Cross-Validated Hybrid Machine Learning Model For Real-Time Phishing URL Detection On Google Chrome Extension

Authors

  • Evta Indra Universitas Prima Indonesia
  • Wahyu Soekanta Ginting Universitas Prima Indonesia
  • Katrin Wijaya Universitas Prima Indonesia
  • Nuragustyani br Bangun Universitas Prima Indonesia

DOI:

https://doi.org/10.30865/json.v7i4.9777

Keywords:

Chrome Extension, Cross Validation, Hybrid Machine Learning, Phishing URL, Real-Time Security

Abstract

Phishing attacks continue to pose a major cybersecurity challenge, with traditional server-side and deep learning detection methods often struggling with network latency, privacy risks, and high computational overhead. This research focuses on creating a lightweight phishing URL detection system that operates in real time on the client side, implemented as a Google Chrome extension. The system employs a hybrid machine learning architecture combining Logistic Regression (LR) and Random Forest (RF) to evaluate 22 purely lexical URL features extracted locally. Evaluated using 5-fold cross-validation, the base models demonstrated high stability with mean performance scores of μ = 0.9960 for LR and μ = 0.9968 for RF. Crucially, confusion matrix analysis revealed that the hybrid approach perfectly resolved the trade-off between user accessibility and security. It successfully captured 20,037 phishing links (True Positives) and permitted 26,957 legitimate URLs (True Negatives). It minimized false alarms to just 13 False Positives, matching LR’s efficiency, while also reducing missed detections to 152 False Negatives. Furthermore, a live implementation test on 100 URL samples achieved 92% accuracy rate in providing real-time visual risk alerts. By performing all feature extraction and analysis locally without transmitting data externally, this system overcomes algorithmic trade-offs and network latency, delivering a dependable and user-friendly defense without compromising browsing performance.

References

[1] F. N. Motlagh, M. Hajizadeh, M. Majd, P. Najafi, F. Cheng, and C. Meinel, “Large language models in Cybersecurity: Sate-of-the-Art,” arXiv (Cornell University), Jan. 2024, doi: 10.48550/arXiv.2402.00891.

[2] M. Mijwil, I. E. Salem, and M. M. Ismaeel, “The Significance of machine learning and deep learning techniques in Cybersecurity: A Comprehensive review,” Iraqi Journal for Computer Science and Mathematics, pp. 87-101, Jan. 2023, doi: 10.52866/ijcsm.2023.01.01.008.

[3] A. Safi and S. Singh, “A systematic literature review on phishing website detection techniques,” Journal of King Saud University - Computer and Information Sciences, vol. 35, no. 2, pp. 590–611, Feb. 2023, doi: 10.1016/j.jksuci.2023.01.004.

[4] O. K. Sahingoz, E. Buber, and E. Kugu, “DEPHIDES: Deep Learning Based Phishing Detection System,” IEEE Access, vol. 12, pp. 8052–8070, 2024, doi: 10.1109/ACCESS.2024.3352629.

[5] R. MRM, N. F.A.M, S. A.M, and S. K.A.S, “A comparative analysis of machine learning models for URL-Based phishing detection,” Research Square, Apr. 15, 2025. doi: 10.21203/rs.3.rs-6439154/v1.

[6] B. C. Ujah-Ogbuagu, O. N. Akande, and E. Ogbuju, “A hybrid deep learning technique for spoofing website URL detection in real-time applications,” Journal of Electrical Systems and Information Technology, vol. 11, no. 1, Jan. 2024, doi: 10.1186/s43067-023-00128-8.

[7] G. S. Nayak, B. Muniyal, and M. C. Belavagi, “Enhancing Phishing Detection: a machine learning approach with feature selection and deep learning models,” IEEE Access, vol. 13, pp. 33308–33320, Jan. 2025, doi: 10.1109/ACCESS.2025.3543738.

[8] Q. E. U. Haq, M. H. Faheem, and I. Ahmad, “Detecting Phishing URLs based on a deep learning approach to prevent Cyber-Attacks,” Applied Sciences (Switzerland), vol. 14, no. 22, Nov. 2024, doi: 10.3390/app142210086.

