Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS
Background. The recent surge in phishing attacks keeps undermining the effectiveness of the traditional anti-phishing blacklist approaches. On-device anti-phishing solutions are gaining popularity as they offer faster phishing detection locally. Aim. We aim to eliminate the delay in recognizing and...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Petrukha, Ivan Stulova, Nataliia Kryvoblotskyi, Sergii |
| description | Background. The recent surge in phishing attacks keeps undermining the
effectiveness of the traditional anti-phishing blacklist approaches. On-device
anti-phishing solutions are gaining popularity as they offer faster phishing
detection locally. Aim. We aim to eliminate the delay in recognizing and
recording phishing campaigns in databases via on-device solutions that identify
phishing sites immediately when encountered by the user rather than waiting for
a web crawler's scan to finish. Additionally, utilizing operating
system-specific resources and frameworks, we aim to minimize the impact on
system performance and depend on local processing to protect user privacy.
Method. We propose a phishing detection solution that uses a combination of
computer vision and on-device machine learning models to analyze websites in
real time. Our reference-based approach analyzes the visual content of
webpages, identifying phishing attempts through layout analysis, credential
input areas detection, and brand impersonation criteria combination. Results.
Our case study shows it's feasible to perform background processing on-device
continuously, for the case of the web browser requiring the resource use of 16%
of a single CPU core and less than 84MB of RAM on Apple M1 while maintaining
the accuracy of brand logo detection at 46.6% (comparable with baselines), and
of Credential Requiring Page detection at 98.1% (improving the baseline by
3.1%), within the test dataset. Conclusions. Our results demonstrate the
potential of on-device, real-time phishing detection systems to enhance
cybersecurity defensive technologies and extend the scope of phishing detection
to more similar regions of interest, e.g., email clients and messenger windows. |
| doi_str_mv | 10.48550/arxiv.2405.18236 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2405_18236</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2405_18236</sourcerecordid><originalsourceid>FETCH-LOGICAL-a676-76560960f531a2ef150d05e2ae1bf1b09ca1e096bc2e234e89476456de095fc83</originalsourceid><addsrcrecordid>eNotUMtKxDAUzcaFjH6AK_MBpiZpk7budNQZoTBFCy5Lkt7YYB9DWtT5e9MqHLivwzncg9AVo1GSCUFvlf9xXxFPqIhYxmN5jr7LcXKzGwdcqiP4O1y1bvjEu27UqutON_gVlJlxMZplxITgB--Gj4Dl0pHZ9RA6Cx4GA0SrCRr8DjqIAi5bN7UL9RFmMKtLQK_M4e0CnVnVTXD5Xzeoen6qtntSHHYv2_uCKJlKkkohaS6pFTFTHCwTtKECuAKmLdM0N4pBIGjDgccJZHmSykTIJiyFNVm8Qdd_suvn9dG7XvlTvSRQrwnEv0fRVgQ</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS</title><source>arXiv.org</source><creator>Petrukha, Ivan ; Stulova, Nataliia ; Kryvoblotskyi, Sergii</creator><creatorcontrib>Petrukha, Ivan ; Stulova, Nataliia ; Kryvoblotskyi, Sergii</creatorcontrib><description>Background. The recent surge in phishing attacks keeps undermining the
effectiveness of the traditional anti-phishing blacklist approaches. On-device
anti-phishing solutions are gaining popularity as they offer faster phishing
detection locally. Aim. We aim to eliminate the delay in recognizing and
recording phishing campaigns in databases via on-device solutions that identify
phishing sites immediately when encountered by the user rather than waiting for
a web crawler's scan to finish. Additionally, utilizing operating
system-specific resources and frameworks, we aim to minimize the impact on
system performance and depend on local processing to protect user privacy.
Method. We propose a phishing detection solution that uses a combination of
computer vision and on-device machine learning models to analyze websites in
real time. Our reference-based approach analyzes the visual content of
webpages, identifying phishing attempts through layout analysis, credential
input areas detection, and brand impersonation criteria combination. Results.
Our case study shows it's feasible to perform background processing on-device
continuously, for the case of the web browser requiring the resource use of 16%
of a single CPU core and less than 84MB of RAM on Apple M1 while maintaining
the accuracy of brand logo detection at 46.6% (comparable with baselines), and
of Credential Requiring Page detection at 98.1% (improving the baseline by
3.1%), within the test dataset. Conclusions. Our results demonstrate the
potential of on-device, real-time phishing detection systems to enhance
cybersecurity defensive technologies and extend the scope of phishing detection
to more similar regions of interest, e.g., email clients and messenger windows.</description><identifier>DOI: 10.48550/arxiv.2405.18236</identifier><language>eng</language><subject>Computer Science - Computer Vision and Pattern Recognition ; Computer Science - Cryptography and Security ; Computer Science - Learning</subject><creationdate>2024-05</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,881</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2405.18236$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2405.18236$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Petrukha, Ivan</creatorcontrib><creatorcontrib>Stulova, Nataliia</creatorcontrib><creatorcontrib>Kryvoblotskyi, Sergii</creatorcontrib><title>Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS</title><description>Background. The recent surge in phishing attacks keeps undermining the
effectiveness of the traditional anti-phishing blacklist approaches. On-device
anti-phishing solutions are gaining popularity as they offer faster phishing
detection locally. Aim. We aim to eliminate the delay in recognizing and
recording phishing campaigns in databases via on-device solutions that identify
phishing sites immediately when encountered by the user rather than waiting for
a web crawler's scan to finish. Additionally, utilizing operating
system-specific resources and frameworks, we aim to minimize the impact on
system performance and depend on local processing to protect user privacy.
