Please use this identifier to cite or link to this item:
http://dspace.dtu.ac.in:8080/jspui/handle/repository/23022Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | JHA, SUJYOTI | - |
| dc.contributor.author | Kumar, Manoj (SUPERVISOR) | - |
| dc.date.accessioned | 2026-07-06T09:18:11Z | - |
| dc.date.available | 2026-07-06T09:18:11Z | - |
| dc.date.issued | 2026-06 | - |
| dc.identifier.uri | http://dspace.dtu.ac.in:8080/jspui/handle/repository/23022 | - |
| dc.description.abstract | Phishing attacks have become increasingly sophisticated, personalized, and challenging to detect in recent years. These attacks exploit fundamental aspects of human psychol ogy — urgency, authority, fear, and trust making them effective even against technically aware users. Recent advancements in large language models (LLMs) such as GPT-4 and Claude have further exacerbated this threat by providing attackers with the means to produce grammatically polished, contextually coherent, and highly personalized phish ing emails on a massive scale, thereby bypassing legacy keyword-based and rule-based detection tools. This thesis makes two primary contributions. First, it presents a system atic literature review of eighteen peer-reviewed studies tracing the evolution of behavioral cyber threat detection from classical machine learning approaches. The review identi fies a critical research gap: the absence of a lightweight, interpretable, and training-free framework capable of distinguishing AI-generated phishing from both human-authored phishing and legitimate email. To address this gap, this thesis proposes PhishScore — an unsupervised weighted scoring system that categorizes emails into one of three classes: genuine, phishing, and AI-phishing. PhishScore computes a continuous risk score between 0 and 100 based on twelve handcrafted features organized under social engineering, struc tural, and stylometric characteristics, and maps this score to actionable risk tiers — Low, Medium, and High — using fixed thresholds. When tested on a balanced dataset of 2,139 emails drawn from the Enron, Nazario, and Greco (2023) corpora, PhishScore delivers an ROC-AUC score of 0.8135 with statistically significant class separability (F = 313.62, p <0.001). Interestingly, stylometric features turn out to be stronger predictors than social engineering terms, confirming that AI-generated phishing is linguistically distinguishable not by what is written, but by how it is written. PhishScore is fully interpretable, re quires no supervised training, and is suitable for deployment as a transparent pre-filter in real-world enterprise email security pipelines. | en_US |
| dc.language.iso | en | en_US |
| dc.relation.ispartofseries | TD-8934; | - |
| dc.subject | PHISHSCORE | en_US |
| dc.subject | MULTI-FEATURE SCORING FRAMEWORK | en_US |
| dc.subject | TRI-CLASS PHISHING | en_US |
| dc.subject | EMAIL DETECTION | en_US |
| dc.title | PHISHSCORE: A WEIGHTED MULTI-FEATURE SCORING FRAMEWORK FOR TRI-CLASS PHISHING EMAIL DETECTION | en_US |
| dc.type | Thesis | en_US |
| Appears in Collections: | M.E./M.Tech. Computer Engineering | |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| SUJYOTI JHA M.Tech.pdf | 3.51 MB | Adobe PDF | View/Open | |
| SUJYOTI JHA plag.pdf | 7.18 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.



