Dual-phase neuro-symbolic pipeline with privacy-preserving RAG and formal ontology reasoning.
Healthcare-specific threat taxonomy showing attack distribution: 34% Social Engineering, 26% AI Content, 20.5% Insurance Phishing, 19.5% Appointment Scams. Framework generalizes to finance, legal, and government domains.
| Dataset (test) | Method | Precision | Recall | FPR |
|---|---|---|---|---|
| Nazario.clean + SpamAssassin (n=1,110) |
Phase 1 (Rules) | 83.0% | 17.8% | 2.9% |
| Phase 2 (RAG, k=8) | 99.5% | 37.2% | 0.16% | |
| DataPhish 2025 (n=2,337; ~75% LLM-generated) |
Phase 1 (Rules) | 93.4% | 20.5% | — |
| Phase 2 (RAG, k=8) | 98.2% | 99.1% | — |
| Method | Precision | Recall | F1 | FPR | Cost/email | PHI Exposure |
|---|---|---|---|---|---|---|
| CyberCane (RAG, k=8) | 99.5% | 37.2% | 54.1% | 0.16% | $0.0017 | 0% † |
| TF-IDF LR + Redaction § | 98.8% | 97.4% | 98.1% | 0.98% | $0 | 0% † |
| GPT-4 Direct (unredacted) | 93.2% | 99.0% | 96.0% | 5.9% | $0.0001 | 53.2% |
| Mode | Similarity Threshold | Precision | Recall | F1 | FPR |
|---|---|---|---|---|---|
| Conservative | 0.50 | 99.3% | 29.5% | 45.5% | 0.16% |
| Baseline | 0.45 | 99.5% | 37.2% | 54.1% | 0.16% |
| Balanced (Default) | 0.40 | 99.5% | 40.0% | 57.1% | 0.16% |
| Moderate | 0.35 | 99.5% | 42.2% | 59.3% | 0.16% |
| Aggressive | 0.30 | 99.5% | 44.6% | 61.6% | 0.16% |
Note: FPR remains constant at 0.16% across all modes via shared Phase 1 high-confidence threshold (score ≥ 5). † PHI redacted before API transmission. § Privacy-constrained fair comparison using same redaction pipeline as CyberCane. CyberCane provides 6× lower FPR (0.16% vs. 0.98%), PhishOnt verifiable reasoning chains, and tunable operating points.
| Split | Coverage | Description |
|---|---|---|
| Overall (n=1,110) | 85.0% | All test emails |
| Phishing (n=495) | 76.8% | Phishing emails classified |
| Benign (n=615) | 91.7% | Legitimate emails classified |
79.5% of phishing emails evade Phase 1 symbolic rules (rising to 95.8% for Neutral-tone and 97.2% for Greed-tone emails). Phase 2 RAG recovers 99.0% of these Phase 1-evaded attacks, resulting in a combined two-phase miss rate of only 0.8%. This demonstrates that the dual-phase architecture is essential: neither phase alone achieves healthcare-grade performance.
50.7% of DataPhish 2025 emails contain at least one PII item (mean 1.63 items/email), confirming that unredacted transmission to external APIs exposes sensitive data at scale. CyberCane's automated redaction pipeline eliminates this exposure entirely before any API call, achieving 0% PHI leakage across all test conditions.
Phase 2 RAG produces meaningfully separated confidence distributions: phishing emails receive a mean similarity score of 54.6% versus 52.8% for benign emails. Critically, 85.5% of benign emails fall below the phishing mean, providing a clear statistical basis for the conservative 0.40 threshold that drives the 0.16% FPR.
Applies rule-based heuristics without external API calls:
Escalates ambiguous cases through a privacy-first pipeline:
OWL-based ontology with SWRL rules maps observed indicators to formal attack classifications:
Example Medicare phishing detection showing three explanation layers: (1) Symbolic evidence from DNS/SMTP analysis, (2) Retrieved similar phishing examples with similarity scores, (3) GPT-4.1-mini contextual reasoning. Final verdict: 94% confidence with actionable recommendations.
All evaluation scripts, datasets, and threshold configurations are available in the repository:
reports_cybercane/eval_test_split.py — Test split evaluatorreports_cybercane/bootstrap_ci.py — 1000-sample bootstrap confidence intervalsreports_cybercane/statistical_significance.py — McNemar χ² testsreports_cybercane/cost_benefit_analysis.py — ROI and cost-benefit calculationsreports_cybercane/tune_thresholds.py — Threshold optimization (F1-maximizing grid search)dataset_cybercane/best_thresholds_dataphish.json — Optimal threshold configurationdataset_cybercane/Nazario.clean.csv — Nazario phishing corpus (n=1,110)dataset_cybercane/dataphish_test.jsonl — DataPhish 2025 test split (n=2,337)dataset_cybercane/dataphish_val.jsonl — DataPhish 2025 validation splitdocker compose up --build
# Web: http://localhost:3000 | API: http://localhost:8000 | Docs: http://localhost:8000/docs
# Phase 1: Rules-based scan (no API key required)
curl -X POST http://localhost:8000/scan \
-H "Content-Type: application/json" \
-d '{"sender":"alert@bank.com","subject":"Urgent: verify account","body":"Click: http://bit.ly/x","url":1}'
# Phase 2: Full RAG analysis (requires OPENAI_API_KEY)
curl -X POST http://localhost:8000/ai/analyze \
-H "Content-Type: application/json" \
-d '{"sender":"alert@bank.com","subject":"Urgent: verify account","body":"Click: http://bit.ly/x","url":1}'
@article{hakim2026cybercane,
author = {S. B. Hakim and A. Afzal and Q. Zhao and V. Majmundar and P. Sloboda and H. H. Song},
title = {{CyberCane}: Neuro-Symbolic {RAG} for Privacy-Preserving Phishing Detection with Formal Ontology Reasoning},
journal = {arXiv preprint arXiv:2604.23563},
year = {2026},
note = {[Online]. Available: \url{https://arxiv.org/abs/2604.23563}},
primaryclass = {cs.CR}
}