PHISHCATCHER: XGBOOST ALGORITHM-BASED CLIENTSIDE PROTECTION AGAINST WEB SPOOFING ATTACKS

Abstract

The secrecy and authenticity of user data, including passwords and PIN codes,
provide a significant problem for cyber security. Every day, phony login screens asking for
private information are shown to billions of visitors. Many techniques, including phishing
emails, alluring adverts, clickjacking, spyware, injection of SQL, session hijacking, man-in-themiddle
attacks, denial of service, and cross-site scripting assaults, may be used to deceive a user
into visiting a website. Web spoofing, often known as phishing, is an online scam where the
perpetrator creates a fraudulent replica of an authentic website and demands personal data from
users, including passwords. Researchers have suggested a number of security measures to
thwart these vulnerabilities, however all have problems with precision and latency. We suggest
and create a client-side defense mechanism that utilizes machine learning methods to identify
spoof websites and shield users from phishing attempts in order to address these problems. We
construct the machine learning algorithm to classify URLs as trustworthy or suspicious, and as a
proof of concept, we create the Phish Catcher Google Chrome plugin. The program determines
if a login website is spoof or not based on four distinct kinds of web properties that are loaded
into a random forest classifier. Several studies were conducted on actual web apps to evaluate
the extension's precision and accuracy. Based on 400 phished and 400 real URLs, the
experiment's findings demonstrate an impressive 98.5% accuracy and 98.5% precision. In
addition, we conducted tests on forty phished URLs in order to gauge the lag of our tool. Phish
Catcher's reported reaction time was under 62.5 milliseconds on average.