Phishing attacks continue to pose a major cybersecurity challenge, with traditional server-side and deep learning detection methods often struggling with network latency, privacy risks, and high computational overhead. This research focuses on creating a lightweight phishing URL detection system that operates in real time on the client side, implemented as a Google Chrome extension. The system employs a hybrid machine learning architecture combining Logistic Regression (LR) and Random Forest (RF) to evaluate 22 purely lexical URL features extracted locally. Evaluated using 5-fold cross-validation, the base models demonstrated high stability with mean performance scores of μ = 0.9960 for LR and μ = 0.9968 for RF. Crucially, confusion matrix analysis revealed that the hybrid approach perfectly resolved the trade-off between user accessibility and security. It successfully captured 20,037 phishing links (True Positives) and permitted 26,957 legitimate URLs (True Negatives). It minimized false alarms to just 13 False Positives, matching LR’s efficiency, while also reducing missed detections to 152 False Negatives. Furthermore, a live implementation test on 100 URL samples achieved 92% accuracy rate in providing real-time visual risk alerts. By performing all feature extraction and analysis locally without transmitting data externally, this system overcomes algorithmic trade-offs and network latency, delivering a dependable and user-friendly defense without compromising browsing performance.
Copyrights © 2026