Background: Explainability in phishing detection model can support a further solution of phishing attack mitigation by increasing trust and understanding how phishing can be detected. Objective: The aims of this study to determine and best recommendation to apply an approach which has several components with abilities to fulfil the critical needs Methods: A methodology starting with analyzing both black-box and white-box models to get the pros and cons specifically in phishing detection. The conclusion of the analysis will be validated by experiment using a set of well-known algorithms and public phishing datasets. Experimental metrics covers 3 measurements such as predictive accuracy and explainability metrics. Conclusion: Both models are comparable in terms of interpretability and consistency, with room for improvement in diverse datasets. EBM as an example of white-box model is generally better suited for applications requiring explainability and actionable insights. Finally, each model, white-box and black-box model has positive and negative aspects both for performance metric and for explainable metric. It is important to consider the objective of model usage.

翻译：背景：钓鱼检测模型的可解释性通过增强信任度与阐明钓鱼攻击检测机制，能够为钓鱼攻击缓解方案的进一步优化提供支持。目的：本研究旨在确定并推荐一种能够满足关键需求的多组件方法的最佳应用方案。方法：研究方法首先分析黑盒与白盒模型在钓鱼检测领域的优缺点，随后通过采用一系列经典算法与公开钓鱼数据集进行实验验证分析结论。实验指标涵盖预测准确性与可解释性指标等三类测量维度。结论：两种模型在可解释性与一致性方面表现相当，但在多样化数据集上均有改进空间。以EBM为代表的白盒模型通常更适用于需要可解释性与可操作性洞察的应用场景。最终，白盒与黑盒模型在性能指标与可解释性指标方面均存在正反两面特征，因此必须结合模型使用的具体目标进行综合考量。