A data centric and interpretable PCA based framework for phishing email detection
摘要
Phishing email attacks pose a serious and persistent cybersecurity threat, which require robust detection mechanisms. Current approaches often suffer from setbacks some of which are outdated and imbalanced datasets. This paper introduces the PCA-based Enhanced Phishing Email Attack Detection (EPEAD) framework, which is a novel method for highly accurate phishing email identification. The EPEAD framework generates a custom balanced dataset of 50,000 phishing and benign emails, integrating modern techniques. A detailed pre-processing module extracts relevant features, including email content, URL characteristics and sender authenticity. Principal Component Analysis (PCA) is applied for dimensionality reduction. Supervised machine learning algorithms (Logistic Regression, Random Forest, k-Nearest Neighbors, Decision Tree, Naïve-Bayes, Artificial Neural Networks) are then trained and evaluated using standard metrics. The EPEAD framework achieved an outstanding highest accuracy of 98.38% in phishing email identification, which outperforms many models reliant on public datasets, even with traditional algorithms. This high accuracy highlights the critical role of superior data and meticulous feature engineering. The custom-generated, balanced and feature-rich dataset, combined with PCA, offers a transparent and reliable defence against evolving threats, including LLM-rephrased emails.