Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
110 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
44 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS (2405.18236v2)

Published 28 May 2024 in cs.CR, cs.CV, and cs.LG

Abstract: Background. The recent surge in phishing attacks keeps undermining the effectiveness of the traditional anti-phishing blacklist approaches. On-device anti-phishing solutions are gaining popularity as they offer faster phishing detection locally. Aim. We aim to eliminate the delay in recognizing and recording phishing campaigns in databases via on-device solutions that identify phishing sites immediately when encountered by the user rather than waiting for a web crawler's scan to finish. Additionally, utilizing operating system-specific resources and frameworks, we aim to minimize the impact on system performance and depend on local processing to protect user privacy. Method. We propose a phishing detection solution that uses a combination of computer vision and on-device machine learning models to analyze websites in real time. Our reference-based approach analyzes the visual content of webpages, identifying phishing attempts through layout analysis, credential input areas detection, and brand impersonation criteria combination. Results. Our case study shows it's feasible to perform background processing on-device continuously, for the case of the web browser requiring the resource use of 16% of a single CPU core and less than 84MB of RAM on Apple M1 while maintaining the accuracy of brand logo detection at 46.6% (comparable with baselines), and of Credential Requiring Page detection at 98.1% (improving the baseline by 3.1%), within the test dataset. Conclusions. Our results demonstrate the potential of on-device, real-time phishing detection systems to enhance cybersecurity defensive technologies and extend the scope of phishing detection to more similar regions of interest, e.g., email clients and messenger windows.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (22)
  1. VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, CCS ’20, pages 1681–1698, New York, NY, USA, November 2020. Association for Computing Machinery.
  2. Real-Time Client-Side Phishing Prevention Add-On. In 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pages 777–778, June 2016. ISSN: 1063-6927.
  3. COPS: A Compact On-Device Pipeline for Real-Time Smishing Detection. In 2024 IEEE 21st Consumer Communications & Networking Conference (CCNC), pages 172–179, January 2024.
  4. Image classification using DETR based object-level feature. In 2022 22nd International Conference on Control, Automation and Systems (ICCAS), pages 1297–1300, November 2022. ISSN: 2642-3901.
  5. End-to-End Object Detection with Transformers, May 2020. arXiv:2005.12872 [cs].
  6. Next-Gen Phishing Detection System Based on Federated Learning Integrated CNN-LSTM for SMS Communication. In 2024 5th International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV), pages 367–372, March 2024.
  7. Phish-IRIS: A New Approach for Vision Based Brand Prediction of Phishing Web Pages via Compact Visual Descriptors. In 2018 2nd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), pages 1–8, October 2018.
  8. Deep Residual Learning for Image Recognition, December 2015. arXiv:1512.03385 [cs].
  9. Detecting semantic social engineering attacks with the weakest link: Implementation and empirical evaluation of a human-as-a-security-sensor framework. Computers & Security, 76:101–127, July 2018.
  10. URLNet: Learning a URL Representation with Deep Learning for Malicious URL Detection, March 2018. arXiv:1802.03162 [cs].
  11. Attacking Logo-Based Phishing Website Detectors with Adversarial Perturbations. In Gene Tsudik, Mauro Conti, Kaitai Liang, and Georgios Smaragdakis, editors, Computer Security – ESORICS 2023, pages 162–182, Cham, 2024. Springer Nature Switzerland.
  12. KnowPhish: Large Language Models Meet Multimodal Knowledge Graphs for Enhancing Reference-Based Phishing Detection, March 2024. arXiv:2403.02253 [cs].
  13. Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages. In 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021, pages 3793–3810. USENIX Association, 2021.
  14. Inferring Phishing Intention via Webpage Appearance and Dynamics: A Deep Vision Based Approach. In Kevin R. B. Butler and Kurt Thomas, editors, 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022, pages 1633–1650. USENIX Association, 2022.
  15. Inferring Phishing Intention via Webpage Appearance and Dynamics: A Deep Vision Based Approach (Datasets), 2022. https://sites.google.com/view/phishintention/experiment-structure.
  16. Knowledge Expansion and Counterfactual Interaction for Reference-Based Phishing Detection. In Proceedings of the 32nd USENIX Security Symposium (USENIX Security 23), pages 4139–4156, 2023.
  17. Off-the-Hook: An Efficient and Usable Client-Side Phishing Prevention Application. IEEE Trans. Computers, 66(10):1717–1733, 2017.
  18. Know Your Phish: Novel Techniques for Detecting Phishing Sites and Their Targets. In 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pages 323–333, June 2016. ISSN: 1063-6927.
  19. PhishTime: Continuous Longitudinal Measurement of the Effectiveness of Anti-phishing Blacklists. In 29th USENIX Security Symposium (USENIX Security’20) Proceedings, pages 379–396, 2020.
  20. Faster R-CNN: Towards Real-Time Object Detection with Region Proposal Networks. In Corinna Cortes, Neil D. Lawrence, Daniel D. Lee, Masashi Sugiyama, and Roman Garnett, editors, Advances in Neural Information Processing Systems 28: Annual Conference on Neural Information Processing Systems (NeurIPS’15), December 7-12, pages 91–99, Montreal, Quebec, Canada, 2015.
  21. On-Device Smishing Classifier Resistant to Text Evasion Attack. IEEE Access, 12:4762–4779, 2024.
  22. An On-device Federated Learning System for SMS Spam Classification. In 2022 IEEE MIT Undergraduate Research Technology Conference (URTC), pages 1–5, September 2022.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (3)
  1. Ivan Petrukha (2 papers)
  2. Nataliia Stulova (10 papers)
  3. Sergii Kryvoblotskyi (1 paper)

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets