HAWK EYES

A browser extension powered by machine learning to detect zero-day phishing attacks in real-time.

**Overview** Hawk Eyes is a lightweight browser extension that is easy to install. The core function of this plugin is to analyze URLs and page content on the fly and alert the user of possible phishing attacks. Detection services and datasets are deployed on the server-side. The machine learning-based model for predicting whether a website is a phishing website is also deployed on the server; the mode is trained off-line. Hawk Eyes URL prediction service combines blacklist blocking, whitelist filtering, heuristic methods and machine learning models. **How it Works** When the user opens a web page in the browser, the extension sends the current URL and part of the page HTML to the server but nothing is saved on the server-side except the URL and only if it is a phishing link. The core detection service is divided into three stages. First, the blacklist is compared. If it hits, the result will be a phishing link. Next, compare the whitelist, and if it hits, it will directly return to the normal link. Then, analyze page content and URL character content, and filter pages that do not require the submission of sensitive information. Finally, the machine learning model predicts whether there is a phishing risk. When the plugin receives the detection result, if there is a risk of phishing, a warning box with a red background will pop up on the page to notify the user. **Key Features** The extension will warn you when you visit phishing web pages. When the user clicks the extension's icon, site information is presented, such as domain, organization, registration year. Other services include: - Check whether a URL has phishing risk - Report a suspicious URL - Search detected phishing URLs **Publications** L. Tang and Q. H. Mahmoud, “A Survey of Machine Learning-Based Solutions for Phishing Website Detection,” Machine Learning and Knowledge Extraction, vol. 3, no. 3, pp. 672–694, Aug. 2021. Doi: https://doi.org/10.3390/make3030034. L. Tang and Q. H. Mahmoud, "A Deep Learning-Based Framework for Phishing Website Detection," in IEEE Access, vol. 10, pp. 1509-1521, 2022. doi: 10.1109/ACCESS.2021.3137636.