{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T12:57:18Z","timestamp":1776085038058,"version":"3.50.1"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T00:00:00Z","timestamp":1730937600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T00:00:00Z","timestamp":1730937600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,2]]},"DOI":"10.1007\/s10207-024-00928-7","type":"journal-article","created":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T08:48:25Z","timestamp":1730969305000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Enhancing phishing email detection with stylometric features and classifier stacking"],"prefix":"10.1007","volume":"24","author":[{"given":"Ilias","family":"Chanis","sequence":"first","affiliation":[]},{"given":"Avi","family":"Arampatzis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,11,7]]},"reference":[{"key":"928_CR1","unstructured":"Radicati Group: Email Statistics Report 2022-2026 Executive Summary. Tech. rep., https:\/\/www.radicati.com\/wp\/wp-content\/uploads\/2022\/11\/Email-Statistics-Report-2022-2026-Executive-Summary.pdf (2022)"},{"key":"928_CR2","unstructured":"Federal Bureau of Investigation. 2022 Internet Crime Report. Tech. rep., (2022). https:\/\/www.ic3.gov\/Media\/PDF\/AnnualReport\/2022_IC3Report.pdf"},{"key":"928_CR3","unstructured":"Anti-Phishing Working Group. APWG Phishing Activity Trends Report 4th Quarter 2022. Tech. rep., Publications Office of the European Union, Luxembourg (2022). https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q4_2022.pdf"},{"key":"928_CR4","unstructured":"Anti-Phishing Working Group. APWG Phishing Activity Trends Report 2nd Quarter 2023. Tech. rep., Publications Office of the European Union, Luxembourg (2023). https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q2_2023.pdf"},{"issue":"1","key":"928_CR5","doi-asserted-by":"publisher","first-page":"671","DOI":"10.1109\/COMST.2019.2957750","volume":"22","author":"A Das","year":"2020","unstructured":"Das, A., Baki, S., Aassal, A.E., Verma, R.M., Dunbar, A.: SoK: a comprehensive reexamination of phishing research from the security perspective. IEEE Commun. Surv. Tutor. 22(1), 671\u2013708 (2020). https:\/\/doi.org\/10.1109\/COMST.2019.2957750","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"928_CR6","doi-asserted-by":"publisher","first-page":"41574","DOI":"10.1109\/ACCESS.2022.3166474","volume":"10","author":"R Abdillah","year":"2022","unstructured":"Abdillah, R., Shukur, Z., Mohd, M., Murah, M.Z.: Phishing classification techniques: a systematic literature review. IEEE Access 10, 41574\u201341591 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3166474","journal-title":"IEEE Access"},{"key":"928_CR7","doi-asserted-by":"publisher","unstructured":"Aleroud, A., Karabatis, G.: Bypassing detection of url-based phishing attacks using generative adversarial deep neural networks. In: Verma RM, Khan L, Mohan CK (eds) IWSPA@CODASPY \u201920: Proceedings of the 6th International Workshop on Security and Privacy Analytics, New Orleans, LA, USA, March 18, 2020, ACM, pp. 53\u201360, (2020), https:\/\/doi.org\/10.1145\/3375708.3380315","DOI":"10.1145\/3375708.3380315"},{"issue":"4","key":"928_CR8","doi-asserted-by":"publisher","first-page":"2070","DOI":"10.1109\/SURV.2013.030713.00020","volume":"15","author":"A Almomani","year":"2013","unstructured":"Almomani, A., Gupta, B.B., Atawneh, S., Meulenberg, A., Almomani, E.: A survey of phishing email filtering techniques. IEEE Commun. Surv. Tutor. 