{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T11:13:00Z","timestamp":1780053180634,"version":"3.54.0"},"reference-count":48,"publisher":"Frontiers Media SA","license":[{"start":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T00:00:00Z","timestamp":1751932800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["frontiersin.org"],"crossmark-restriction":true},"short-container-title":["Front. Commun. Netw."],"abstract":"<jats:sec><jats:title>Introduction<\/jats:title><jats:p>The rapid growth of advanced networking causes a significant increase in malicious threats to website data for accessing user information via phishing attacks. For the detection of phishing attacks, many works are developed based on a single data source. But, detecting the phishing attacks of different web sources was not concentrated in any of the existing works. Thus, multiple data sources, including SMS, E-Mail, and URL links, are used in this paper to detect and mitigate phishing attacks.<\/jats:p><\/jats:sec><jats:sec><jats:title>Methods<\/jats:title><jats:p>Initially, the input data is collected from the SMS, E-Mail, and URL datasets. The contents and URLs are extracted from the datasets. Next, the textual analysis, including behavioral analysis and structural analysis, is carried out on the extracted URL. Moreover, by utilizing the Entropy Macqueen-based Bidirectional Encoder Representations from Transformers (EM-BERT) algorithm, the contents extracted from SMS and E-Mail datasets and the textually analyzed characters of the URL are transformed into vector form. Simultaneously, the CSS files and images are obtained from the URL dataset. Then, by utilizing Spherical Principal Component Analysis (SPCA), the features are extracted. Further, the optimal features are chosen by using the Cauchy distribution-based Seagull Optimization Algorithm (CSOA). Next, the phishing attack is detected using the Explainable AI SERF CoLU Long Short Term Memory (EAI-SC-LSTM) model. The recognized phishing data and URL are updated to the Blacklist; hence, any new URL, which is already on Blacklist, is reported to the user.<\/jats:p><\/jats:sec><jats:sec><jats:title>Results<\/jats:title><jats:p>As per the experimental outcomes, the proposed EAI-SC-LSTM attains accuracies of 99.627% for SSC, 99.645% for PEC, and 99.541% for WPD in phishing attack detection, which are higher than the existing works. Moreover, the proposed technique detects the phishing attack within a training time of 24417 ms (PEC Dataset).<\/jats:p><\/jats:sec><jats:sec><jats:title>Discussion<\/jats:title><jats:p>Thus, cybersecurity is improved against the evolving phishing threats.<\/jats:p><\/jats:sec>","DOI":"10.3389\/frcmn.2025.1587654","type":"journal-article","created":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T05:28:30Z","timestamp":1751952510000},"update-policy":"https:\/\/doi.org\/10.3389\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Multimodal framework for phishing attack detection and mitigation through behavior analysis using EM-BERT and SPCA-BASED EAI-SC-LSTM"],"prefix":"10.3389","volume":"6","author":[{"given":"Mahmoud","family":"Murhej","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"G.","family":"Nallasivan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1965","published-online":{"date-parts":[[2025,7,8]]},"reference":[{"key":"B1","doi-asserted-by":"publisher","first-page":"41574","DOI":"10.1109\/ACCESS.2022.3166474","article-title":"Phishing classification techniques: a systematic literature review","volume":"10","author":"Abdillah","year":"2022","journal-title":"IEEE Access"},{"key":"B2","first-page":"1","article-title":"Using Classical Machine Learning for phishing websites detection form URLS","volume":"24","author":"Akour","year":"2021","journal-title":"J. Manag. Inf. Decis. Sci."},{"key":"B3","doi-asserted-by":"publisher","first-page":"42459","DOI":"10.1109\/ACCESS.2022.3168235","article-title":"PDGAN: phishing detection with generative adversarial networks","volume":"10","author":"Al-Ahmadi","year":"2022","journal-title":"IEEE Access"},{"key":"B4","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1016\/j.aej.2024.06.070","article-title":"Hybrid stacked autoencoder with dwarf mongoose optimization for Phishing attack detection in internet of things environment","volume":"106","author":"Aljabri","year":"2024","journal-title":"Alexandria Eng. J."