TL;DR
CyberCane is a neuro-symbolic framework combining symbolic rules and privacy-preserving RAG to detect phishing with high accuracy, transparency, and compliance, especially against AI-generated attacks.
Contribution
It introduces CyberCane, a novel neuro-symbolic system with formal ontology reasoning and privacy-preserving retrieval, improving phishing detection in sensitive domains.
Findings
78.6-point recall improvement over symbolic-only detection on AI threats
Precision exceeds 98% with FPR as low as 0.16%
Deployment in healthcare shows 542x ROI
Abstract
Privacy-critical domains require phishing detection systems that satisfy contradictory constraints: near-zero false positives to prevent workflow disruption, transparent explanations for non-expert staff, strict regulatory compliance prohibiting sensitive data exposure to external APIs, and robustness against AI-generated attacks. Existing rule-based systems are brittle to novel campaigns, while LLM-based detectors violate privacy regulations through unredacted data transmission. We introduce CyberCane, a neuro-symbolic framework integrating deterministic symbolic analysis with privacy-preserving retrieval-augmented generation (RAG). Our dual-phase pipeline applies lightweight symbolic rules to email metadata, then escalates borderline cases to semantic classification via RAG with automated sensitive data redaction and retrieval from a phishing-only corpus. We further introduce…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
