A compound-aware encoder-only transformer model for smishing detection
摘要
Smishing attacks increasingly exploit lexical obfuscation and compound-word constructions within both SMS content and embedded URLs, which significantly degrades the effectiveness of conventional tokenization-based detection approaches. To address this challenge, we propose the Compound-Aware Encoder-Only Transformer (CAEoT), a framework that explicitly reconstructs semantically meaningful sub-components from obfuscated compound expressions prior to Transformer encoding. CAEoT introduces a case factory that adaptively activates text- and URL-specific compound-aware decomposition modules, thereby exposing latent semantic cues before tokenization. The resulting enriched token sequences are then processed by an encoder-only Transformer and a lightweight classification head. Experiments conducted on two benchmark smishing datasets demonstrate that CAEoT achieves strong and consistent detection performance, with F1-scores of 0.89 and 0.98, ROC-AUC values of up to 1.00, and PR-AUC values of up to 0.99. Further analysis of ROC and precision–recall curves confirms that CAEoT maintains robust discriminative capability under class imbalance while preserving practical end-to-end inference efficiency. These results indicate that explicit compound-aware decomposition provides a principled and effective enhancement for Transformer-based smishing detection without modifying the underlying encoder architecture.