{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T09:37:45Z","timestamp":1774517865640,"version":"3.50.1"},"reference-count":54,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2024,5,6]],"date-time":"2024-05-06T00:00:00Z","timestamp":1714953600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Internet Technol."],"published-print":{"date-parts":[[2024,5,31]]},"abstract":"<jats:p>Phishing attacks reached a record high in 2022, as reported by the Anti-Phishing Work Group, following an upward trend accelerated during the pandemic. Attackers employ increasingly sophisticated tools in their attempts to deceive unaware users into divulging confidential information. Recently, the research community has turned to the utilization of screenshots of legitimate and malicious websites to identify the brands that attackers aim to impersonate. In the field of Computer Vision, convolutional neural networks (CNNs) have been employed to analyze the visual rendering of websites, addressing the problem of phishing detection. However, along with the development of these new models, arose the need to understand their inner workings and the rationale behind each prediction. Answering the question, \u201cHow is this website attempting to steal the identity of a well-known brand?\u201d becomes crucial when protecting end-users from such threats. In cybersecurity, the application of explainable AI (XAI) is an emerging approach that aims to answer such questions. In this article, we propose VORTEX, a phishing website detection solution equipped with the capability to explain how a screenshot attempts to impersonate a specific brand. We conduct an extensive analysis of XAI methods for the phishing detection problem and demonstrate that VORTEX provides meaningful explanations regarding the detection results. Additionally, we evaluate the robustness of our model against Adversarial Example attacks. We adapt these attacks to the VORTEX architecture and evaluate their efficacy across multiple models and datasets. Our results show that VORTEX achieves superior accuracy compared to previous models, and learns semantically meaningful patterns to provide actionable explanations about phishing websites. Finally, VORTEX demonstrates an acceptable level of robustness against adversarial example attacks.<\/jats:p>","DOI":"10.1145\/3654665","type":"journal-article","created":{"date-parts":[[2024,3,28]],"date-time":"2024-03-28T11:18:13Z","timestamp":1711624693000},"page":"1-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["VORTEX : Visual phishing detectiOns aRe Through EXplanations"],"prefix":"10.1145","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6926-9620","authenticated-orcid":false,"given":"Fabien","family":"Charmet","sequence":"first","affiliation":[{"name":"National Institute of Information and Communications Technology, Koganei, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7822-3672","authenticated-orcid":false,"given":"Tomohiro","family":"Morikawa","sequence":"additional","affiliation":[{"name":"University of Hyogo, Kobe, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2623-8151","authenticated-orcid":false,"given":"Akira","family":"Tanaka","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology, Koganei, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6477-7770","authenticated-orcid":false,"given":"Takeshi","family":"Takahashi","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology, Koganei, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,5,6]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"(n.d.). Google Safe Browsing. Last Accessed date October 6 2023 from https:\/\/safebrowsing.google.com\/"},{"key":"e_1_3_1_3_2","unstructured":"(n.d.). OpenPhish. Last Accessed date October 6 2023 from https:\/\/openphish.com\/"},{"key":"e_1_3_1_4_2","unstructured":"(n.d.). PhishTank. Last Accessed date October 6 2023 from https:\/\/phishtank.org\/"},{"key":"e_1_3_1_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417233"},{"key":"e_1_3_1_6_2","doi-asserted-by":"publisher","DOI":"10.1002\/ett.4150"},{"key":"e_1_3_1_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/SSCI50451.2021.9659888"},{"key":"e_1_3_1_8_2","doi-asserted-by":"publisher","DOI":"10.3390\/app11115088"},{"key":"e_1_3_1_9_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2021.115736"},{"key":"e_1_3_1_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3237798"},{"key":"e_1_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58539-6_33"},{"key":"e_1_3_1_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISDFS.2016.7473534"},{"key":"e_1_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3204171"},{"key":"e_1_3_1_14_2","first-page":"1","article-title":"Explainable artificial intelligence for cybersecurity: A literature survey","author":"Charmet Fabien","year":"2022","unstructured":"Fabien Charmet, Harry Chandra Tanuwidjaja, Solayman Ayoubi, Pierre-Fran\u00e7ois Gimenez, Yufei Han, Houda Jmila, Gregory Blanc, Takeshi Takahashi, and Zonghua Zhang. 