An Integrated Framework for Phishing Threat Mitigation via Simulation-Driven Analysis, Email Header Forensics, and URL Intelligence

Authors

  • Sabitha Banu Department of Computer Science with Cybersecurity, PSGR Krishnammal College for Women, Coimbatore, Tamil Nadu,- 641004, India. Author
  • Mehdi Gheisari Institute of Artificial Intelligence, Shaoxing University, 508 West Huancheng Road, Yuecheng District, Zhejiang, 312000, China. , Shaoxing University image/svg+xml Author
  • Saman Khammar University of Sistan and Baluchestan image/svg+xml , Faculty of Electrical and Computer Engineering, University of Sistan and Baluchestan, Zahedan, Iran Author
  • Mustafa Ghaderzadeh School of Nursing and Health Sciences of Boukan, Urmia University of Medical Sciences, Urmia, Iran. , Urmia University of Medical Sciences image/svg+xml Author
  • Saeed Lotfi Department of Computer Engineering, K. N. Toosi University of Technology, Tehran, Iran. , K.N.Toosi University of Technology image/svg+xml Author

DOI:

https://doi.org/10.71426/jcdt.v2.i1.pp121-130

Keywords:

Phishing attacks, Email header analysis, URL scrutiny, Cybersecurity, Threat mitigation

Abstract

Phishing attacks continue to represent a dominant vector for cyber intrusions, exploiting human vulnerabilities and systemic weaknesses in email communication infrastructures. This study presents an integrated and simulation-driven cybersecurity framework that combines phishing campaign emulation, email header forensics, and URL intelligence analysis to enable proactive threat detection and mitigation. The proposed approach leverages open-source platforms to systematically replicate real-world phishing scenarios, thereby facilitating controlled experimentation and behavioral analysis. Email header inspection is employed to extract and validate metadata attributes such as sender authenticity, routing paths, and authentication protocols, such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) are used to verify the authenticity of email senders and detect spoofing attempts. Concurrently, URL scrutiny mechanisms incorporate blacklist verification, domain reputation assessment, and structural pattern analysis to detect malicious or obfuscated links. The framework is designed to enhance situational awareness by correlating insights derived from simulation outputs, header anomalies, and URL threat indicators. Experimental evaluation demonstrates improved detection accuracy and response efficiency when compared to isolated analysis techniques. Furthermore, the integration of feedback-driven awareness mechanisms strengthens organizational resilience against evolving phishing tactics. The proposed methodology not only provides a comprehensive analytical perspective on phishing attack vectors but also contributes a scalable and cost-effective solution for real-world deployment in enterprise security ecosystems.

References

[1] Tanti R. Study of Phishing Attack and their Prevention Techniques. International Journal of Scientific Research in Engineering and Management. 2024 Oct;8(10):1-8. Available from: https://doi.org/10.55041/IJSREM38042

[2] Kumar Soma A. Hybrid RNN-GRU-LSTM Model for Accurate Detection of DDoS Attacks on IDS Dataset. Journal of Modern Technology. 2025 May 14;2(01):283-91. Available from: https://doi.org/10.71426/jmt.v2.i1.pp283-291

[3] Bossetta M. The Weaponization of Social Media: Spear Phishing and Cyberattacks on Democracy. Journal of International Affairs. 2018 Jan 1;71(1.5):97-106. Available from: https://www.jstor.org/stable/26508123

[4] Khamis SA, Foozy CF, Aziz MF, Rahim N. Header Based Email Spam Detection Framework Using Support Vector Machine (SVM) Technique. In International Conference on Soft Computing and Data Mining. 2019 Dec 5 (pp. 57-65). Cham: Springer International Publishing. Available from: https://doi.org/10.1007/978-3-030-36056-6_6

[5] Asif AU, Shirazi H, Ray I. Machine learning-based phishing detection using URL features: A comprehensive review. In International Symposium on Stabilizing, Safety, and Security of Distributed Systems. 2023 Sep 30 (pp. 481-497). Cham: Springer Nature Switzerland. Available from: https://doi.org/10.1007/978-3-031-44274-2_36

[6] Chanyour T, El Kasmi Alaoui S, Kaddari A, Hmimz Y, Chiba Z. Blockchain and Reputation Based Secure Service Provision in Edge-Cloud Environments. In International Conference on Artificial Intelligence and Smart Environment. 2023 Nov 23 (pp. 15-20). Cham: Springer Nature Switzerland. Available from: https://doi.org/10.1007/978-3-031-48573-2_3

