Call for Paper - Upcoming Issues

LightPhishAI: A Lightweight Multimodal Feature Extraction and Fusion Framework for Real-Time Phishing Detection on IoT Devices

International Journal of Electronics and Communication Engineering
© 2026 by SSRG - IJECE Journal
Volume 13 Issue 3
Year of Publication : 2026
Authors : Gaddam Lakshmi, P. Swetha
10.14445/23488549/IJECE-V13I3P120
pdf
How to Cite?

Gaddam Lakshmi, P. Swetha, "LightPhishAI: A Lightweight Multimodal Feature Extraction and Fusion Framework for Real-Time Phishing Detection on IoT Devices," SSRG International Journal of Electronics and Communication Engineering, vol. 13,  no. 3, pp. 241-265, 2026. Crossref, https://doi.org/10.14445/23488549/IJECE-V13I3P120

Abstract:

Phishing is still considered one of the fastest-growing cyber threats, spreading through web and IoT landscapes via fake URLs, simulated brand elements, or falsified login credentials. State-of-the-art detection approaches, including heuristic filters and deep neural models, are computationally intensive to train and interpret and depend heavily on single modality text- or image-based input. These limitations limit their scalability and robustness in dynamic, resource constrained environments. Motivated by these limitations, LightPhishAI presents a lightweight, interpretable, multimodal online phishing-detection framework that fuses URL, metadata, and Webpage-screenshot features using the proposed PhishFusionNet model. The model integrates TinyBERT to encode texts, MobileNetV2 to extract visual features, and an MLP for metadata representation, which are consolidated using an adaptive attention-based fusion module in a dynamic manner that accounts for modality relevance. The last classification head is for binary phishing detection, maintaining interpretability with Grad-CAM, SHAP, and LIME explanations, and preserving human-auditable decisions. Experimental results on various public datasets (PhishTank, OpenPhish, Tranco, UCI PhiUSIIL) and Phish-IRIS show that the model achieves higher accuracy (98.4%) and F1 score (97.9%) than single-modality baselines. Furthermore, PhishFusionNet achieves more than a 90% reduction in inference time and an 80% decrease in computational overhead compared to traditional transformer-CNN hybrids, demonstrating its strong feasibility for IoT-edge deployment. The proposed framework bridges the gap between deep learning accuracy and real-world deployability by providing an interpretable, scalable, and energy-efficient platform for detecting phishing attacks on limited IoT devices.

Keywords:

Phishing Detection, Multimodal Deep Learning, Explainable AI, Edge Deployment, Cybersecurity.

References:

