• Title/Summary/Keyword: Qshing Attack

Search Result 3, Processing Time 0.015 seconds

System implementation for Qshing attack detection (큐싱(Qshing) 공격 탐지를 위한 시스템 구현)

  • Hyun Chang Shin;Ju Hyung Lee;Jong Min Kim
    • Convergence Security Journal
    • /
    • v.23 no.1
    • /
    • pp.55-61
    • /
    • 2023
  • QR Code is a two-dimensional code in the form of a matrix that contains data in a square-shaped black-and-white grid pattern, and has recently been used in various fields. In particular, in order to prevent the spread of COVID-19, the usage increased rapidly by identifying the movement path in the form of a QR code that anyone can easily and conveniently use. As such, Qshing attacks and damages using QR codes are increasing in proportion to the usage of QR codes. Therefore, in this paper, a system was implemented to block movement to harmful sites and installation of malicious codes when scanning QR codes.

AutoML Machine Learning-Based for Detecting Qshing Attacks Malicious URL Classification Technology Research and Service Implementation (큐싱 공격 탐지를 위한 AutoML 머신러닝 기반 악성 URL 분류 기술 연구 및 서비스 구현)

  • Dong-Young Kim;Gi-Seong Hwang
    • Smart Media Journal
    • /
    • v.13 no.6
    • /
    • pp.9-15
    • /
    • 2024
  • In recent trends, there has been an increase in 'Qshing' attacks, a hybrid form of phishing that exploits fake QR (Quick Response) codes impersonating government agencies to steal personal and financial information. Particularly, this attack method is characterized by its stealthiness, as victims can be redirected to phishing pages or led to download malicious software simply by scanning a QR code, making it difficult for them to realize they have been targeted. In this paper, we have developed a classification technique utilizing machine learning algorithms to identify the maliciousness of URLs embedded in QR codes, and we have explored ways to integrate this with existing QR code readers. To this end, we constructed a dataset from 128,587 malicious URLs and 428,102 benign URLs, extracting 35 different features such as protocol and parameters, and used AutoML to identify the optimal algorithm and hyperparameters, achieving an accuracy of approximately 87.37%. Following this, we designed the integration of the trained classification model with existing QR code readers to implement a service capable of countering Qshing attacks. In conclusion, our findings confirm that deriving an optimized algorithm for classifying malicious URLs in QR codes and integrating it with existing QR code readers presents a viable solution to combat Qshing attacks.

A Study of Technical Countermeasure System for the Smishing Detection and Prevention Based on the Android Platform (안드로이드 플랫폼 기반에서 스미싱 탐지 및 차단을 위한 기술적 대응체계 연구)

  • Seo, Gil-Won;Moon, Il-Young
    • Journal of Advanced Navigation Technology
    • /
    • v.18 no.6
    • /
    • pp.569-575
    • /
    • 2014
  • Since 2009 the number of users of smart phones and tablet PC is growing exponentially. In particular Apple's iOS and Google's Android OS are the heart of this remarkable growth, most of smart phone and tablet PC are designed to operate based on these two OS. Such increasing use of smart devices has led to changes in the social environment that allows, without the constraints of time and place. However, such development does not supply only ease to do something, even compared to past, financial fraud and information leakage are easier than before by variety of new types of attack for example phishing, pharming, smishing and qshing. So according to this paper, analyzes for smishing attack, propose a countermeasure system of the technical way and proved its higher performance compare to the existing method.