The proliferation of mobile devices and online interactions have been threatened by different cyberattacks, where phishing attacks and malicious Uniform Resource Locators (URLs) pose significant risks to user security. Traditional phishing URL detection methods primarily rely on URL string-based features, which attackers often manipulate to evade detection. To address these limitations, we propose a novel graph-based machine learning model for phishing URL detection, integrating both URL structure and network-level features such as IP addresses and authoritative name servers. Our approach leverages Loopy Belief Propagation (LBP) with an enhanced convergence strategy to enable effective message passing and stable classification in the presence of complex graph structures. Additionally, we introduce a refined edge potential mechanism that dynamically adapts based on entity similarity and label relationships to further improve classification accuracy. Comprehensive experiments on real-world datasets demonstrate our model's effectiveness by achieving F1 score of up to 98.77\%. This robust and reproducible method advances phishing detection capabilities, offering enhanced reliability and valuable insights in the field of cybersecurity.

翻译：移动设备和在线交互的普及正受到各类网络攻击的威胁，其中钓鱼攻击和恶意统一资源定位符（URL）对用户安全构成重大风险。传统的钓鱼URL检测方法主要依赖基于URL字符串的特征，而攻击者常通过操纵这些特征以规避检测。为克服这些局限，本文提出一种新颖的基于图的机器学习模型用于钓鱼URL检测，该模型整合了URL结构及网络层级特征（如IP地址和权威名称服务器）。我们的方法采用具备增强收敛策略的环状信念传播算法，以在复杂图结构中实现有效的消息传递与稳定分类。此外，我们引入一种基于实体相似度与标签关系动态调整的精细化边势能机制，以进一步提升分类准确率。在真实数据集上的综合实验表明，本模型最高可获得98.77%的F1分数，验证了其有效性。这一鲁棒且可复现的方法推进了钓鱼检测能力，为网络安全领域提供了更高的可靠性与有价值的洞见。