[9] U. Daniel, E. Bartholomew, and F. Egbono, “Phishing URL Attack Detection using Logistic Regression and Convolutional Neural Network,’ International Journal of Computer Applications, vol.187, no. 1, pp. 8-14, May 2025, doi: 10.5120/ijca2025924611.

[10] R. Yang, K. Zheng, B. Wu, C. Wu, and X. Wang, “Phishing website detection based on deep convolutional neural network and random forest ensemble learning,” Sensors, vol. 21, no. 24, Dec. 2021, doi: 10.3390/s21248281.

[11] D. Kalla and S. Kuraku, “Phishing Website URL’s Detection Using NLP and machine learning techniques,” Journal on Artificial Intelligence, vol. 5, no. 0, pp. 145–162, Jan. 2023, doi: 10.32604/jai.2023.043366.

[12] A. Almomani et al., “Phishing website detection with semantic features based on machine learning classifiers,”International Journal on Semantic Web and Innformation Systems, vol. 18, no. 1, Feb. 2022, doi: 10.4018/ijswis.297032.

[13] W. Purba, M. Turnip, and E. Indra, “Algorithm analysis comparison of naïve bayes and logistic regression methods for predicting diabetes,” Jun. 01, 2024. https://internetworkingindonesia.org/index.php/iij/article/view/33

[14] V. Vajrobol, B. B. Gupta, and A. Gaurav, “Mutual information based logistic regression for phishing URL detection,” Cyber Security and Applications, vol. 2, p. 100044, Jan. 2024, doi: 10.1016/j.csa.2024.100044.

[15] F. Felix, D. Sitanggang, Y. Laia, A. -, M. Radhi, and E. S. Barus, “Application of Data Mining using the random forest method to predict heart disease”, JUSIKOM PRIMA, vol. 7, no. 2, pp. 35-47, Feb. 2024.

[16] N. F. Almujahid, M. A. Haq, and M. Alshehri, “Comparative evaluation of machine learning algorithms for phishing site detection,” PeerJ Computer Science, vol. 10, p. e2131, Jun 2024, doi: 10.7717/peerj-cs.2131.

[17] E. Kocyigit, M. Korkmaz, O. K. Sahingoz, and B. Diri, “Enhanced feature selection using genetic algorithm for Machine-Learning-Based phishing URL detection,” Applied Sciences, vol. 14, no. 14, p. 6081, Jul. 2024, doi: 10.3390/app14146081.

[18] M. Ahmed et al., “PhishCatcher: Client-Side Defense Against Web Spoofing Attacks Using Machine Learning,” IEEE Access, vol. 11, pp. 61249–61263, 2023, doi: 10.1109/ACCESS.2023.3287226.

[19] Sagar Aghera, “Enhancing Predictive Accuracy in Phishing Attack Detection: A Study on the impact of Collinearity and Feature Selection in ML-based Logistic Regression Models”, Int J Intell Syst Appl Eng, vol. 12, no. 4, pp. 723-728, Jun. 2024.

[20] V. A. Onih, “Phishing Detection using Machine Learning: a model development and integration,” International Journal of Scientific and Management Research, vol. 07, no. 04, pp. 27–63, Jan. 2024, doi: 10.37502/ijsmr.2024.7403.

[21] M. Sannigrahi and R. Thandeeswaran, “Predictive analysis of Network-Based attacks by hybrid machine learning algorithms utilizing bayesian optimization, logistic regression, and random forest algorithm,” IEEE Access, vol. 12, pp. 142721–142732, Jan. 2024, doi: 10.1109/ACCESS.2024.3464866.

[22] M. Tamal, “Phishing Detection Dataset,” Data Archiving and Networked Services (DANS). Jun. 07, 2023. doi: 10.17632/6tm2d6sz7p.1.

Downloads

Published

2026-06-30

How to Cite

Indra, E., Wahyu Soekanta Ginting, Katrin Wijaya, & Nuragustyani br Bangun. (2026). Cross-Validated Hybrid Machine Learning Model For Real-Time Phishing URL Detection On Google Chrome Extension. Jurnal Sistem Komputer Dan Informatika (JSON), 7(4), 1401–1409. https://doi.org/10.30865/json.v7i4.9777

Issue

Section

Articles