WebWatcher: A Machine Learning Approach to Client–Side Detection of Web Spoofing Attacks

Abstract

Web spoofing attacks are a serious concern for anyone who spends time online because they may result in the theft of private information, including passwords.. traditional methods for detecting these attacks, such as rule-based systems, often fall short. They tend to struggle with advanced and unknown threats, resulting in a lot of false alarms and lacking real-time protection on the client sideIn order to successfully detect and counteract web spoofing attacks, we provide WebWatcher, a machine learning-based system. WebWatcher examines various aspects of URLs, combining both structural and behavioral indicators. This means it looks at things like IP usage, URL length, whether the site uses HTTPS, how long the domain has been registered, the presence of a favicon, website traffic, PageRank, and Google indexing to help identify potential spoofing threats and phishing efforts. Gradient Boosting Classifier, Random Forest, Multi-layer Perceptron, Support Vector Machine, Decision Tree, K-Nearest Neighbors, Logistic Regression, Naïve Bayes, and XGBoost are among the machine learning models that we tested. to find the most effective one. The standout performer was the Gradient Boosting Classifier, which achieved an impressive accuracy rate of 97.4%, making it the most dependable model for detecting phishing.To enhance accessibility and usability, WebWatcher has been implemented as a Chrome extension, providing real-time, client-side protection against malicious web spoofing attacks.