Context-Aware Phishing Email Detection Using Machine Learning and NLP

TL;DR

This paper introduces a machine learning and NLP-based system for detecting phishing emails by analyzing email content, achieving high accuracy and fast response times, and deploying it as a real-time web application.

Contribution

The paper presents a novel email classification system that uses NLP features and machine learning models, outperforming existing URL-focused approaches.

Findings

Logistic Regression achieved 95.41% accuracy.

The system provides real-time classification with 127ms response time.

NLP features improve phishing detection beyond URL analysis.

Abstract

Phishing attacks remain among the most prevalent cybersecurity threats, causing significant financial losses for individuals and organizations worldwide. This paper presents a machine learning-based phishing email detection system that analyzes email body content using natural language processing (NLP) techniques. Unlike existing approaches that primarily focus on URL analysis, our system classifies emails by extracting contextual features from the entire email content. We evaluated two classification models, Naive Bayes and Logistic Regression, trained on a combined corpus of 53,973 labeled emails from three distinct datasets. Our preprocessing pipeline incorporates lowercasing, tokenization, stop-word removal, and lemmatization, followed by Term Frequency-Inverse Document Frequency (TF-IDF) feature extraction with unigrams and bigrams. Experimental results demonstrate that Logistic Regression achieves 95.41% accuracy with an F1-score of 94.33%, outperforming Naive Bayes by 1.55 percentage points. The system was deployed as a web application with a FastAPI backend, providing real-time phishing classification with average response times of 127ms.