[7] Kumaraguru P, Rhee Y, Acquisti A, Cranor LF, Hong J, Nunge E. Protecting people from phishing: the design and evaluation of an embedded training email system. In Proceedings of the SIGCHI conference on Human factors in computing systems. 2007 Apr 29 (pp. 905-914). Available from: https://dl.acm.org/doi/abs/10.1145/1240624.1240760

[8] Lallie HS, Shepherd LA, Nurse JR, Erola A, Epiphaniou G, Maple C, Bellekens X. Cybersecurity in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers & Security. 2021 Jun 1;105:102248. Available from: https://doi.org/10.1016/j.cose.2021.102248

[9] Kumar N, Goel V, Ranjan R, Altuwairiqi M, Alyami H, Asakipaam SA. A Blockchain‐Oriented Framework for Cloud‐Assisted System to Countermeasure Phishing for Establishing Secure Smart City. Security and Communication Networks. 2023;2023(1):8168075. Available from: https://doi.org/10.1155/2023/8168075

[10] Yadav A, Kumar A, Singh V. Open-source intelligence: a comprehensive review of the current state, applications and future perspectives in cyber security. Artificial Intelligence Review. 2023 Nov;56(11):12407-38. Available from: https://doi.org/10.1007/s10462-023-10454-y

[11] Halim MI, Hasan MZ, Kabir MH, Hasan MN, Jaki H, Ahmad, Hasan H. Enhancing Phishing Detection: A Machine Learning Approach to Predicting Malicious Emails, URLs, and SMS Messages. Applied Computational Intelligence and Soft Computing. 2025;2025(1):6633979. Available from: https://doi.org/10.1155/acis/6633979

[12] Ramanathan V, Wechsler H. Phishing detection and impersonated entity discovery using Conditional Random Field and Latent Dirichlet Allocation. Computers & Security. 2013 May 1;34:123-39. Available from: https://doi.org/10.1016/j.cose.2012.12.002

[13] Gupta I, Singh N, Singh AK. Layer-based privacy and security architecture for cloud data sharing. Journal of Communications Software and Systems. 2019 Jun 1;15(2):173-85. Available from: https://doi.org/10.24138/jcomss.v15i2.617

[14] Kritika E. A comprehensive literature review on phishing URL detection using deep learning techniques. Journal of Cyber Security Technology. 2025 Oct 2;9(4):315-43. Available from: https://doi.org/10.1080/23742917.2024.2378552

[15] Jain A. Enhancing forensic analysis of digital evidence using machine learning: Techniques, applications, and challenges. Int. J. Innov. Res. Multidiscip. Perspect. Stud.(IJIRMPS). 2024 Sep;18:1-8. Available from: https://www.researchgate.net/profile/Pankaj-Malik-4/publication/383870594

[16] Paul E, Callistus O, Somtobe O, Esther T, Somto K, Clement O, Ejimofor I. Cybersecurity strategies for safeguarding customer’s data and preventing financial fraud in the United States financial sectors. International Journal on Soft Computing. 2023 Aug;14(3):01-16. Available from: https://doi.org/10.5121/ijsc.2023.14301

[17] Shaukat K, Luo S, Varadharajan V, Hameed IA, Xu M. A survey on machine learning techniques for cyber security in the last decade. IEEE Access. 2020 Dec 2;8:222310-54. Available from: https://doi.org/10.1109/ACCESS.2020.3041951

[18] Chatchalermpun S, Daengsi T. Improving cybersecurity awareness using phishing attack simulation. IOP Conference Series: Materials Science and Engineering. 2021;1088(1):012015. Available from: https://doi.org/10.1088/1757-899X/1088/1/012015

[19] Jartelius M. The 2020 data breach investigations report–a CSO's perspective. Network Security. 2020 Jul;2020(7):9-12. Available from: https://doi.org/10.1016/S1353-4858(20)30079-9

[20] Downs JS, Holbrook M, Cranor LF. Behavioral response to phishing risk. Proceedings of the Anti-Phishing Working Groups 2nd Annual eCrime Researchers Summit. 2007 Oct 4 (pp. 37-44). Available from: https://doi.org/10.1145/1299015.1299019

[21] Kheruddin MS, Zuber MA, Radzai MM. Phishing attacks: Unraveling tactics, threats, and defenses in the cybersecurity landscape. Authorea Preprints. 2024 Jan 15. Available from: https://www.authorea.com/doi/full/10.22541/au.170534654.48067877

[22] Cheng TH, Lin YD, Lai YC, Lin PC. Evasion techniques: Sneaking through your intrusion detection/prevention systems. IEEE Communications Surveys & Tutorials. 2011 Oct 13;14(4):1011-20. Available from: https://doi.org/10.1109/SURV.2011.092311.00082

