Fouad Trad ^1* Elie Semaan-Nasr ^1,2 Ali Chehab ¹

• ¹ American University of Beirut, Beirut, Lebanon
• ² American University of Science and Technology, Beirut, Lebanon

Phishing attacks threaten online security by tricking users into sharing sensitive information through fraudulent websites. Traditional anti-phishing methods are predominantly centralized and reactive, suffering from critical limitations such as delayed detection, poor adaptability to evolving threats, susceptibility to data tampering, and lack of transparency. This paper introduces MLPhishChain, a decentralized application (DApp) that leverages blockchain technology alongside machine learning (ML) to deliver a proactive, transparent, and reliable solution for URL verification. MLPhishChain enables users to submit URLs for rapid, automated phishing analysis using an ML model, with each URL's status recorded on an immutable blockchain ledger. This approach ensures that the results are tamper-proof, creating an unalterable and trustworthy record that contrasts with the vulnerabilities of centralized verification systems. To maintain relevance as URLs and website content evolve, MLPhishChain uniquely features a re-evaluation mechanism, allowing users to request updated assessments over time. This adaptability is essential for addressing the dynamic nature of phishing threats. Additionally, MLPhishChain enhances user confidence by integrating data from external security services (e.g., VirusTotal) to provide a secondary opinion on the phishing risk of a URL. This multi-source validation offers users a comprehensive view, empowering them to make informed decisions. By combining decentralized, blockchain-based data integrity with the intelligence of ML, MLPhishChain establishes a new standard in phishing detection-one that is transparent, resilient, and equipped to adapt to evolving threats.