This project aims to develop a Chrome extension that leverages AI/ML to detect phishing domains that imitate the look and feel of genuine domains. The extension extracts URLs, sends them to a Flask server, which further utilizes a Python feature extraction module and an ML model to predict if a website is legitimate or phishing.
pptlink: https://docs.google.com/presentation/d/1uqInSDOHwI_AVtu630Lfhqt-IUrCB_YhHqJslKlUMBM/edit?usp=sharing
-
Chrome Extension: The extension extracts URLs from the browser.
-
Sends URL to Flask Server: Extracted URLs are sent to a Flask server for processing.
-
Flask Server: The Flask server forwards the URL to the Python Feature Extraction module.
-
Python Feature Extraction: This module extracts relevant features from the webpage content.
-
Sends Extracted Features to ML Model: Extracted features are sent to the ML model for prediction.
-
ML Model: The ML model analyzes the features and returns a prediction.
-
Prediction Results:
- If the prediction is 1, the website is considered legitimate.
- If the prediction is 0, the website is identified as phishing.
- Model Used: XGBoost
- Accuracy Achieved: 97.0%
- Number of Features: 30
- Future Plan: The future plan is to enhance the model by adding Reinforcement Learning from Human Feedback (RLHF) to improve its phishing detection capabilities further.
- Chrome Browser: The extension relies on the Chrome web browser as its primary platform.
- Python and Libraries: The server-side component is built using Python with dependencies such as Flask for the server, scikit-learn for machine learning, and BeautifulSoup for web scraping.
- Clone this repository.
- Install the required Python dependencies.
- Load the Chrome extension.
- Run the Flask server.
- Start browsing, and the extension will analyze URLs in real-time.
- Click the extension icon to initiate URL analysis.
- The extension will provide real-time feedback on the legitimacy of websites.