Blockchain-Based Defense Model for Social Engineering Attacks

Abstract

Social engineering attacks, especially phishing through fake websites, continue to threaten online security by tricking users into giving away sensitive information. Traditional detection methods and centralized blacklists struggle to identify new phishing sites. This paper suggests a blockchain-based defense model that uses machine learning to securely detect and verify fake websites. The model ensures data is transparent, unchangeable, and trustworthy. Reported phishing sites are saved on the blockchain ledger, creating a reliable and unalterable source for future detection. The proposed system improves real-time protection, precision, and clarity in fighting social engineering attacks.

Introduction

Phishing attacks are increasingly sophisticated, targeting individuals, businesses, banks, and government organizations through fake websites, cloned login pages, misleading URLs, and psychological manipulation. Traditional defenses like blacklists and signature-based tools are often ineffective due to attackers’ fast-flux tactics, URL obfuscation, and temporary phishing sites.

Challenges

• Human factors make phishing more effective than purely technical attacks.

• Existing ML-based detection systems are vulnerable to data poisoning, adversarial URLs, and isolated deployment, limiting shared threat intelligence.

• Centralized systems struggle with transparency, immutability, and cross-organization cooperation.

Proposed Solution

The research proposes a hybrid cybersecurity model combining machine learning (ML) and blockchain technology:

• Machine Learning: Detects phishing websites using URL, domain, SSL, and webpage behavior features. Algorithms like Random Forest, SVM, and Logistic Regression classify URLs as legitimate or malicious. ML provides fast, intelligent detection and reduces false positives.

• Blockchain: Provides a decentralized, immutable ledger to store verified phishing URLs, timestamps, and metadata. Smart contracts and consensus mechanisms ensure authenticity and prevent tampering. This enables global sharing of verified threat intelligence across organizations, browsers, and security tools.

System Architecture

The hybrid system has four main components:

1. Data Collection & Preprocessing: Collects URLs from sources like PhishTank, OpenPhish, Alexa Top Sites, and normalizes them while extracting relevant metadata.

2. Feature Extraction & Model Training: Identifies phishing patterns using URL, domain, SSL, and webpage behavior features, and trains ML models to classify websites.

3. Blockchain Integration: Records verified phishing URLs on a distributed ledger to ensure transparency, immutability, and decentralized verification.

4. Real-Time Detection & Alert: Checks visited websites against the blockchain and alerts users immediately if malicious.

Implementation & Results

• Dataset: 11,000 website records with over 30 features each.

• ML Performance: Random Forest achieved 97.4% accuracy, outperforming SVM (95.1%) and Logistic Regression (92.3%). False positives were under 3%.

• Blockchain: Ethereum-based private network used to store verified phishing URLs securely. Transaction latency: 3.5–4.0 seconds per entry.

• Real-Time Performance: URL detection time ~0.32 seconds.

• Dashboard: Provides visualization of phishing activity, blockchain transactions, and alerts, enhancing transparency and usability.

Advantages

• High detection accuracy and low false positives.

• Immutable, decentralized phishing database prevents tampering.

• Enables global cooperation and real-time protection.

• Combines predictive ML analytics with secure blockchain storage for effective phishing defense.

Conclusion

The proposed blockchain-based defense model effectively tackles the growing threat of phishing and social engineering attacks. It combines machine learning for smart detection with blockchain for decentralized verification. This mix provides high accuracy, transparency, and secure identification and prevention of harmful activities. Machine learning algorithms examine URL and content features to spot phishing attempts, while blockchain technology keeps an unchangeable record of detections. This setup builds trust, accountability, and traceability. The system’s web-based dashboard increases user awareness by offering real-time monitoring, analytics, and automated alerts. This helps both users and administrators respond quickly to potential threats. By removing the weaknesses of centralized security systems, this hybrid model encourages cooperation among users, organizations, and cybersecurity authorities. This collaboration strengthens the overall defense infrastructure. In the end, the proposed model offers a sustainable and scalable way to meet modern cybersecurity challenges. It merges the smarts of machine learning with the reliability of blockchain to create a secure and trustworthy digital environment.

References

[1] M. Ahtasam, “DOL-LLM: Optimizing LLM Inference with Domain-Specific Adaptations, Quantization, Pruning, and Knowledge Distillation,” Preprint, 2025. [2] S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System,” White Paper, 2008. [3] A. Alzahrani and S. Alenezi, “Blockchain-based phishing detection and prevention for online transactions,” IEEE Access, vol. 9, pp. 16800–16810, 2021. [4] J. Singh, M. Dhawan, and R. Jain, “Detection of phishing websites using machine learning and blockchain integration,” International Journal of Information Security Science, vol. 10, no. 2, pp. 45–56, 2023. [5] P. Kaur and R. Sharma, “Decentralized trust management using blockchain for cyber threat intelligence,” Journal of Network and Computer Applications, vol. 213, 103519, 2022. [6] H. Zhang, Y. Li, and X. Chen, “A blockchain-based model for secure data sharing and phishing detection,” Future Generation Computer Systems, vol. 125, pp. 491–501, 2021. [7] A. Patel, D. Bhattacharyya, and S. Kim, “Hybrid phishing website detection using machine learning,” Expert Systems with Applications, vol. 183, 115385, 2021. [8] M. Al-Qurishi, F. AlRubaian, and M. Alrubaian, “Decentralized approaches for phishing attack mitigation using blockchain,” IEEE Transactions on Network and Service Management, vol. 19, no. 2, pp. 1678–1688, 2022. [9] L. Wang and J. Chen, “Integrating blockchain and AI for improved cybersecurity,” ACM Computing Surveys, vol. 55, no. 7, pp. 1–33, 2023. [10] D. Kumar and R. Patel, “Smart contract-enabled blockchain security framework against social engineering,” IEEE Internet of Things Journal, vol. 10, no. 9, pp. 8021–8034, 2023. [11] T. Nguyen, “Blockchain-based phishing attack prevention using domain reputation and distributed ledgers,” Computers & Security, vol. 118, 102740, 2022. [12] S. Ramesh and A. Ghosh, “Machine learning-based phishing detection using URL features,” Procedia Computer Science, vol. 171, pp. 1081–1088, 2020. [13] B. Li and C. Xu, “Blockchain-enhanced data integrity for phishing prevention in IoT environments,” Sensors, vol. 22, no. 18, 6955, 2022. [14] K. Gupta and V. Bansal, “AI-driven phishing detection using deep learning and blockchain verification,” IEEE Access, vol. 12, pp. 9901–9912, 2024. [15] R. Mehta and L. Prasad, “Trust-based decentralized model for preventing social engineering attacks,” International Journal of Cybersecurity and Digital Forensics, vol. 13, no. 2, pp. 45–58, 2024.

Copyright

Copyright © 2025 Dr. Vairam T, Gavash D. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.