Intelligent explanation generation system for phishing webpages by employing an inference system

Phishing is a fraudulent scheme to steal a user’s personal and confidential information by masking as a trustworthy entity in the electronic commerce. Phishers lure online users to visit their fake webpages and capture the user’s sensitive financial information. The current anti-phishing technique focuses on determining the legitimacy of the webpages that the user visits, and it alerts users with a phishing label when a webpage is found to have suspicious activity. Most of the times, however, these warnings are ignored by the users as there is no significant information present in the alerts except for the phishing label. The method proposed in this paper addresses the aforementioned lacunae by generating a coherent and complete explanation in the natural language text for the anti-phishing system’s decision. The explanation includes the phishing label along with information to establish why such a decision has been taken. This would, in turn, contribute to the user’s enhanced understanding of the threat and also strengthens the user’s trust in the system. It is quite evident from the pilot evaluation, which involved 50 users, that the proposed methodology significantly improves the user’s understanding of the phishing label and strengthens their trust in the system.