A Review of Detection Methodologies for Quick Response code Phishing Attacks

2020 2nd International Conference on Computer and Information Sciences (ICCIS) Pub Date : 2020-10-13 DOI:10.1109/ICCIS49240.2020.9257687

S. Subairu, J. Alhassan, S. Abdulhamid, J. Ojeniyi

{"title":"A Review of Detection Methodologies for Quick Response code Phishing Attacks","authors":"S. Subairu, J. Alhassan, S. Abdulhamid, J. Ojeniyi","doi":"10.1109/ICCIS49240.2020.9257687","DOIUrl":null,"url":null,"abstract":"Recently, phishing attacks have taking a new dimension with the addition of quick response code to phishing attacks vectors. Quick response code phishing attack is when an attacker lures its victims to voluntarily divulge personal information such as password, personal identification number, username and other information such as online banking details through the use of quick response code. This attack is on the rise as more and more people have adopted mobile phone usage not just for communication only but to perform transaction seamlessly. The ease of creation and use of quick response code has made it easily acceptable to both provider of goods and services and consumers. This attack is semantic as it exploits human vulnerabilities; as users can hardly know what is hidden in the quick response code before usage. This study reviewed various methodologies that earlier researcher have used to detect this semantic-based attack of phishing. The strength of each methodology, its weakness and general research gaps identified.","PeriodicalId":425637,"journal":{"name":"2020 2nd International Conference on Computer and Information Sciences (ICCIS)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 2nd International Conference on Computer and Information Sciences (ICCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCIS49240.2020.9257687","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Recently, phishing attacks have taking a new dimension with the addition of quick response code to phishing attacks vectors. Quick response code phishing attack is when an attacker lures its victims to voluntarily divulge personal information such as password, personal identification number, username and other information such as online banking details through the use of quick response code. This attack is on the rise as more and more people have adopted mobile phone usage not just for communication only but to perform transaction seamlessly. The ease of creation and use of quick response code has made it easily acceptable to both provider of goods and services and consumers. This attack is semantic as it exploits human vulnerabilities; as users can hardly know what is hidden in the quick response code before usage. This study reviewed various methodologies that earlier researcher have used to detect this semantic-based attack of phishing. The strength of each methodology, its weakness and general research gaps identified.

查看原文本刊更多论文

快速响应代码网络钓鱼攻击检测方法综述

近年来，随着网络钓鱼攻击向量中快速响应代码的加入，网络钓鱼攻击进入了一个新的维度。快速响应代码网络钓鱼攻击是指攻击者利用快速响应代码引诱受害者自愿泄露密码、个人识别码、用户名等个人信息以及网上银行详细信息等其他信息。随着越来越多的人使用手机不仅仅是为了通信，而且是为了无缝地进行交易，这种攻击正在上升。快速响应代码的创建和使用的便利性使得它很容易被商品和服务的提供者和消费者所接受。这种攻击是语义性的，因为它利用了人类的弱点;因为用户在使用之前很难知道快速响应代码中隐藏了什么。本研究回顾了早期研究人员用于检测这种基于语义的网络钓鱼攻击的各种方法。每种方法的优点、缺点和一般研究差距。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 2nd International Conference on Computer and Information Sciences (ICCIS)

自引率

0.00%

发文量