Enhancing Phishing Detection on Twitter through Deep Learning and the MITRE ATT&CK Framework

Social engineering attacks are a growing threat to cybersecurity, as they exploit human vulnerabilities through psychological manipulation. Twitter, owing to its real-time interaction and extensive user base, has become a prime platform for such attacks. Attackers use various techniques such as phishing and impersonation to deceive unsuspecting users. This paper proposes a comprehensive detection system that integrates deep learning models, namely Long Short-Term Memory (LSTM), Recurrent Neural Networks (RNN), and Bidirectional Encoder Representations from Transformers (BERT), with the MITRE ATT&CK framework, which provides a structured taxonomy of tactics, techniques, and procedures (TTPs) used by adversaries. The MITRE ATT&CK framework was leveraged to classify deceptive cyber infiltration into distinct phases, enhancing detection precision and context. Data collected from Twitter were preprocessed and mapped to specific ATT&CK TTPs, enabling deep learning models to achieve a more structured classification. Among the models tested, BERT outperformed the other models, achieving a detection accuracy of 95%. The results demonstrated the utility of combining deep learning techniques with structured cybersecurity frameworks such as MITRE ATT&CK to detect social engineering threats on social media platforms in a scalable manner.