15(4), 2070\u20132090 (2013). https:\/\/doi.org\/10.1109\/SURV.2013.030713.00020","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"928_CR9","unstructured":"Chandrasekaran, M., Narayanan, K., Upadhyaya, S.: Phishing email detection based on structural properties. In: New York State Cyber Security Conference, Albany, NY, USA, (2006)"},{"key":"928_CR10","doi-asserted-by":"publisher","unstructured":"Fette, I., Sadeh, N.M., Tomasic, A.: Learning to detect phishing emails. In: Williamson CL, Zurko ME, Patel-Schneider PF, Shenoy PJ (eds) Proceedings of the 16th International Conference on World Wide Web, WWW 2007, Banff, Alberta, Canada, May 8-12, 2007, ACM, pp. 649\u2013656, (2007). https:\/\/doi.org\/10.1145\/1242572.1242660","DOI":"10.1145\/1242572.1242660"},{"issue":"1","key":"928_CR11","doi-asserted-by":"publisher","first-page":"7","DOI":"10.3233\/JCS-2010-0371","volume":"18","author":"A Bergholz","year":"2010","unstructured":"Bergholz, A., Beer, J.D., Glahn, S., Moens, M., Paa\u00df, G., Strobel, S.: New filtering approaches for phishing email. J Comput. Secur. 18(1), 7\u201335 (2010). https:\/\/doi.org\/10.3233\/JCS-2010-0371","journal-title":"J Comput. Secur."},{"key":"928_CR12","doi-asserted-by":"publisher","unstructured":"Moradpoor, N., Clavie, B., Buchanan, B.: Employing machine learning techniques for detection and classification of phishing emails. In: 2017 Computing Conference, pp. 149\u2013156, (2017). https:\/\/doi.org\/10.1109\/SAI.2017.8252096","DOI":"10.1109\/SAI.2017.8252096"},{"key":"928_CR13","unstructured":"Nguyen, M., Nguyen, T., Nguyen, T.H.: A deep learning model with hierarchical lstms and supervised attention for anti-phishing, (2018). CoRR abs\/1805.01554, arXiv:1805.01554"},{"key":"928_CR14","doi-asserted-by":"publisher","first-page":"56329","DOI":"10.1109\/ACCESS.2019.2913705","volume":"7","author":"Y Fang","year":"2019","unstructured":"Fang, Y., Zhang, C., Huang, C., Liu, L., Yang, Y.: Phishing email detection using improved RCNN model with multilevel vectors and attention mechanism. IEEE Access 7, 56329\u201356340 (2019). https:\/\/doi.org\/10.1109\/ACCESS.2019.2913705","journal-title":"IEEE Access"},{"key":"928_CR15","doi-asserted-by":"publisher","unstructured":"Bountakas, P., Koutroumpouchos, K., Xenakis, C.: A comparison of natural language processing and machine learning methods for phishing email detection. In: Reinhardt D, M\u00fcller T (eds) ARES 2021: The 16th International Conference on Availability, Reliability and Security, Vienna, Austria, August 17-20, 2021, ACM, pp. 127:1\u2013127:12, (2021). https:\/\/doi.org\/10.1145\/3465481.3469205","DOI":"10.1145\/3465481.3469205"},{"key":"928_CR16","doi-asserted-by":"publisher","unstructured":"Lee, J., Tang, F., Ye, P., Abbasi, F., Hay, P., Divakaran, D.M.: D-fence: A flexible, efficient, and comprehensive phishing email detection system. In: IEEE European Symposium on Security and Privacy, EuroS &P 2021, Vienna, Austria, September 6-10, 2021, IEEE, pp. 578\u2013597, (2021). https:\/\/doi.org\/10.1109\/EUROSP51992.2021.00045","DOI":"10.1109\/EUROSP51992.2021.00045"},{"issue":"2","key":"928_CR17","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1504\/IJSN.2013.055941","volume":"8","author":"EE Abdallah","year":"2013","unstructured":"Abdallah, E.E., Abdallah, A.E., Bsoul, M., Otoom, A.F., Al-Daoud, E.: Simplified features for email authorship identification. Int. J. Secur. Netw. 8(2), 72\u201381 (2013). https:\/\/doi.org\/10.1504\/IJSN.2013.055941","journal-title":"Int. J. Secur. Netw."},{"issue":"8","key":"928_CR18","doi-asserted-by":"publisher","first-page":"2315","DOI":"10.1007\/S00521-015-2069-7","volume":"27","author":"R Shams","year":"2016","unstructured":"Shams, R., Mercer, R.E.: Supervised classification of spam emails with natural language stylometry. Neural Comput. Appl. 27(8), 2315\u20132331 (2016). https:\/\/doi.org\/10.1007\/S00521-015-2069-7","journal-title":"Neural Comput. Appl."