PhiShield: An AI-Based Personalized Anti-Spam Solution with Third-Party Integration

In this paper, we present PhiShield, which is a spam filter system designed to offer real-time email collection and analysis at the end node. Before our work, most existing spam detection systems focused more on detection accuracy rather than usability and privacy. PhiShield is introduced to enhance both of these features by precisely choosing the deployment location where it achieves personalization and proactive defense. The PhiShield system is designed to allow enhanced compatibility and proactive phishing prevention for users. Phishield is implemented as a browser extension and is compatible with third-party email services such as Gmail. As it is implemented as a browser extension, it assesses emails before a user clicks on them. It offers proactive prevention for users by showing a personalized report, not the content of the phishing email, when a phishing email is detected. Therefore, it provides users with transparency surrounding phishing mechanisms and helps them mitigate phishing risks in practice. We test various locally trained Artificial Intelligence (AI)-based detection models and show that a Long Short-Term Memory (LSTM) model is suitable for practical phishing email detection (>98% accuracy rate) with a reasonable training cost. This means that an organization or user can develop their own private detection rules and supplementarily use the private rules in addition to the third-party email service. In this paper, we implement PhiShield to show the scalability and practicality of our solution and provide a performance evaluation of approximately 300,000 emails from various sources.