500 rub
Journal Science Intensive Technologies №3 for 2026 г.
Article in number:
Hybrid real-time phishing detection system based on integration of blacklists and machine learning
Type of article: scientific article
DOI: https://doi.org/10.18127/j19998465-202603-06
UDC: 004.81
Keywords: Phishing detection URL blacklists machine learning Random Forest hybrid systems cybersecurity social networks real time
Authors:

T.S. Volokitina1, M.O. Tanygin2

1,2 South-Western State Universit (Kursk, Russia)
1 tativolokitina@gmail.com

Abstract:

A hybrid system for detecting phishing threats is presented, combining the advantages of URL blacklists and machine learning algorithms to ensure real-time protection of social networks. A comparative analysis of the effectiveness of four blacklist sources was conducted: Google Safe Browsing, PhishTank, OpenPhish, and the Roskomnadzor registry. It was established that update delays from 2 to 48 hours create a critical vulnerability window, during which 70% of successful attacks occur. The system architecture has been developed, providing combined use of operational blacklists and a heuristic classifier based on Random Forest for proactive detection of new threats. Experimental evaluation on a sample of 800 thousand records from the Odnoklassniki social network showed an increase in detection efficiency from 60 to 92% while reducing response time to 2 hours. The proposed system processes 100 thousand records per hour with a classification accuracy of 87%, ensuring the scalability of the solution for industrial application. Analysis of discriminative ability through AUC-ROC metric confirmed quantitative superiority of hybrid architecture with AUC value of 0.96 compared to 0.90 for blacklist combination and 0.93 for isolated classifier.

Pages: 43-53
For citation

Volokitina T.S., Tanygin M.O. Hybrid real-time phishing detection system based on integration of blacklists and machine learning. Science Intensive Technologies. 2026. V. 27. № 3. P. 43−53. DOI: https://doi.org/10.18127/j19998465-202603-06 (in Russian)

References
  1. Seliverstov V.V., Korchagin S.A. Analiz aktual'nosti i sostoyaniya sovremennyh fishing-atak na ob"ekty kriticheskoj informacionnoj infrastruktury. Inzhenernyj vestnik Dona. 2024. № 6 (114). S. 17 (in Russian).
  2. Russkih E.I. Proshloe, nastoyashchee i budushchee fishingovyh atak. BBK 1 N 34. S. 6015 (in Russian).
  3. Nazarov A.K. Nekotorye sovremennye sredstva zashchity ot kiberugroz. redakcionno-izdatel'skim sovetom Krasnodarskogo universiteta MVD Rossii. S. 76 (in Russian).
  4. Tokolov A.V. Social'naya inzheneriya v voprosah obespecheniya informacionnoj bezopasnosti. Kriminologicheskij zhurnal. 2024. № 4. S. 175–182 (in Russian).
  5. Gorbunova E.A., Sajkinov V.E. Rossijskaya Federaciya Problema fishinga v ispol'zovanii informacionnyh sistem na osnove oblachnyh tekhnologij. I74 Informacionnoe obshchestvo: sovremennoe sostoyanie i perspektivy razvitiya: sbornik materialov XI mezhdunarodnogo studencheskogo foruma. Krasnodar: KubGAU. 2018. 408 s. 2018. S. 103 (in Russian).
  6. Bryuhanov V.A., Gryzunov V.V., Shestakov A.V. Vyyavlenie problem informacionnoj bezopasnosti metodom sistematicheskogo obzora literatury. 2024 (in Russian).
  7. Serіk A.S. Pravovye osnovy predotvrashcheniya kibermoshennichestva: sostoyanie i perspektivy razvitiya. 2022 (in Russian).
  8. Sergeev A.Yu., Shirokova O.V. Moshennichestvo v cifrovom obshchestve v usloviyah social'nyh izmenenij. Cifrovaya sociologiya. 2023. T. 6. № 1. S. 59–71 (in Russian).
  9. Mrochko V.L., Roshchina T.M., Tarasov M.D. Obespechenie bezopasnosti v seti Internet: psihologo-pedagogicheskie aspekty. Ekonomicheskie i social'no-gumanitarnye issledovaniya. 2024. № 3 (43). S. 196–204(in Russian).
  10. Shvecova E.E. Vidy moshennichestva v sfere distancionnogo bankovskogo obsluzhivaniya i sposoby bor'by s nimi. Sbornik materialov Vserossijskoj nauchnoj konferencii molodyh issledovatelej s mezhdunarodnym uchastiem INTEKS-2024–2024. s. 2024. S. 269–272 (in Russian).
  11. Uvarov A.A. Informacionnaya bezopasnost' grazhdan Rossii: sovremennoe sostoyanie. Lex russica. 2024. T. 77. № 1 (206). S. 133–143 (in Russian).
  12. Harisova Z.I. Genezis prestupnosti v sfere komp'yuternoj informacii i ee determinanty. Obshchestvo, pravo, gosudarstvennost': retrospektiva i perspektiva. 2025. № 1 (21). S. 57–65 (in Russian).
  13. Bityukova A.F. Napravleniya razvitiya bankovskih elektronnyh uslug i sposoby obespecheniya ih bezopasnosti. 2019 (in Russian).
  14. GOST R 57580.1-2017. Bezopasnost' finansovyh (bankovskih) operacij. Trebovaniya k organizacii i provedeniyu rabot po obespecheniyu bezopasnosti. M.: Standartinform. 2017. 26 s. (in Russian).
  15. Federal'nyj zakon ot 27.07.2006 № 152-FZ «O personal'nyh dannyh» (red. ot 14.07.2022). Dostup iz spravochno-pravovoj sistemy «Konsul'tantPlyus» (in Russian).
  16. Federal'nyj zakon ot 27.07.2006 № 149-FZ «Ob informacii, informacionnyh tekhnologiyah i o zashchite informacii» (red. ot 14.07.2022). Dostup iz spravochno-pravovoj sistemy «Konsul'tantPlyus» (in Russian).
  17. Group-IB. Otchet o kiberugrozah v Rossii za 2023 god: analiz trendov i prognozy. M.: Group-IB, 2024. 89 s. (in Russian).
Date of receipt: 22.10.2025
Approved after review: 26.11.2025
Accepted for publication: 29.04.2026