Method. We propose a phishing detection solution that uses a combination of
computer vision and on-device machine learning models to analyze websites in
real time. Our reference-based approach analyzes the visual content of
webpages, identifying phishing attempts through layout analysis, credential
input areas detection, and brand impersonation criteria combination. Results.
Our case study shows it's feasible to perform background processing on-device
continuously, for the case of the web browser requiring the resource use of 16%
of a single CPU core and less than 84MB of RAM on Apple M1 while maintaining
the accuracy of brand logo detection at 46.6% (comparable with baselines), and
of Credential Requiring Page detection at 98.1% (improving the baseline by
3.1%), within the test dataset. Conclusions. Our results demonstrate the
potential of on-device, real-time phishing detection systems to enhance
cybersecurity defensive technologies and extend the scope of phishing detection
to more similar regions of interest, e.g., email clients and messenger windows.</description><subject>Computer Science - Computer Vision and Pattern Recognition</subject><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Learning</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotUMtKxDAUzcaFjH6AK_MBpiZpk7budNQZoTBFCy5Lkt7YYB9DWtT5e9MqHLivwzncg9AVo1GSCUFvlf9xXxFPqIhYxmN5jr7LcXKzGwdcqiP4O1y1bvjEu27UqutON_gVlJlxMZplxITgB--Gj4Dl0pHZ9RA6Cx4GA0SrCRr8DjqIAi5bN7UL9RFmMKtLQK_M4e0CnVnVTXD5Xzeoen6qtntSHHYv2_uCKJlKkkohaS6pFTFTHCwTtKECuAKmLdM0N4pBIGjDgccJZHmSykTIJiyFNVm8Qdd_suvn9dG7XvlTvSRQrwnEv0fRVgQ</recordid><startdate>20240528</startdate><enddate>20240528</enddate><creator>Petrukha, Ivan</creator><creator>Stulova, Nataliia</creator><creator>Kryvoblotskyi, Sergii</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20240528</creationdate><title>Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS</title><author>Petrukha, Ivan ; Stulova, Nataliia ; Kryvoblotskyi, Sergii</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a676-76560960f531a2ef150d05e2ae1bf1b09ca1e096bc2e234e89476456de095fc83</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Computer Science - Computer Vision and Pattern Recognition</topic><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Learning</topic><toplevel>online_resources</toplevel><creatorcontrib>Petrukha, Ivan</creatorcontrib><creatorcontrib>Stulova, Nataliia</creatorcontrib><creatorcontrib>Kryvoblotskyi, Sergii</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Petrukha, Ivan</au><au>Stulova, Nataliia</au><au>Kryvoblotskyi, Sergii</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS</atitle><date>2024-05-28</date><risdate>2024</risdate><abstract>Background. The recent surge in phishing attacks keeps undermining the
effectiveness of the traditional anti-phishing blacklist approaches. On-device
anti-phishing solutions are gaining popularity as they offer faster phishing
detection locally. Aim. We aim to eliminate the delay in recognizing and
recording phishing campaigns in databases via on-device solutions that identify
phishing sites immediately when encountered by the user rather than waiting for
a web crawler's scan to finish. Additionally, utilizing operating
system-specific resources and frameworks, we aim to minimize the impact on
system performance and depend on local processing to protect user privacy.
Method. We propose a phishing detection solution that uses a combination of
computer vision and on-device machine learning models to analyze websites in
real time. Our reference-based approach analyzes the visual content of
webpages, identifying phishing attempts through layout analysis, credential
input areas detection, and brand impersonation criteria combination. Results.
Our case study shows it's feasible to perform background processing on-device
continuously, for the case of the web browser requiring the resource use of 16%
of a single CPU core and less than 84MB of RAM on Apple M1 while maintaining
the accuracy of brand logo detection at 46.6% (comparable with baselines), and
of Credential Requiring Page detection at 98.1% (improving the baseline by
3.1%), within the test dataset. Conclusions. Our results demonstrate the
potential of on-device, real-time phishing detection systems to enhance
cybersecurity defensive technologies and extend the scope of phishing detection
to more similar regions of interest, e.g., email clients and messenger windows.</abstract><doi>10.48550/arxiv.2405.18236</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2405.18236 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2405_18236 |
| source | arXiv.org |
| subjects | Computer Science - Computer Vision and Pattern Recognition Computer Science - Cryptography and Security Computer Science - Learning |
| title | Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-04T09%3A42%3A11IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Position%20Paper:%20Think%20Globally,%20React%20Locally%20--%20Bringing%20Real-time%20Reference-based%20Website%20Phishing%20Detection%20on%20macOS&rft.au=Petrukha,%20Ivan&rft.date=2024-05-28&rft_id=info:doi/10.48550/arxiv.2405.18236&rft_dat=%3Carxiv_GOX%3E2405_18236%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |