PhishSigma++: Malicious Email Detection with Typed Entity Relations
Authors: Shang Shang, Ruiqi Wang, Ruijie Qi et al.
Summary
The authors built PhishSigma++, a phishing-email detector that extracts 40 typed entity classes (e.g., sender domain, URLs, attachments) and 5 cross-type relations to form a typed email graph, then uses particle-swarm optimization to select a sparse discriminative relation mask for classification and evidence summarization. On 29,142 RFC822 messages, it achieves 0.9675 F1 on clean data and maintains 0.9579 F1 under non-adaptive "Good Word" padding attacks (ρ=0.8), while token-based Bayesian and DistilBERT baselines collapse to 0.0243 and 0.7284 F1 respectively. The method generalizes hand-crafted Sigma rules by learning which entity relations are discriminative from data.
Main takeaways:
- Focuses on invariant typed-entity relations (sender–URL, attachment–text) rather than mutable surface text, making it robust to adversarial text insertion
- Extracts 40 entity types and 5 cross-type relations to build a typed email graph; PSO selects a sparse discriminative mask
- Achieves 0.9675 F1 on clean phishing vs. ham; under Good Word padding (ρ=0.8) maintains 0.9579 F1 while text baselines collapse
- Compared to traditional Sigma rules (hand-written field conditions), PhishSigma++ offers higher detection, broader relational coverage, and data-driven feature selection
- Thresholded typed-relation scores encode a useful fragment of Sigma-style field conditions, unifying hand-crafted and learned approaches
Relevance
Not related to my persona or midtraining work—this is an email-security application. Included because the idea of invariant entity relations vs. mutable surface text parallels my question of whether persona markers are surface tokens or deeper relational/behavioral signatures.
Threat model
Potential threat/caveat for clean result "Fine-tuning one persona on a two-marker chunk and another on the start marker plants the end marker at every donor answer's end, not chained to the start (LOW confidence)": this item discusses adversarial.
Abstract
arXiv:2605.11619v1 Announce Type: new Abstract: Here is a further shortened version (pure text, no extra formatting, academic style preserved, no content change): Abstract. With the rise of AI-generated content (AIGC), phishing actors now possess richer linguistic capabilities and evasion techniques. Most existing detectors over-rely on mutable textual features, achieving high accuracy on clean data but degrading severely under text-focused adversarial manipulation. This mirrors the lab-to-real performance gap. We investigate invariant signals in phishing emails: even when attackers modify surface text, functional intent constrains relations among typed entities. Threat-actor tradecraft is described via high-level TTPs, but rule-based systems like Sigma express invariants only through manually curated, field-specific patterns, limiting flexibility. We introduce PhishSigma++, an entity-relation-based malicious email detector for RFC822 messages that generalizes Sigma's design. It extracts 40 typed entity classes, computes 5 cross-type relations to build a typed email graph, and uses particle swarm optimization (PSO) to select a sparse discriminative mask, supporting classification and type-level evidence summary. On 29,142 messages, PhishSigma++ achieves 0.9675 F1 on clean data and outperforms text-centric baselines under non-adaptive Good Word padding at \r{ho}=0.8. It maintains 0.9579 F1, while a token-based Bayesian filter collapses to 0.0243 and a DistilBERT phishing checkpoint falls to 0.7284. Compared with traditional Sigma rules, PhishSigma++ offers higher detection, broader relational invariance coverage, and data-driven feature selection. We also show that thresholded typed relation scores encode a useful fragment of Sigma-style field conditions, unifying hand-crafted rule logic and learned relation masks in a single-email framework.