},{"key":"928_CR19","doi-asserted-by":"publisher","unstructured":"Dewan, P., Kashyap, A., Kumaraguru, P.: Analyzing social and stylometric features to identify spear phishing emails. In: 2014 APWG Symposium on Electronic Crime Research (eCrime), pp. 1\u201313, (2014). https:\/\/doi.org\/10.1109\/ECRIME.2014.6963160","DOI":"10.1109\/ECRIME.2014.6963160"},{"key":"928_CR20","doi-asserted-by":"publisher","unstructured":"Duman, S., Kalkan-Cakmakci, K., Egele, M., Robertson, W.K., Kirda, E.: Emailprofiler: Spearphishing filtering with header and stylometric features of emails. In: 40th IEEE Annual Computer Software and Applications Conference, COMPSAC 2016, Atlanta, GA, USA, June 10-14, 2016, IEEE Computer Society, pp. 408\u2013416, (2016). https:\/\/doi.org\/10.1109\/COMPSAC.2016.105","DOI":"10.1109\/COMPSAC.2016.105"},{"issue":"1","key":"928_CR21","doi-asserted-by":"publisher","first-page":"324","DOI":"10.1016\/J.JNCA.2012.05.009","volume":"36","author":"MR Islam","year":"2013","unstructured":"Islam, M.R., Abawajy, J.H.: A multi-tier phishing detection and filtering approach. J. Netw. Comput. Appl. 36(1), 324\u2013335 (2013). https:\/\/doi.org\/10.1016\/J.JNCA.2012.05.009","journal-title":"J. Netw. Comput. Appl."},{"issue":"09","key":"928_CR22","doi-asserted-by":"publisher","first-page":"2507","DOI":"10.4236\/cs.2016.79217","volume":"07","author":"CE Shyni","year":"2016","unstructured":"Shyni, C.E., Sarju, S., Swamynathan, S.: A multi-classifier based prediction model for phishing emails detection using topic modelling, named entity recognition and image processing. Circuits Syst. 07(09), 2507\u20132520 (2016). https:\/\/doi.org\/10.4236\/cs.2016.79217","journal-title":"Circuits Syst."},{"key":"928_CR23","unstructured":"Bird, S., Loper, E., Klein, E.: Natural language processing with Python. \u201c O\u2019Reilly Media, Inc.\u201d (2009)"},{"key":"928_CR24","unstructured":"Mikolov, T., Chen, K., Corrado, G., Dean, J.: Efficient estimation of word representations in vector space. In: Bengio Y, LeCun Y (eds) 1st International Conference on Learning Representations, ICLR 2013, Scottsdale, Arizona, USA, May 2-4, 2013, Workshop Track Proceedings, (2013a). http:\/\/arxiv.org\/abs\/1301.3781"},{"key":"928_CR25","unstructured":"Mikolov, T., Sutskever, I., Chen, K., Corrado, G.S., Dean, J.: Distributed representations of words and phrases and their compositionality. In: Burges CJC, Bottou L, Ghahramani Z, Weinberger KQ (eds) Advances in Neural Information Processing Systems 26: 27th Annual Conference on Neural Information Processing Systems 2013. Proceedings of a meeting held December 5-8, 2013, Lake Tahoe, Nevada, United States, pp. 3111\u20133119, (2013b). https:\/\/proceedings.neurips.cc\/paper\/2013\/hash\/9aa42b31882ec039965f3c4923ce901b-Abstract.html"},{"key":"928_CR26","doi-asserted-by":"publisher","unstructured":"Devlin, J., Chang, M., Lee, K., Toutanova, K.: BERT: Pre-training of deep bidirectional transformers for language understanding. In: Burstein J, Doran C, Solorio T (eds) Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, NAACL-HLT 2019, Minneapolis, MN, USA, June 2-7, 2019, Volume 1 (Long and Short Papers), Association for Computational Linguistics, pp. 4171\u20134186, (2019). https:\/\/doi.org\/10.18653\/V1\/N19-1423","DOI":"10.18653\/V1\/N19-1423"},{"key":"928_CR27","doi-asserted-by":"publisher","unstructured":"Toolan, F., Carthy, J.: Feature selection for spam and phishing detection. In: 2010 eCrime Researchers Summit, eCrime 2010, Dallas, TX, USA, October 18-20, 2010, IEEE, pp. 1\u201312, (2010). https:\/\/doi.org\/10.1109\/ECRIME.2010.5706696","DOI":"10.1109\/ECRIME.2010.5706696"},{"issue":"6","key":"928_CR28","doi-asserted-by":"publisher","DOI":"10.1016\/J.IPM.2019.102061","volume":"56","author":"O Fourkioti","year":"2019","unstructured":"Fourkioti, O., Symeonidis, S., Arampatzis, A.: Language models and fusion for authorship attribution. Inf. Process Manag. 