A cost-effective OCR implementation to prevent phishing on mobile platforms
MetadataShow full item record
Altmetrics Handle Statistics
Altmetrics DOI Statistics
Phishing is currently defined as a criminal mechanism employing both social engineering and technical subterfuge to gather any useful information such as user personal data or financial account credentials. Many users are sensible about this kind of attack from suspicious URL addresses or obvious warning information from browsers, but phishing still accounts for a larger proportion of all of malicious attacks. Moreover, these warning features will be eliminated if the victim is under a DNS hijacking attack. There is much research about the prevention and evaluation of phishing, in both PC platforms and mobile platforms, but there are still technical challenges to reducing the risk from phishing, especially in mobile platforms. We presented a novel method to prevent phishing attacks by using an Optical Character Recognition (OCR) technology in a previous paper. This method not only overcomes the limitation of current preventions, but also provides a high detection accuracy rate. However, whether this method can be implemented ideally in mobile devices needed to be further examined, especially in relation to the challenges of limited resources (power and bandwidth). In this paper, we apply the OCR method in a mobile platform and provide a prototype implementation scheme to determine applicability. Experiments are performed to test the technique under DNS hijacking attacks.
Wang , Y , Liu , Y , Wu , T & Duncan , I M M 2020 , A cost-effective OCR implementation to prevent phishing on mobile platforms . in 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) . , 9138873 , IEEE Computer Society , Cyber Science 2020 , Dublin , Ireland , 15/06/20 . https://doi.org/10.1109/CyberSecurity49315.2020.9138873conference
2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
Copyright © 2020 IEEE. This work has been made available online in accordance with publisher policies or with permission. Permission for further reuse of this content should be sought from the publisher or the rights holder. This is the author created accepted manuscript following peer review and may differ slightly from the final published version. The final published version of this work is available at https://doi.org/10.1109/CyberSecurity49315.2020.9138873
Items in the St Andrews Research Repository are protected by copyright, with all rights reserved, unless otherwise indicated.