Vol. 1 No. 1 (2026): January 2026
Artificial Intelligence : Technology

Phishcatcher 2.0: Real-Time Adaptive Client -Side Defense Against Sophisticated Web Spoofing Attacks

DOWNLOAD PDF
  • D Padma Priya,
  • Karamala Naveen
D Padma Priya
Department of Computer Science and Engineering, Vemu Institute of Technology, Chittoor, Andra Pradesh, India.
Karamala Naveen
Department of Computer Science and Engineering, Vemu Institute of Technology, Chittoor, Andra Pradesh, India.
DOI: https://doi.org/10.5281/zenodo.18525507

Published 2026-02-08

Keywords

  • Phishing Detection,
  • Web Spoofing,
  • Client-Side Security,
  • CNN–BiLSTM,
  • Browser-in-the-Browser Attacks

How to Cite

D Padma Priya, & Karamala Naveen. (2026). Phishcatcher 2.0: Real-Time Adaptive Client -Side Defense Against Sophisticated Web Spoofing Attacks. Milestone Transactions on Artificial Intelligence, 1(1), 49–64. https://doi.org/10.5281/zenodo.18525507

Abstract

The emergence of sophisticated web-spoofing attacks, such as phishing sites, login page spoofing, Browser-in-the-Browser (BiTB) attacks, and visual brand mimicry, has made the web a perilous place. Both conventional and rule-driven client-side solutions have shown limited effectiveness against zero-day and dynamic obfuscation attacks, while many deep learning-based approaches suffer from low real-time efficiency. In this context, the objective of our paper is to propose PHISHCATCHER 2.0, an adaptive, real-time client-side system to defend web users against sophisticated web-spoofing attacks. PHISHCATCHER 2.0 combines conventional machine learning models (Random Forest (RF), Support Vector Machine (SVM), XGBoost, and SGDClassifier) as benchmark models with a new Convolutional Neural Network and Bi-directional Long Short-Term Memory (CNN-BiLSTM) Network model variant as the main phishing detection module. The role of the CNN part of this module is to capture detailed patterns in URLs, DOM, and injected scripts from phishing sites, while the Bi-LSTM handles any type of sequential patterns, including redirect paths and page transformations performed by phishing sites. To address ever-evolving phishing attacks, this phishing prevention framework integrates Cloud-Assisted Learning (CAL), enabling adaptive learning on phishing sites without sacrificing client-side latency. Experiments indicate that the designed CNN-BiLSTM model achieves 99.20% accuracy, 99.00% precision, 99.27% recall, and 99.20% F1-measure, while maintaining a suitable inference latency for real-time browser protection systems.

DOWNLOAD PDF

References

  1. Bollu, J., Roseline, K. S., & Rakesh, C. (2025). Phish Catcher: Client-side defense against web spoofing attacks using machine learning. Utilitas Mathematica, 126, 1–15.
  2. Baskota, S. (2025). Phishing URL detection using bidirectional LSTM networks (arXiv Preprint No. arXiv:2504.21049). arXiv.
  3. Altan, A., Bachir, M., Parbhulkar, P., Rizvi, M., & Farazi, M. (2025). Dual-path phishing detection integrating transformer-based NLP with structural URL analysis (arXiv Preprint No. arXiv:2509.20972). arXiv.
  4. Hossain, H., Al Arafat, A. A., Shepard, J., Craig, D., & Parvez, M. (2025). A graph-attentive LSTM model for malicious URL detection (arXiv Preprint No. arXiv:2510.15971). arXiv.
  5. Vishal, P., Srinath, S., Adithya, S., & Kumar, R. (2025). Phishing detection using CNN and BiLSTM. International Journal of Innovative Research in Electrical, Electronics, Instrumentation and Control Engineering, 13(11), 45–52.
  6. Rahman, M. A., Ahmed, T., & Islam, S. H. (2025). Lightweight malicious URL detection using deep learning-based hybrid CNN–BiLSTM architecture. Scientific Reports, 15, Article 26653.
  7. Singh, R., & Verma, A. (2025). Real-time client-side phishing detection using ensemble machine learning models. International Journal of Information Technology and Computer Engineering, 9(5), 22–31.
  8. Roy, S., Saha, S., & Nilizadeh, S. (2024). PhishLang: A real-time, fully client-side phishing detection framework using MobileBERT (arXiv Preprint No. arXiv:2408.05667). arXiv.
  9. Thaqi, L., Halili, A., Vishi, K., & Rexha, B. (2024). NoPhish: Efficient Chrome extension for phishing detection using machine learning techniques (arXiv Preprint No. arXiv:2409.10547). arXiv.
  10. Hoad, T., & Karafili, E. (2024). A web browser plugin for users’ security awareness. In Proceedings of the 19th International Conference on Availability, Reliability and Security (pp. 1–7). ACM.
  11. Asiri, S., Xiao, Y., & Alzahrani, S. (2024). Towards improving phishing detection system using human-in-the-loop deep learning model. In Proceedings of the 2024 ACM Southeast Conference (pp. 77–85). ACM.
  12. Asiri, S., Xiao, Y., Alzahrani, S., & Li, T. (2024). PhishingRTDS: A real-time detection system for phishing attacks using a deep learning model. Computers & Security, 141, Article 103843.
  13. Wang, M., Song, L., Li, L., Zhu, Y., & Li, J. (2024). Phishing webpage detection based on global and local visual similarity. Expert Systems with Applications, 252, Article 124120.
  14. Varshney, G., Raj, A., Sangwan, D., Abuadbba, S., Mishra, R., & Gao, Y. (2025). A login page transparency and visual similarity-based zero-day phishing defense protocol. Computers & Security, Article 104598.
  15. Ji, F., Lee, K., Koo, H., You, W., Choo, E., Kim, H., & Kim, D. (2025). Evaluating the effectiveness and robustness of visual similarity-based phishing detection models. In Proceedings of the 34th USENIX Security Symposium (USENIX Security 25) (pp. 3201–3220). USENIX Association.
  16. Murhej, M., & Nallasivan, G. (2025). Component features-based enhanced phishing website detection system using EfficientNet, FH-BERT, and SELU-CRNN methods. Frontiers in Computer Science, 7, Article 1582206.
  17. Sruthi, K., & Naik, S. M. (2025). A novel framework for phishing attack detection using domain-adapted GloVe embeddings and attention-enhanced neural sequence model. Applied Soft Computing, Article 114441.
  18. Ahmed, S. T., Kumar, V. V., Singh, K. K., Singh, A., Muthukumaran, V., & Gupta, D. (2022). 6G enabled federated learning for secure IoMT resource recommendation and propagation analysis. Computers and Electrical Engineering, 102, 108210.
  19. Sathiyamoorthi, V., Ilavarasi, A. K., Murugeswari, K., Ahmed, S. T., Devi, B. A., & Kalipindi, M. (2021). A deep convolutional neural network based computer aided diagnosis system for the prediction of Alzheimer's disease in MRI images. Measurement, 171, 108838.
  20. Ahmed, S. T., Vinoth Kumar, V., Mahesh, T. R., Narasimha Prasad, L. V., Velmurugan, A. K., Muthukumaran, V., & Niveditha, V. R. (2024). FedOPT: federated learning-based heterogeneous resource recommendation and optimization for edge computing. Soft Computing, 1-12.