2022. Explainable artificial intelligence for cybersecurity: A literature survey. Annals of Telecommunications (2022), 1\u201324.","journal-title":"Annals of Telecommunications"},{"key":"e_1_3_1_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/WACV.2018.00097"},{"key":"e_1_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/1754393.1754394"},{"key":"e_1_3_1_17_2","volume-title":"Proceedings of the 37th International Conference on Machine Learning (ICML\u201920)","author":"Croce Francesco","year":"2020","unstructured":"Francesco Croce and Matthias Hein. 2020. Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks. In Proceedings of the 37th International Conference on Machine Learning (ICML\u201920). JMLR.org, Article 206, 11 pages."},{"key":"e_1_3_1_18_2","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v36i1.19929"},{"key":"e_1_3_1_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2006.50"},{"key":"e_1_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1002\/qre.2939"},{"key":"e_1_3_1_21_2","unstructured":"Ian J. Goodfellow Jonathon Shlens and Christian Szegedy. 2014. Explaining and harnessing adversarial examples. arXiv:1412.6572. Retrieved from https:\/\/arxiv.org\/abs\/1412.6572"},{"key":"e_1_3_1_22_2","first-page":"20230","volume-title":"Proceedings of the 35th Conference on Neural Information Processing Systems 2021, NeurIPS 2021","author":"He Jiabo","year":"2021","unstructured":"Jiabo He, Sarah M. Erfani, Xingjun Ma, James Bailey, Ying Chi, and Xian-Sheng Hua. 2021. Alpha-IoU: A family of power intersection over union losses for bounding box regression. In Proceedings of the 35th Conference on Neural Information Processing Systems 2021, NeurIPS 2021. 20230\u201320242."},{"key":"e_1_3_1_23_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.1109\/OJCOMS.2022.3188750"},{"key":"e_1_3_1_25_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102198"},{"key":"e_1_3_1_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIP.2021.3089943"},{"key":"e_1_3_1_27_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.caeai.2022.100074"},{"key":"e_1_3_1_28_2","unstructured":"Hung Le Quang Pham Doyen Sahoo and Steven CH Hoi. 2018. URLNet: Learning a URL representation with deep learning for malicious URL detection. arXiv:1802.03162. Retrieved from https:\/\/arxiv.org\/abs\/1802.03162"},{"key":"e_1_3_1_29_2","first-page":"3793","volume-title":"Proceedings of the 30th USENIX Security Symposium (USENIX Security \u201921)","author":"Lin Yun","year":"2021","unstructured":"Yun Lin, Ruofan Liu, Dinil Mon Divakaran, Jun Yang Ng, Qing Zhou Chan, Yiwen Lu, Yuxuan Si, Fan Zhang, and Jin Song Dong. 2021. Phishpedia: A hybrid deep learning based approach to visually identify phishing webpages. In Proceedings of the 30th USENIX Security Symposium (USENIX Security \u201921). USENIX Association, 3793\u20133810. Retrieved fromhttps:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/lin"},{"key":"e_1_3_1_30_2","first-page":"1633","volume-title":"Proceedings of the 31st USENIX Security Symposium (USENIX Security \u201922)","author":"Liu Ruofan","year":"2022","unstructured":"Ruofan Liu, Yun Lin, Xianglin Yang, Siang Hwee Ng, Dinil Mon Divakaran, and Jin Song Dong. 2022. Inferring phishing intention via webpage appearance and dynamics: A deep vision based approach. In Proceedings of the 31st USENIX Security Symposium (USENIX Security \u201922). USENIX Association, Boston, MA, 1633\u20131650. Retrieved fromhttps:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/liu-ruofan"},{"key":"e_1_3_1_31_2","article-title":"A unified approach to interpreting model predictions","author":"Lundberg Scott M.","year":"2017","unstructured":"Scott M. Lundberg and Su-In Lee. 2017. A unified approach to interpreting model predictions. In Proceedings of the 31st International Conference on Neural Information Processing Systems.","journal-title":"Proceedings of the 31st International Conference on Neural Information Processing Systems"},{"key":"e_1_3_1_32_2","unstructured":"Aleksander Madry Aleksandar Makelov Ludwig Schmidt Dimitris Tsipras and Adrian Vladu. 2017. Towards deep learning models resistant to adversarial attacks. arXiv:1706.06083. Retrieved from https:\/\/arxiv.org\/abs\/1706.06083"},{"key":"e_1_3_1_33_2","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2018.8376206"},{"key":"e_1_3_1_34_2","first-page":"983","volume-title":"Proceedings of the IEEE\/CVF Winter Conference on Applications of Computer Vision","year":"2020","unstructured":"Saurabh Desai and Harish G. Ramaswamy. 2020. Ablation-cam: Visual explanations for deep convolutional network via gradient-free localization. In Proceedings of the IEEE\/CVF Winter Conference on Applications of Computer Vision. 983\u2013991."