56(6), 102061 (2019). https:\/\/doi.org\/10.1016\/J.IPM.2019.102061","journal-title":"Inf. Process Manag."},{"key":"928_CR29","doi-asserted-by":"publisher","unstructured":"McKinney, Wes: Data Structures for Statistical Computing in Python. In: St\u00e9fan van\u00a0der Walt, Jarrod Millman (eds) Proceedings of the 9th Python in Science Conference, pp. 56\u201361, (2010). https:\/\/doi.org\/10.25080\/Majora-92bf1922-00a","DOI":"10.25080\/Majora-92bf1922-00a"},{"key":"928_CR30","unstructured":"Buitinck, L., Louppe, G., Blondel, M., Pedregosa, F., Mueller, A., Grisel, O., Niculae, V., Prettenhofer, P., Gramfort, A., Grobler, J., Layton, R., VanderPlas, J., Joly, A., Holt, B., Varoquaux, G.: API design for machine learning software: experiences from the scikit-learn project. In: ECML PKDD Workshop: Languages for Data Mining and Machine Learning, pp. 108\u2013122, (2013)"},{"key":"928_CR31","unstructured":"\u0158eh\u016f\u0159ek, R., Sojka, P.: Software Framework for Topic Modelling with Large Corpora. In: Proceedings of the LREC 2010 Workshop on New Challenges for NLP Frameworks, ELRA, Valletta, Malta, pp. 45\u201350, (2010)"},{"key":"928_CR32","unstructured":"Cohen, W.W.: Enron Email Dataset. (2015), https:\/\/www.cs.cmu.edu\/~.\/enron\/, accessed: 2022-03-16"},{"key":"928_CR33","unstructured":"Nazario, J.: Phishing Email Corpus, (2005-2022). https:\/\/monkey.org\/~jose\/phishing\/README.txt, accessed: 2022-03-16"},{"issue":"7","key":"928_CR34","doi-asserted-by":"publisher","first-page":"1895","DOI":"10.1162\/089976698300017197","volume":"10","author":"TG Dietterich","year":"1998","unstructured":"Dietterich, T.G.: Approximate statistical tests for comparing supervised classification learning algorithms. Neural Comput. 10(7), 1895\u20131923 (1998). https:\/\/doi.org\/10.1162\/089976698300017197","journal-title":"Neural Comput."},{"key":"928_CR35","doi-asserted-by":"publisher","unstructured":"Halgas, L., Agrafiotis, I., Nurse, J.R.C.: Catching the phish: Detecting phishing attacks using recurrent neural networks (rnns). In: You I (ed) Information Security Applications - 20th International Conference, WISA 2019, Jeju Island, South Korea, August 21-24, 2019, Revised Selected Papers, Springer, Lecture Notes in Computer Science, vol 11897, pp. 219\u2013233, (2019). https:\/\/doi.org\/10.1007\/978-3-030-39303-8_17","DOI":"10.1007\/978-3-030-39303-8_17"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00928-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-024-00928-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00928-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T05:16:14Z","timestamp":1739337374000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-024-00928-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,7]]},"references-count":35,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,2]]}},"alternative-id":["928"],"URL":"https:\/\/doi.org\/10.1007\/s10207-024-00928-7","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,7]]},"assertion":[{"value":"7 November 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no competing financial or non-financial interests to declare that are relevant to the content of this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"No funding was received for conducting this study. The article does not contain any studies that involve human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Human participants"}}],"article-number":"15"}}