[1] S. Kavya, and D. Sumathi, “Multimodal and Temporal Graph Fusion Framework for Advanced Phishing Website Detection,” IEEE Access, vol. 13, pp. 74128-74146, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Phan The Duy et al., “A Study on Adversarial Sample Resistance and Defense Mechanism for Multimodal Learning-Based Phishing Website Detection,” IEEE Access, vol. 12, pp. 137805-137824, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Mohammed Alsaedi et al., “Multi-Modal Features Representation-Based Convolutional Neural Network Model for Malicious Website Detection,” IEEE Access, vol. 12, pp. 7271-7284, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Jehyun Lee et al., “Multimodal Large Language Models for Phishing Webpage Detection and Identification,” 2024 APWG Symposium on Electronic Crime Research (eCrime), Boston, MA, USA, pp. 1-13, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Sabrina Sakraoui et al., “FBMP-IDS: FL-Based Blockchain-Powered Lightweight MPC-Secured IDS for 6G Networks,” IEEE Access, vol. 12, pp. 105887-105905, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Abeer Awadallah et al., “Artificial Intelligence-Based Cybersecurity for the Metaverse: Research Challenges and Opportunities,” IEEE Communications Surveys & Tutorials, vol. 27, no. 2, pp. 1008-1052, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Wenhao Li et al., “A State-of-the-Art Review on Phishing Website Detection Techniques,” IEEE Access, vol. 12, pp. 187976-188012, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Ahmad Houkan et al., “Enhancing Security in Industrial IoT Networks: Machine Learning Solutions for Feature Selection and Reduction,” IEEE Access, vol. 12, pp. 160864-160883, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Mirza Akhi Khatun et al., “Machine Learning for Healthcare-IoT Security: A Review and Risk Mitigation,” IEEE Access, vol. 11, pp. 145869-145896, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Jannatul Ferdous et al., “A Review of State-of-the-Art Malware Attack Trends and Defense Mechanisms,” IEEE Access, vol. 11, pp. 121118-121141, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Sultan Asiri et al., “A Survey of Intelligent Detection Designs of HTML URL Phishing Attacks,” IEEE Access, vol. 11, pp. 6421 6443, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Andrea F. Abate et al., “On the Impact of Multimodal and Multisensor Biometrics in Smart Factories,” IEEE Transactions on Industrial Informatics, vol. 18, no. 12, pp. 9092-9100, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Hariprasad Siddharthan, T. Deepa, and Prabhu Chandhar, “SENMQTT-SET: An Intelligent Intrusion Detection in IoT-MQTT Networks Using Ensemble Multi Cascade Features,” IEEE Access, vol. 10, pp. 33095-33110, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Badr Lahasan, and Hussein Samma, “Optimized Deep Autoencoder Model for Internet of Things Intruder Detection,” IEEE Access, vol. 10, pp. 8434-8448, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Zhibo Zhang et al., “Explainable Artificial Intelligence Applications in Cyber Security: State-of-the-Art in Research,” IEEE Access, vol. 10, pp. 93104-93139, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[16] Nguyet Quang Do et al., “Deep Learning for Phishing Detection: Taxonomy, Current Challenges and Future Directions,” IEEE Access, vol. 10, pp. 36429-36463, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Syed Rizvi et al., “Application of Artificial Intelligence to Network Forensics: Survey, Challenges and Future Directions,” IEEE Access, vol. 10, pp. 110362-110384, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Shakila Zaman et al., “Security Threats and Artificial Intelligence Based Countermeasures for Internet of Things Networks: A Comprehensive Survey,” IEEE Access, vol. 9, pp. 94668-94690, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Faisal Hussain et al., “A Two-Fold Machine Learning Approach to Prevent and Detect IoT Botnet Attacks,” IEEE Access, vol. 9, pp. 163412-163430, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Jaeun Choi, and Chunmi Jeon, “Cost-Based Heterogeneous Learning Framework for Real-Time Spam Detection in Social Networks with Expert Decisions,” IEEE Access, vol. 9, pp. 103573-103587, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Yi Wei, and Yuji Sekiya, “Sufficiency of Ensemble Machine Learning Methods for Phishing Websites Detection,” IEEE Access, vol. 10, pp. 124103-124113, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Jingwen Wei et al., “Domain Adversarial Neural Network-Based Intrusion Detection System for In-Vehicle Network Variant Attacks,” IEEE Communications Letters, vol. 26, no. 11, pp. 2547-2551, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Abiodun Ayantayo et al., “Network Intrusion Detection using Feature Fusion with Deep