Other Conference and Symposium Proceedings
Permanent URI for this communityhttps://rda.sliit.lk/handle/123456789/4774
Browse
Search Results
Item Embargo Intelligent Detection of Corporate Targeted Phishing Emails - A Hybrid Approach Combining Deep Learning Models with Domain Anomaly Detection(Institute of Electrical and Electronics Engineers Inc., 2025) Seethawaka, R; Chathurya N.E.G; Chandrasiri D.K.W.G.G.T; Kavithma K.A.S; Fernando, H; Wijesooriya, AThis paper introduces a system designed to detect corporate-targeted phishing emails by combining two key strategies: advanced email content analysis and domain similarity analysis. The system first examines the text of emails using a hybrid deep learning model that merges modern language understanding techniques with sequential pattern recognition, achieving high accuracy in identifying phishing intent. Two models were tested - a standalone Bi-LSTM sequential model and a hybrid version(BERT - Bi-LSTM) with the hybrid model proving superior, scoring an F1 score of 0.97 compared to 0.93 for the standalone model. Second, the system verifies sender domains to detect spoofing attempts, such as subtle typos, homograph attacks or TLD/subdomain spoofing. This domain check reduces reliance on text analysis alone, helping analysts prioritize threats more effectively. Tested against a mix of legitimate and malicious domains, the domain module achieved near-perfect accuracy, minimizing false alarms. By integrating these approaches, the system addresses a critical gap in existing methods, which often focus on only one aspect of phishing (e.g., email content or URL features). This dual strategy ensures a more comprehensive defense, particularly against sophisticated attacks that use convincing language paired with fake domains. The combined model not only improves detection accuracy but also supports security teams by providing clear, actionable insights, making it practical for real-world corporate environments.