},{"key":"B5","doi-asserted-by":"publisher","first-page":"8842","DOI":"10.1038\/s41598-022-10841-5","article-title":"An effective detection approach for phishing websites using URL and HTML features","volume":"12","author":"Aljofey","year":"2022","journal-title":"Sci. Rep."},{"key":"B6","doi-asserted-by":"publisher","first-page":"490","DOI":"10.1016\/j.aej.2024.09.115","article-title":"Explainable artificial intelligence in web phishing classification on secure IoT with cloud-based cyber-physical systems","volume":"110","author":"Alotaibi","year":"2025","journal-title":"Alexandria Eng. J."},{"key":"B7","doi-asserted-by":"publisher","first-page":"8373","DOI":"10.1109\/ACCESS.2024.3351946","article-title":"Enhancing phishing detection: a novel hybrid deep learning framework for cybercrime forensics","volume":"12","author":"Alsubaei","year":"2024","journal-title":"IEEE Access"},{"key":"B8","doi-asserted-by":"publisher","first-page":"82355","DOI":"10.1109\/ACCESS.2022.3196018","article-title":"Combining long-term recurrent convolutional and graph convolutional networks to detect phishing sites using URL and HTML","volume":"10","author":"Ariyadasa","year":"2022","journal-title":"IEEE Access"},{"key":"B9","doi-asserted-by":"publisher","first-page":"6421","DOI":"10.1109\/ACCESS.2023.3237798","article-title":"A survey of intelligent detection designs of HTML URL phishing attacks","volume":"11","author":"Asiri","year":"2023","journal-title":"IEEE Access"},{"key":"B10","doi-asserted-by":"publisher","first-page":"248","DOI":"10.3390\/sym16020248","article-title":"AntiPhishStack: LSTM-based stacked generalization model for optimized phishing URL detection","volume":"16","author":"Aslam","year":"2024","journal-title":"Symmetry"},{"key":"B11","doi-asserted-by":"publisher","first-page":"42","DOI":"10.3390\/electronics12010042","article-title":"Business email compromise phishing detection based on machine learning: a systematic literature review","volume":"12","author":"Atlam","year":"2023","journal-title":"Electron. Switz."},{"key":"B12","doi-asserted-by":"publisher","first-page":"e07437","DOI":"10.1016\/j.heliyon.2021.e07437","article-title":"Improving the phishing website detection using empirical analysis of Function Tree and its variants","volume":"7","author":"Balogun","year":"2021","journal-title":"Heliyon"},{"key":"B13","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/s11235-020-00733-2","article-title":"A comprehensive survey of AI-enabled phishing attacks detection techniques","volume":"76","author":"Basit","year":"2021","journal-title":"Telecommun. Syst."},{"key":"B14","first-page":"1505","article-title":"A methodical overview on detection identification and proactive prevention of phishing websites","author":"Bhagwat","year":"2021"},{"key":"B15","doi-asserted-by":"publisher","first-page":"114102","DOI":"10.1016\/j.dss.2023.114102","article-title":"A hybrid framework using explainable AI (XAI) in cyber-risk management for defence and recovery against phishing attacks","volume":"177","author":"Biswas","year":"2024","journal-title":"Decis. Support Syst."},{"key":"B16","doi-asserted-by":"publisher","first-page":"4460","DOI":"10.1109\/ACCESS.2025.3525998","article-title":"Phish fighter: self updating machine learning shield against phishing kits based on HTML code analysis","volume":"13","author":"Brezeanu","year":"2025","journal-title":"IEEE Access"},{"key":"B17","doi-asserted-by":"publisher","first-page":"1090","DOI":"10.3390\/electronics11071090","article-title":"Optimized URL feature selection based on genetic-algorithm-embedded deep learning for phishing website detection","volume":"11","author":"Bu","year":"2022","journal-title":"Electron. Switz."},{"key":"B18","doi-asserted-by":"publisher","first-page":"1457","DOI":"10.1007\/s10115-022-01672-x","article-title":"Applications of deep learning for phishing detection: a systematic literature review","volume":"64","author":"Catal","year":"2022","journal-title":"Knowl. Inf. Syst."