year":"2018"},{"key":"ref147","volume-title":"Phishing Websites Dataset","author":"Vrban\u010di\u010d","year":"2020"},{"key":"ref148","doi-asserted-by":"publisher","DOI":"10.1016\/j.dib.2020.106438"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6287639\/10005208\/10049452.pdf?arnumber=10049452","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,14]],"date-time":"2024-03-14T03:06:39Z","timestamp":1710385599000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10049452\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"references-count":148,"URL":"https:\/\/doi.org\/10.1109\/access.2023.3247135","relation":{},"ISSN":["2169-3536"],"issn-type":[{"value":"2169-3536","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]}}}