Abstract

Mobile applications are increasingly used for sensitive interactions such as financial transactions, healthcare communication, and enterprise operations. This widespread adoption has expanded the client-side attack surface, exposing users to phishing URLs, malicious redirects, and deceptive navigation behaviors. Conventional cybersecurity mechanisms are largely server-centric and often fail to provide immediate protection against real-time or zero-day threats occurring within mobile application runtimes. This paper presents a client-side, AI-driven cybersecurity framework designed specifically for iOS applications using Swift and Apple’s Core ML framework. The proposed approach embeds lightweight machine learning models directly within the mobile application to detect phishing URLs and malicious navigation events in real time. Model optimization techniques are applied to ensure low-latency inference suitable for mobile environments. Experimental evaluation demonstrates high detection accuracy with minimal performance overhead, enabling proactive and privacy-preserving threat mitigation without continuous backend dependency.

References

• J. Ma et al., Beyond Blacklists: Learning to Detect Malicious Web Sites, ACM SIGKDD, 2009.
• O. Sahingoz et al., Machine Learning Based Phishing Detection, Expert Systems with Applications, 2019.
• A. Aljofey et al., Client-Side Phishing Detection Using Deep Learning, FGCS, 2020.
• N. Chiew et al., A Survey of Phishing Attacks, Computers & Security, 2018.
• Y. Rao and J. Zhao, Detecting Phishing URLs Using Deep Learning, IEEE Access, 2020.
• I. Goodfellow et al., Deep Learning, MIT Press, 2016.
• Apple Inc., Core ML Framework, Apple Developer Documentation, 2022.
• Apple Inc., Optimizing Core ML Models for On-Device Performance, 2023.
• S. Wang et al., Edge Intelligence for Mobile Security, IEEE IoT Journal, 2021.
• A. Almomani et al., Phishing Website Detection Using Machine Learning, IJACSA, 2019.