Phish Catcher: Client-Side Defense against Web-Spoofing Attacks Using Machine Learning

Abstract

Cybersecurity faces a significant challenge in safeguarding users' confidential information, such as passwords and PIN codes, from phishing attacks. These attacks, which employ various deceptive tactics like fake login pages, phishing emails, and click-jacking, aim to trick users into divulging sensitive data. Traditional security strategies often encounter issues of latency and accuracy in detecting these fraudulent activities. To address this challenge, we propose a client-side defense mechanism leveraging machine learning techniques to detect spoofed web pages and protect users from phishing attacks. In this work, we introduce Phish Catcher, a Google Chrome extension developed as a proof of concept for our machine learning-based approach. Phish Catcher utilizes a random forest classifier trained on four types of web features to classify URLs as suspicious or trustworthy. To evaluate the effectiveness of our extension, we conducted experiments on real web applications, testing 400 classified phishing URLs and 400 legitimate URLs. The results demonstrate a remarkable accuracy and precision of 98.5% for detecting spoofed web pages. Furthermore, we assessed the latency of Phish Catcher by measuring its response time over forty phished URLs. The average recorded response time was just 62.5 milliseconds, indicating minimal impact on user experience while providing robust protection against phishing attacks. Overall, our approach offers a highly accurate and efficient solution for detecting phishing attempts, thereby enhancing user security and mitigating the risks associated with online fraud.