XAI for Improving the Security of ML-based Spoofing Email Detectors

Email is an essential part of our daily communication as it is one of the primary communication methods.
Cyber-attacks against email systems and their users have been increasing over the years for different reasons.
For example, Phishing is among the most common attacks that target email users with the intention to induce them
to disclose personal information. Typically, attackers use email spoofing attacks as the initial step in launching
a phishing attack. Most existing studies focus on phishing attacks, overlooking email spoofing attacks. Several
mitigation methods have been proposed to defend against email system-related attacks using Artificial Intelligence
(AI) and Machine Learning (ML) models. However, the literature has shown that these automated models are
vulnerable to adversarial examples that can cause them to produce inaccurate predictions. The objective of this
study is to identify evolving trends in email spoofing mitigation methods that uses ML and to highlight limitations
and gaps. The review distinguishes itself by carefully reviewing the latest articles published between 2020 and
2024, stating their pros and cons. The results indicate a lack of studies focusing on email spoofing attacks, which
is a crucial step in phishing attacks. Additionally, it reveals that most existing studies fail to consider the design
of adversary-aware ML-based detectors for spoofed emails. Thus, an adversary-aware framework for detecting
spoofed emails was proposed, and multiple experiments were performed to simulate possible adversarial attackst