“AI Powered

Phishing Website
Detection
System”
Real-time detection using Machine Learning,
Heuristics & APIs
 Meet Our Team
“Collaboration is the key to
innovation.”

Ayush
Aniket Jaiswal Vishwakarma Anupam Tiwari
Frontend Developer & Project Lead & Machine Backend Developer &
UI/UX Designer Learning Developer Integration Specialist
 Problem Statements
 Traditional detection
 Phishing websites often depends on blacklists,
look visually identical which fail to catch new
to genuine ones sites

 Users need a real-time,

 Successful attacks lead intelligent system that
to financial loss, data can flag phishing
theft, and diminished attempts at the moment
trust of access
 Objectives
 Build a machine learning model to detect phishing
websites
 Use heuristic features and 3rd-party APIs (like Virus
Total & WHOIS) for enhanced detection
 Integrate a real-time browser extension for proactive
protection
 Build a transparent system with explainable AI
 Deploy a full-stack solution with a dashboard and
reporting features
 Why This Project Is Unique

 Hybrid Approach  Real-Time Browser  Explainable

Extension Predictions
ML + heuristics + APIs
= high accuracy Warns users before Transparent decisions
they click with LIME/SHAP

 Admin Dashboard  Crowdsourced

Reporting
Log analysis, pattern Users can submit
detection, and visual suspicious links,
stats building a live dataset
 System Architecture
This diagram explains the overall flow of how a URL is processed
through various stages of our phishing detection system.
 Technology Stack
Frontend Backend
•Chrome Extension
Flask REST API
(JavaScript, HTML, CSS) Firebase for logging
•Streamlit Dashboard
and real-time sync
(Python)

Machine Learning External APIs

•Random Forest, XGBoost,
•WHOIS API (Domain info)
Support Vector Machines
•Feature Engineering with •VirusTotal API (Threat score)
Scikit-learn •Google Safe Browsing API
•Explainability via LIME & (Blacklist check)
SHAP
 Dataset & Feature Engineering
Feature Preprocessing
Sources Used Categories: Steps

• URL-Based: Length, use

• PhishTank – of • Clean URLs
Verified phishing ‘@’, ‘//’, subdomains,
• Encode categorical
URLs redirection count
• Kaggle Phishing • Domain-Based: Age of data
domain, expiration time, • Normalize numerical
Dataset – Balanced WHOIS info
• Security-Based: HTTPS
features
labeled data • Handle class
• Alexa Top 1M – present?, certificate valid?
• Content-Based imbalance with
Legitimate websites (optional): Keyword • Smote/undersampling
analysis, HTML tag patterns
 Real-Time Browser Extension
This is where your project goes from
“academic” to “real-world.”

Features:
 Auto-scans every URL opened
in Chrome
 Sends the URL to backend API
 Backend returns prediction
(phishing or safe)
 If phishing → blocks the page
and shows red warning screen
 Simple, clean UI integrated
with Chrome browser
 Future Scope

 Deep Learning  Voice-Based  Integration into

Integration
Incorporating deep learning
into applications enhances
decision making and
accuracy.
Phishing Alerts Antivirus or
Help users with disabilities Browsers
via voice notifications Deploy as part of open-
source security tools

 Telegram/  Continuous
WhatsApp Bot Model Learning
Users can send URLs to a Implementing continuous
bot and get instant verdicts model training ensures the
system adapts and evolves
with new data.
 Project timeline

Research + Feature Model Tuning + Chrome

Dataset Engineering + ML Evaluation Extension Dev
Collection Models

Dashboard + Testing, Demo,

Explainable AI Final Report
 Conclusion
 Phishing attacks are increasing—and traditional solutions
can’t keep up

 Our system detects phishing proactively using ML,

heuristics, and real-time tools

 With a working browser extension and explainable model,

it’s ready for real-world use

 This project combines AI, Cybersecurity, and Real-Time

Systems — and has the potential to scale as a full product

“Our goal is to not just detect phishing, but to educate

and protect users in real-time.”
 Thank You!

“Our goal is to not just detect phishing, but to educate

and protect users in real-time.”