},{"key":"B19","first-page":"1","article-title":"Why phishing emails escape detection: a closer look at the failure points","volume-title":"2024 12th international symposium on digital forensics and security (ISDFS)","author":"Champa","year":""},{"key":"B20","first-page":"1","article-title":"Curated datasets and feature analysis for phishing email detection with machine learning","author":"Champa","year":""},{"key":"B21","doi-asserted-by":"publisher","first-page":"2583","DOI":"10.1007\/s10207-024-00851-x","article-title":"A cyber defense system against phishing attacks with deep learning game theory and LSTM-CNN with African vulture optimization algorithm (AVOA)","volume":"23","author":"Elberri","year":"2024","journal-title":"Int. J. Inf. Secur."},{"key":"B22","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1016\/j.comcom.2021.04.023","article-title":"A novel approach for phishing URLs detection using lexical based machine learning in a real-time environment","volume":"175","author":"Gupta","year":"2021","journal-title":"Comput. Commun."},{"key":"B23","doi-asserted-by":"publisher","first-page":"104347","DOI":"10.1016\/j.engappai.2021.104347","article-title":"Towards benchmark datasets for machine learning based website phishing detection: an experimental study","volume":"104","author":"Hannousse","year":"2021","journal-title":"Eng. Appl. Artif. Intell."},{"key":"B24","doi-asserted-by":"publisher","first-page":"124420","DOI":"10.1109\/ACCESS.2022.3223111","article-title":"Characteristics of understanding URLs and domain names features: the detection of phishing websites with machine learning methods","volume":"10","author":"Kara","year":"2022","journal-title":"IEEE Access"},{"key":"B25","doi-asserted-by":"publisher","first-page":"36805","DOI":"10.1109\/ACCESS.2023.3252366","article-title":"Phishing detection system through hybrid machine learning based on URL","volume":"11","author":"Karim","year":"2023","journal-title":"IEEE Access"},{"key":"B26","doi-asserted-by":"publisher","first-page":"71925","DOI":"10.1109\/ACCESS.2023.3293063","article-title":"Uncovering the cloak: a systematic review of techniques used to conceal phishing websites","volume":"11","author":"Li","year":"2023","journal-title":"IEEE Access"},{"key":"B27","doi-asserted-by":"publisher","first-page":"102421","DOI":"10.1016\/j.cose.2021.102421","article-title":"An efficient multistage phishing website detection model based on the CASE feature framework: aiming at the real web environment","volume":"110","author":"Liu","year":"2021","journal-title":"Comput. Secur."},{"key":"B28","first-page":"698","article-title":"A framework for an E-learning system based on semantic web","volume":"5","author":"Mahmoud","year":"2013","journal-title":"Int. J. Comput. Sci. Eng."},{"key":"B29","doi-asserted-by":"publisher","first-page":"137176","DOI":"10.1109\/ACCESS.2024.3463871","article-title":"Enhancing smishing detection: a deep learning approach for improved accuracy and reduced False positives","volume":"12","author":"Mehmood","year":"2024","journal-title":"IEEE Access"},{"key":"B30","doi-asserted-by":"publisher","first-page":"103387","DOI":"10.1016\/j.cose.2023.103387","article-title":"Mitigation strategies against the phishing attacks: a systematic literature review","volume":"132","author":"Naqvi","year":"2023","journal-title":"Comput. Secur."},{"key":"B31","first-page":"0813","article-title":"Machine LearningTechniquesfor detection of website phishing: a review for promises and challenges","author":"Odeh","year":"2021"},{"key":"B32","doi-asserted-by":"publisher","first-page":"121183","DOI":"10.1016\/j.eswa.2023.121183","article-title":"Look before you leap: detecting phishing web pages by exploiting raw URL and HTML characteristics","volume":"236","author":"Opara","year":"2024","journal-title":"Expert Syst. Appl."},{"key":"B33","doi-asserted-by":"publisher","first-page":"5733","DOI":"10.1007\/s00521-020-05354-z","article-title":"A heuristic technique to detect phishing websites using TWSVM classifier","volume":"33","author":"Rao","year":"2021","journal-title":"Neural Comput. Appl."},{"key":"B34","first-page":"451","article-title":"Cloud-based machine learning approach for accurate detection of website phishing","volume":"11","author":"Rashid","year":"2023","journal-title":"Int. J. Intell. Syst. Appl. Eng."},{"key":"B35","doi-asserted-by":"publisher","first-page":"590","DOI":"10.1016\/j.jksuci.2023.01.004","article-title":"A systematic literature review on phishing website detection techniques","volume":"35","author":"Safi","year":"2023","journal-title":"J. King Saud Univ. - Comput. Inf. Sci."