From Detection to Evidence: A Unified System for Automated Email Phishing Analysis and Forensic Logging

Citation

Abdul Rahman, Siti Husna and Manalan, Kirtanah and Mohd Fathil, Nur Haifa and Zainuddin, Ahmad Anwar (2025) From Detection to Evidence: A Unified System for Automated Email Phishing Analysis and Forensic Logging. In: 9th International Conference on Information Technology, InCIT 2025, 12 November 2025 - 14 November 2025, Hybrid, Phuket.

[img] Text
90.pdf - Published Version
Restricted to Repository staff only

Download (460kB)

Abstract

Phishing attacks continue to bypass traditional defenses and burden non-technical users with manual, errorprone investigations. Existing tools are largely detectioncentric and rarely preserve evidence in a structured, reusable form, leaving a gap between threat identification and postincident analysis. We present a unified web-based system that automates email ingestion, multi-engine scanning, and forensic logging within a single interface. Implemented as a full-stack Python (Flask) application with MongoDB, the system programmatically acquires emails (or user-uploaded .eml), submits artifacts to VirusTotal, and parses headers to extract and geolocate sender IPs, maintaining user-scoped, audit-ready records. A dashboard provides real-time status, verdict visualization, and access to detailed reports and header forensics. In evaluation with 20 emails (10 phishing, 10 benign), the system achieved 95% accuracy (≥ 90% target), while soak testing demonstrated stable operation over extended runtime. By coupling automated detection with structured, user-specific forensic records, the system reduces technical barriers and strengthens incident response, making email threat analysis more accessible to both non-technical users and security teams.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Phishing detection, email forensics
Subjects: Q Science > QA Mathematics > QA71-90 Instruments and machines > QA75.5-76.95 Electronic computers. Computer science
Divisions: Faculty of Computing and Informatics (FCI)
Depositing User: Ms Rosnani Abd Wahab
Date Deposited: 18 Mar 2026 08:07
Last Modified: 19 Mar 2026 01:20
URII: http://shdl.mmu.edu.my/id/eprint/15576

Downloads

Downloads per month over past year

View ItemEdit (login required)