Real-Time Phishing Detection Using Google Safe Browsing API and Machine Learning

Abstract

Phishing remains one of the fastest-evolving cybersecurity threats, where attackers mimic legitimate websites to obtain sensitive user information. This study presents a real-time evaluation of a phishing detection system integrating the Google Safe Browsing API with ensemble machine learning models. The research aims to enhance detection accuracy and responsiveness against emerging phishing websites by combining real-time threat intelligence with automated URL analysis. The dataset used comprises over 20,000 URLs collected from Google Safe Browsing, PhishTank, and OpenPhish between June and December 2024. Four approaches were evaluated: (1) machine learning models without API, (2) API-only detection, (3) machine learning with API as an additional feature, and (4) machine learning with API as a validator. The best performance was achieved by the API-as-validator model, reaching 98.2% accuracy, reducing false positives to 2.1%, and lowering false negatives to 3.2%, with an average latency of 108 ms. These findings demonstrate that integrating real-time threat feeds significantly enhances adaptability and reliability in phishing detection. Future research will focus on latency optimization and federated learning to enable large-scale collaborative detection systems.