Academic Rule-Based Phishing Detection Project
PhishAID is an academic cybersecurity project focused on detecting phishing websites using a transparent, deterministic, and explainable rule-based detection engine. Unlike black-box machine learning systems, PhishAID emphasizes clear security logic, rule traceability, and human-understandable decision making.
The project is designed to support cybersecurity education, research, and awareness by demonstrating how phishing detection can be implemented using URL analysis, transport-level indicators, identity deception patterns, and semantic intent heuristics.
Phase 1 focuses on the design and implementation of a comprehensive rule-based phishing detection engine. This phase includes the evaluation of multiple phishing indicators such as HTTPS usage, URL structure, suspicious domains, certificate age, homoglyph attacks, typosquatting, and semantic phishing intent.
Each rule is independently evaluated and contributes to a cumulative risk score, enabling clear classification of websites as Legitimate, Suspicious, or Phishing. The system generates detailed rule-wise reports and downloadable PDF analysis for transparency and auditability.
Phase 2 aims to extend the system with infrastructure-level awareness, behavioral indicators, and intelligent enhancements. This includes integration with domain intelligence, hosting analysis, DNS patterns, historical reputation signals, and optional AI-assisted modules for large-scale phishing trend analysis.
This phase also aligns the project with national-level AI and cybersecurity challenge problem statements by focusing on explainability, responsible AI design, and real-world deployability in public-facing digital ecosystems.