An Enhanced Machine Learning with NLP Modelling Technique for Smishing Attacks Detection in Low-Resourced Languages

Smishing, a form of phishing through SMS, has emerged as a significant cybersecurity threat, particularly on mobile money platforms in regions with limited cybersecurity awareness. This research introduces a robust machine learning model integrated with advanced natural language processing (NLP) techniques for effective smishing detection. The proposed model targets English and Bemba, a low-resourced language, addressing a critical gap in cybersecurity research for linguistically diverse, resource-constrained environments. The model incorporates pseudonymization to enhance data security by anonymizing sensitive information such as personal identifiers while retaining the contextual integrity of messages. Named Entity Recognition (NER) is employed to detect and mask sensitive entities, further safeguarding user privacy. To bolster model robustness against adversarial attacks, adversarial training is applied, exposing the model to perturbed inputs during training to improve its resilience to manipulation. Regularization techniques, specifically L1 regularization, are used to optimize the model by reducing overfitting and ensuring efficient performance. The evaluation utilized datasets in English, Bemba, and a combination of both to assess the model’s adaptability to multilingual inputs. The results demonstrate superior performance, with high F1-Scores, low log loss, and across datasets, AUC ranged from 0.93 (Bemba) to 0.98 (English–Bemba), with consistently strong F1 and MCC. These metrics underscore the model’s capability to distinguish between smishing and legitimate messages effectively. By combining machine learning and NLP in a privacy-preserving and security-enhanced framework, this research provides a scalable, efficient solution for smishing detection in under-resourced contexts, contributing significantly to advancements in cybersecurity for low-resourced languages.