Learning,” Journal of Big Data, vol. 10, pp. 1-24, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Hussein Alaa Al-Kabbi, Mohammad-Reza Feizi-Derakhshi, and Saeid Pashazadeh, “Multi-Type Feature Extraction and Early Fusion Framework for SMS Spam Detection,” IEEE Access, vol. 11, pp. 123756-123765, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[25] Faisal S. Alsubaei, Abdulwahab Ali Almazroi, and Nasir Ayub, “Enhancing Phishing Detection: A Novel Hybrid Deep Learning Framework for Cybercrime Forensics,” IEEE Access, vol. 12, pp. 8373-8389, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Muhammad Khalid Mehmood et al., “Enhancing Smishing Detection: A Deep Learning Approach for Improved Accuracy and Reduced False Positives,” IEEE Access, vol. 12, pp. 137176-137193, 2024.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Ganesh S. Nayak, Balachandra Muniyal, and Manjula C. Belavagi, “Enhancing Phishing Detection: A Machine Learning Approach with Feature Selection and Deep Learning Models,” IEEE Access, vol. 13, pp. 33308-33320, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Sultan Refa Alotaibi et al., “Explainable Artificial Intelligence in Web Phishing Classification on Secure IoT with Cloud-Based Cyber Physical Systems,” Alexandria Engineering Journal, vol. 110, pp. 490-505, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Maria Carla Calzarossa, Paolo Giudici, and Rasha Zieni, “An Assessment Framework for Explainable AI with Applications to Cybersecurity,” Artificial Intelligence Review, vol. 58, pp. 1-19, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[30] Sakib Shahriar Shafin, “An Explainable Feature Selection Framework for Web Phishing Detection with Machine Learning,” Data Science and Management, vol. 8, no. 2, pp. 127-136, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Khuloud Saeed Alketbi, and Abid Mehmood, “A Comprehensive Survey of Explainable Artificial Intelligence Techniques for Malicious Insider Threat Detection,” IEEE Access, vol. 13, pp. 121772-121798, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[32] Stéphane Reynaud, and Ana Roxin, “Review of eXplainable Artificial Intelligence for Cybersecurity Systems,” Discover Artificial Intelligence, vol. 5, pp. 1-23, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[33] William Villegas-Ch et al., “Integrating Explainable Artificial Intelligence in Anomaly Detection for Threat Management in E Commerce Platforms,” IEEE Access, vol. 13, pp. 29830-29846, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[34] Smarajit Ghosh, “A Novel Framework for Financial Cybersecurity and Fraud Detection Using XAI-RNN-SGRU,” IEEE Access, vol. 13, pp. 88134-88155, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[35] Maruf Hossain Shuvo et al., “Efficient Acceleration of Deep Learning Inference on Resource-Constrained Edge Devices: A Review,” Proceedings of the IEEE, vol. 111, no. 1, pp. 42-91, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[36] Jiajia Wu et al., “Progressive Guided Fusion Network with Multi-Modal and Multi-Scale Attention for RGB-D Salient Object Detection,” IEEE Access, vol. 9, pp. 150608-150622, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[37] Andri Pranolo et al., “Robust LSTM With Tuned-PSO and Bifold-Attention Mechanism for Analyzing Multivariate Time-Series,” IEEE Access, vol. 10, pp. 78423-78434, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[38] Ying Guo, and Wei Song, “A Temporal-and-Spatial Flow Based Multimodal Fake News Detection by Pooling and Attention Blocks,” IEEE Access, vol. 10, pp. 131498-131508, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[39] Yiwei Huang, Hui Ma, and Mingyang Wang, “Multimodal Finger Recognition Based on Asymmetric Networks with Fused Similarity,” IEEE Access, vol. 11, pp. 17497-17509, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[40] Jungpil Shin et al., “Multimodal Attention-Enhanced Feature Fusion-Based Weakly Supervised Anomaly Violence Detection,” IEEE Open Journal of the Computer Society, vol. 6, pp. 129-140, 2025.
[CrossRef] [Google Scholar] [Publisher Link]
[41] Collaborative Anti-Phishing Data, PhishTank. [Online]. Available: https://www.phishtank.net/
[42] Phishing Intelligence / Database, OpenPhish. [Online]. Available: https://openphish.com/
[43] A Research-Oriented Top Sites Ranking, Tranco. [Online]. Available: https://tranco-list.eu/
[44] PhiUSIIL Phishing URL Dataset, UCI Machine Learning Repository, 2024. [Online]. Available: https://archive.ics.uci.edu/dataset/967/phiusiil%2Bphishing%2Burl%2Bdataset
[45] F.C. Dalgic, A.S. Bozkir, and M. Aydos, “Phish-IRIS: A New Approach for Vision-Based Brand Prediction of Phishing Web Pages via Compact Visual Descriptors,” 2018 2nd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), Ankara, Turkey, pp. 1-8, 2018.
[CrossRef] [Google Scholar] [Publisher Link]