(A) simple and efficient approach for mobile phishing detection on mobile environments = 모바일 환경에서의 단순하면서 효율적인 모바일 피싱 공격 탐지 방안에 대한 연구

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 71
  • Download : 0
We address a simple and efficient approach for web-based and app-based moibile phishing detection. First, we propose a method for efficiently detecting web-based phishing attacks in mobile environments. When a user visits a website of a certain URL, the proposed method first compares the URL to a generated whitelist. If the URL is not in the whitelist, it detects if the site is a phishing site based on the results of Google search with a carefully refined URL. In addition, the phishing detection is performed only when the user provides input to the website, thereby reducing the frequency of invoking phishing detection to decrease the amount of power used. We implemented the proposed method and used 8315 phishing sites and the same number of legitimate websites for evaluating the performance of the proposed method. We achieved a phishing detection rate of 99.22% with 81.22% reduction in energy consumption as compared to existing approaches that also use search engine for phishing detection. Moreover, because the proposed method does not employ any other algorithm, software, or comparison group, the proposed method can be easily deployed. Second, we propose an effective and practical method using only one feature, a logo, for detecting app-based mobile phishing. We construct a whitelist that consists of pre-checked installed apps, and a database that consists of logos to represent each installed app. If a running app is not in the whitelist, the proposed method captures each image of splash, main, and input activity of the app. Then, the proposed method clusters the captured images and matches the clustered images with logos in the logo database using SURF (Speeded Up Robust Features). If the matching result is within the threshold of our metrics, we decide the running app is phishing. We used 450 logos and 100 phishing-targeted apps that are ranked highly on Androidrank on a Google Nexus 4 phone. Experiment results confirm that the proposed method has plausible accuracy of 98.5% for app-based mobile phishing detection.
Advisors
Yoon, Hyunsooresearcher윤현수researcher
Description
한국과학기술원 :전산학부,
Publisher
한국과학기술원
Issue Date
2018
Identifier
325007
Language
eng
Description

학위논문(박사) - 한국과학기술원 : 전산학부, 2018.8,[iv, 56 p. :]

Keywords

Phishing▼amobile phishing▼aurl▼aGoogle search▼alogo▼aimage clustering▼aSURF; 피싱▼a모바일 피싱▼aurl▼a구글 검색▼a로고▼a이미지 클러스터링▼aSURF

URI
http://hdl.handle.net/10203/265342
Link
http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=828219&flag=dissertation
Appears in Collection
CS-Theses_Ph.D.(박사논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0