Go to ICML 2026 Workshop MusIML homepageCatch Me If You Can: Detecting Phishing Emails Through Generative-Adversarial Training
Keywords: Phishing Detection, Adversarial Robustness, NLP Security, Generative-Adversarial Training, Large Language Models, Text Adversarial Attacks, Cyclic Training
TL;DR: We propose a multi-round adversarial training framework that allows phishing email classifiers to better detect generated adversarial text attacks
Abstract: Phishing emails remain a leading cause of cybersecurity breaches, often bypassing modern NLP-based detectors, which are highly vulnerable to adversarial text attacks that evade detection while remaining convincing to human readers. We propose a cyclic adversarial training framework in which a local LLM iteratively rewrites phishing emails into label-preserving adversarial samples that challenge an ALBERT-based discriminator, retrained across rounds on an accumulating corpus informed by its prior weaknesses. To obtain an unbiased robustness measure, we evaluate the discriminator against three held-out attacks, TextFooler, PWWS, and DeepWordBug, none of which contribute to training. Results show the discriminator's exploitable attack surface against these attacks shrinks substantially across rounds, while also revealing cross-attacker interference effects that highlight the difficulty of achieving robustness against all adversarial strategies simultaneously. This research underscores the importance of adversarial robustness in phishing detection and contributes towards the development of stronger defenses for real-world cybersecurity applications.
Track: Track 2: ML Research by Muslim Authors
Email Sharing: We authorize the sharing of all author emails with Program Chairs.
Data Release: We authorize the release of our submission and author names to the public in the event of acceptance.
Non Archival Confirmation: I understand that submissions to MusIML are non-archival and can be submitted to other venues.
Submission Number: 63
Loading