},{"key":"e_1_3_1_35_2","article-title":"Faster R-CNN: Towards real-time object detection with region proposal networks","author":"Ren Shaoqing","year":"2015","unstructured":"Shaoqing Ren, Kaiming He, Ross Girshick, and Jian Sun. 2015. Faster R-CNN: Towards real-time object detection with region proposal networks. InProceedings of the 28th International Conference on Neural Information Processing Systems.","journal-title":"Proceedings of the 28th International Conference on Neural Information Processing Systems"},{"key":"e_1_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2019.00075"},{"key":"e_1_3_1_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/2939672.2939778"},{"key":"e_1_3_1_38_2","first-page":"18770","volume-title":"Proceedings of the International Conference on Machine Learning, ICML 2022","volume":"162","author":"Rong Yao","year":"2022","unstructured":"Yao Rong, Tobias Leemann, Vadim Borisov, Gjergji Kasneci, and Enkelejda Kasneci. 2022. A consistent and efficient evaluation strategy for attribution methods. In Proceedings of the International Conference on Machine Learning, ICML 2022. Vol. 162, PMLR, 18770\u201318795."},{"key":"e_1_3_1_39_2","unstructured":"Yao Rong Tobias Leemann Vadim Borisov Gjergji Kasneci and Enkelejda Kasneci. 2022. A consistent and efficient evaluation strategy for attribution methods. arXiv:2202.00449. Retrieved from https:\/\/arxiv.org\/abs\/2202.00449"},{"key":"e_1_3_1_40_2","unstructured":"Doyen Sahoo Chenghao Liu and Steven C. H. Hoi. 2017. Malicious URL detection using machine learning: A survey. arXiv:1701.07179. Retrieved from https:\/\/arxiv.org\/abs\/1701.07179"},{"key":"e_1_3_1_41_2","doi-asserted-by":"crossref","unstructured":"Mohanad Sarhan Siamak Layeghy and Marius Portmann. 2022. Evaluating standard feature sets towards increased generalisability and explainability of ML-based network intrusion detection. Big Data Res. 30 (2022) 100359.","DOI":"10.1016\/j.bdr.2022.100359"},{"key":"e_1_3_1_42_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2015.7298682"},{"key":"e_1_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2017.74"},{"key":"e_1_3_1_44_2","article-title":"Adversarial training for free! In","author":"Shafahi Ali","year":"2019","unstructured":"Ali Shafahi, Mahyar Najibi, Mohammad Amin Ghiasi, Zheng Xu, John Dickerson, Christoph Studer, Larry S. Davis, Gavin Taylor, and Tom Goldstein. 2019. Adversarial training for free! In Proceedings of the 33rd International Conference on Neural Information Processing Systems.","journal-title":"Proceedings of the 33rd International Conference on Neural Information Processing Systems"},{"key":"e_1_3_1_45_2","unstructured":"Gautam Srivastava Rutvij H. Jhaveri Sweta Bhattacharya Sharnil Pandya Rajeswari Praveen Kumar Reddy Maddikunta Gokul Yenduri Jon G. Hall Mamoun Alazab and Thippa Reddy Gadekallu. 2022. XAI for cybersecurity: State of the art challenges open issues and future directions. arXiv:2206.03585. Retrieved from https:\/\/arxiv.org\/abs\/2206.03585"},{"key":"e_1_3_1_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/3517745.3561467"},{"key":"e_1_3_1_47_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-58586-0_27"},{"key":"e_1_3_1_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2020.3027314"},{"issue":"11","key":"e_1_3_1_49_2","article-title":"Visualizing data using t-SNE.","volume":"9","author":"Maaten Laurens Van der","year":"2008","unstructured":"Laurens Van der Maaten and Geoffrey Hinton. 2008. Visualizing data using t-SNE. Journal of Machine Learning Research 9, 11 (2008), 2579\u20132605.","journal-title":"Journal of Machine Learning Research"},{"key":"e_1_3_1_50_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.media.2022.102470"},{"key":"e_1_3_1_51_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPRW50498.2020.00020"},{"key":"e_1_3_1_52_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2988359"},{"key":"e_1_3_1_53_2","unstructured":"Yisen Wang Xingjun Ma James Bailey Jinfeng Yi Bowen Zhou and Quanquan Gu. 2021. On the convergence and robustness of adversarial training. arXiv:2112.08304. Retrieved from https:\/\/arxiv.org\/abs\/2112.08304"},{"key":"e_1_3_1_54_2","unstructured":"Yuxin Wu Alexander Kirillov Francisco Massa Wan-Yen Lo and Ross Girshick. 2019. Detectron2. Retrieved October 6 2023 from https:\/\/github.com\/facebookresearch\/detectron2"},{"key":"e_1_3_1_55_2","doi-asserted-by":"publisher","DOI":"10.1002\/int.22458"}],"container-title":["ACM Transactions on Internet Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3654665","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3654665","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:06:10Z","timestamp":1750291570000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3654665"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,6]]},"references-count":54,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,5,31]]}},"alternative-id":["10.1145\/3654665"],"URL":"https:\/\/doi.org\/10.1145\/3654665","relation":{},"ISSN":["1533-5399","1557-6051"],"issn-type":[{"value":"1533-5399","type":"print"},{"value":"1557-6051","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,5,6]]},"assertion":[{"value":"2023-10-06","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-03-23","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-05-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}