},{"key":"B36","doi-asserted-by":"publisher","first-page":"8052","DOI":"10.1109\/ACCESS.2024.3352629","article-title":"Dephides: deep learning based phishing detection system","volume":"12","author":"Sahingoz","year":"2024","journal-title":"IEEE Access"},{"key":"B37","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1016\/j.procs.2021.05.077","article-title":"Phishing email detection using Natural Language Processing techniques: a literature survey","volume":"189","author":"Salloum","year":"2021","journal-title":"Procedia Comput. Sci."},{"key":"B38","doi-asserted-by":"publisher","first-page":"65703","DOI":"10.1109\/ACCESS.2022.3183083","article-title":"A systematic literature review on phishing email detection using Natural Language Processing techniques","volume":"10","author":"Salloum","year":"2022","journal-title":"IEEE Access"},{"key":"B39","doi-asserted-by":"publisher","first-page":"118010","DOI":"10.1016\/j.eswa.2022.118010","article-title":"Phishing websites detection using a novel multipurpose dataset and web technologies features","volume":"207","author":"Sanchez-Paniagua","year":"2022","journal-title":"Expert Syst. Appl."},{"key":"B40","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1016\/j.dsm.2024.08.004","article-title":"An explainable feature selection framework for web phishing detection with machine learning","volume":"8","author":"Shafin","year":"2024","journal-title":"Data Sci. Manag."},{"key":"B41","doi-asserted-by":"publisher","first-page":"100036","DOI":"10.1016\/j.csa.2024.100036","article-title":"An application for predicting phishing attacks: a case of implementing a support vector machine learning model","volume":"2","author":"Shombot","year":"2024","journal-title":"Cyber Secur. Appl."},{"key":"B42","doi-asserted-by":"publisher","first-page":"104129","DOI":"10.1016\/j.cose.2024.104129","article-title":"Security awareness, decision style, knowledge, and phishing email detection: moderated mediation analyses","volume":"148","author":"Sturman","year":"2024","journal-title":"Comput. & Secur."},{"key":"B43","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/s12046024025820","article-title":"Detection of adversarial phishing attack using machine learning techniques","volume":"49","author":"Sudar","year":"2024","journal-title":"S\u0101dhan\u0101"},{"key":"B44","doi-asserted-by":"publisher","first-page":"672","DOI":"10.3390\/make3030034","article-title":"A survey of machine learning-based solutions for phishing website detection","volume":"3","author":"Tang","year":"2021","journal-title":"Mach. Learn. Knowl. Extr."},{"key":"B45","doi-asserted-by":"publisher","first-page":"1509","DOI":"10.1109\/ACCESS.2021.3137636","article-title":"A deep learning-based framework for phishing website detection","volume":"10","author":"Tang","year":"2022","journal-title":"IEEE Access"},{"key":"B46","doi-asserted-by":"publisher","first-page":"4545","DOI":"10.3390\/electronics12214545","article-title":"A systematic review on deep-learning-based phishing email detection","volume":"12","author":"Thakur","year":"2023","journal-title":"Electron. Switz."},{"key":"B47","doi-asserted-by":"publisher","first-page":"103736","DOI":"10.1016\/j.cose.2024.103736","article-title":"The applicability of a hybrid framework for automated phishing detection","volume":"139","author":"van Geest","year":"2024","journal-title":"Comput. Secur."},{"key":"B48","doi-asserted-by":"publisher","first-page":"113863","DOI":"10.1016\/j.eswa.2020.113863","article-title":"An improved ELM-based and data preprocessing integrated approach for phishing detection considering comprehensive features","volume":"165","author":"Yang","year":"2021","journal-title":"Expert Syst. Appl."}],"container-title":["Frontiers in Communications and Networks"],"original-title":[],"link":[{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/frcmn.2025.1587654\/full","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T05:28:32Z","timestamp":1751952512000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/frcmn.2025.1587654\/full"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,8]]},"references-count":48,"alternative-id":["10.3389\/frcmn.2025.1587654"],"URL":"https:\/\/doi.org\/10.3389\/frcmn.2025.1587654","relation":{},"ISSN":["2673-530X"],"issn-type":[{"value":"2673-530X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,7,8]]},"article-number":"1587654"}}