[23] Penaganti R. Graph Neural Network-Based Framework for Real-Time Financial Fraud Detection in Digital Payment Ecosystems. Journal of Computing and Data Technology. 2025 Nov. 21 ;1(2):91-97. Available from: https://doi.org/10.71426/jcdt.v1.i2.pp91-97

[24] Lamina OA, Ayuba WA, Adebiyi OE, Michael GE, Samuel OO, Samuel KO. AI-Powered Phishing Detection and Prevention. Path of Science. 2024 Dec 31;10(12):4001-10. Available from: http://dx.doi.org/10.22178/pos.112-7

[25] Yang J, Fang B, Lu H, Tian Z. Context-Aware Phishing-Resistant Authentication for Federated Identity in Internet of Things Platforms. IEEE Internet of Things Journal. 2024 Dec 11;12(8):11121-34. Available from: https://doi.org/10.1109/JIOT.2024.3515079

[26] Langford T, Payne B. Phishing faster: Implementing chatgpt into phishing campaigns. Proceedings of the Future Technologies Conference. 2023 Oct 19 (pp. 174-187). Available from: https://doi.org/10.1007/978-3-031-47454-5_13

[27] Wyss E, Davidson D, De Carli L. What's in a URL? An Analysis of Hardcoded URLs in npm Packages. Proceedings of the 2024 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses. 2023 Nov 19 (pp. 26-32). Available from: https://doi.org/10.1145/3689944.3696168

[28] Sahay R, Meng W, Li W. A Comparative Analysis of Phishing Tools: Features and Countermeasures. International Conference on Information Security Practice and Experience. 2024 Oct 25 (pp. 365-382). Available from: https://doi.org/10.1007/978-981-97-9053-1_21

[29] Bell S, Komisarczuk P. An analysis of phishing blacklists: Google safe browsing, openphish, and phishtank. Proceedings of the Australasian Computer Science Week Multiconference. 2020 Feb 4 (pp. 1-11). Available from: https://dl.acm.org/doi/10.1145/3373017.3373020

[30] Vidyakeerthi S, Nabeel M, Elvitigala C, Keppitiyagama C. Phishchain: a decentralized and transparent system to blacklist phishing urls. Companion Proceedings of the Web Conference 2022. 2022 Apr 25 (pp. 286-289). Available from: https://doi.org/10.1145/3487553.3524235

[31] Ashraf QM, Habaebi MH. Autonomic schemes for threat mitigation in Internet of Things. Journal of Network and Computer Applications. 2015 Mar 1;49:112-27. Available from: https://doi.org/10.1016/j.jnca.2014.11.011

[32] Sarker IH, Kayes AS, Badsha S, Alqahtani H, Watters P, Ng A. Cybersecurity data science: an overview from machine learning perspective. Journal of Big Data. 2020 Jul 1;7(1):41. Available from: https://doi.org/10.1186/s40537-020-00318-5

[33] Zwilling M, Klien G, Lesjak D, Wiechetek Ł, Cetin F, Basim HN. Cyber security awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems. 2022 Jan 2;62(1):82-97. Available from: https://doi.org/10.1080/08874417.2020.1712269

[34] Quayyum F, Cruzes DS, Jaccheri L. Cybersecurity awareness for children: A systematic literature review. International Journal of Child-Computer Interaction. 2021 Dec 1;30:100343. Available from: https://doi.org/10.1016/j.ijcci.2021.100343

[35] Alharbi T, Tassaddiq A. Assessment of cybersecurity awareness among students of Majmaah University. Big Data and Cognitive Computing. 2021 May 10;5(2):23. Available from: https://doi.org/10.3390/bdcc5020023

[36] Bongu SR. Real-Time Behavioral Biometrics and Continuous Authentication Framework for Secure Financial Transaction Ecosystems. Journal of Applied Sciences and Modelling. 2025 Dec. 31;1(1):40-5. Available from: https://doi.org/10.71426/jasm.v1.i1.pp40-50

Downloads

Published

07-05-2026

Issue

Vol. 2 No. 1 (2026): Volume -2(2026), Issue- 1 (January-June)

Section

Research Article

License

Copyright (c) 2026 Mehdi Gheisari, Sabitha Banu, Saman Khammar, Mustafa Ghaderzadeh, Saeed Lotfi (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite

[1]
S. Banu, M. Gheisari, S. Khammar, Mustafa Ghaderzadeh, and Saeed Lotfi, “An Integrated Framework for Phishing Threat Mitigation via Simulation-Driven Analysis, Email Header Forensics, and URL Intelligence”, Journal of Computing and Data Technology, vol. 2, no. 1, pp. 121–130, May 2026, doi: 10.71426/jcdt.v2.i1.pp121-130.