Phishing has become a favorite method of hackers for committing data theft and continues to evolve. As long as phishing websites continue to operate, many more people and companies will suffer privacy leaks or financial losses. Therefore, the demand for fast and accurate phishing website detection grows stronger. However, the existing phishing detection methods do not fully analyze the features of phishing, and the performance and efficiency of the models only apply to certain limited datasets and need to be improved to be applied to the real web environment. This paper fully considers the social engineering principles of phishing, proposes a comprehensive and interpretable CASE feature framework and designs a multistage phishing detection model to effectively detect phishing sites, especially in the real web environment, where high efficiency and performance and extremely low false alarm rates are required. To fully verify the proposed method, two kinds of data experiments were carried out. One was the comparative experiments among different features and different detection models on CASE, which covers both classic machine learning and deep learning algorithms based on a constructed complex dataset. The other was a one-year phishing discovery experiment in the real web environment. The proposed method achieves better detection results under the premise of significantly shortening the execution time and works well in real phishing discovery, which proves its high practicability in reality.

网络钓鱼已成为黑客窃取数据的常用方法，并且还在不断发展。只要钓鱼网站继续运行，就会有更多的人和公司遭受隐私泄露或经济损失。因此，对快速准确的钓鱼网站检测的需求越来越强烈。然而，现有的网络钓鱼检测方法并没有充分分析网络钓鱼的特征，模型的性能和效率仅适用于某些有限的数据集，需要改进以应用于真实的网络环境。本文充分考虑了网络钓鱼的社会工程原理，提出了一个全面的、可解释的CASE特征框架，并设计了一个多阶段的网络钓鱼检测模型，以有效地检测网络钓鱼网站，尤其是在真实的网络环境中，需要高效率和性能以及极低的误报率。为了充分验证所提出的方法，进行了两种数据实验。一个是CASE上不同特征和不同检测模型的对比实验，既涵盖了经典的机器学习算法，也涵盖了基于构建的复杂数据集的深度学习算法。另一个是在真实网络环境中进行的为期一年的网络钓鱼发现实验。所提方法在显着缩短执行时间的前提下取得了较好的检测结果，在真实的钓鱼发现中效果良好，证明了其在现实中的高度实用性。一个是CASE上不同特征和不同检测模型的对比实验，既涵盖了经典的机器学习算法，也涵盖了基于构建的复杂数据集的深度学习算法。另一个是在真实网络环境中进行的为期一年的网络钓鱼发现实验。所提方法在显着缩短执行时间的前提下取得了较好的检测结果，在真实的钓鱼发现中效果良好，证明了其在现实中的高度实用性。一个是CASE上不同特征和不同检测模型的对比实验，既涵盖了经典的机器学习算法，也涵盖了基于构建的复杂数据集的深度学习算法。另一个是在真实网络环境中进行的为期一年的网络钓鱼发现实验。所提方法在显着缩短执行时间的前提下取得了较好的检测结果，在真实的钓鱼发现中效果良好，证明了其在现实中的高度实用性。