Akademik Veri Yönetim Sistemi
JOURNAL OF POLYTECHNIC-POLITEKNIK DERGISI, 2025 (ESCI, TRDizin)
In the changing landscape of cybersecurity threats, phishing emails indicate a persistent and damaging attack vector. This study investigates the effectiveness of deep learning models on a phishing email classification task using tabular data and focusing on TabNet, NODE (Neural Oblivious Decision Ensembles), and FT-Transformer architectures. The utilized dataset includes eight input features capturing linguistic and structural characteristics of emails, with a binary label indicating phishing or normal classification. Additionally, the NearMiss under-sampling approach is applied to address the significant class imbalance. Experimental results demonstrate that while all three models achieve strong performance, the FT-Transformer model outperforms TabNet and NODE by achieving the highest classification accuracy and balanced precision-recall scores. Additionally, explainable artificial intelligence (XAI) methods, SHAP and LIME, are employed to interpret the FT-Transformer model's decision-making process, which highlights the critical role of spelling errors, unique word counts, and urgency-related keywords in phishing detection. The findings emphasize the potential of transformer-based approaches for tabular cybersecurity applications and indicate the importance of interpretable AI in enhancing trust and transparency in phishing detection systems.