Typosquat Cyber Crime Attack Detection via Smartphone

Abstract A Smartphone is a multi-purpose device that can act as both mediums of communications and entertainment due to the availability of various sensors and services, such as SMS, NFC and Bluetooth. Through these functionalities, Smartphone owner can exchange information to each other by sharing links or even files. However, an attacker see these as an advantage to perform an Advanced Persistent Threat (APT) attack. APT is an attack which incorporates both social engineering attack and malware. In this paper, the authors will shed light on how APT attack through spear phishing can occur in Smartphone and how to detect it. First, the authors will examine the tactics that can be used by the attacker to perform a successful social engineering attack. Then, based on the discussion that has been made, the authors have used a machine learning algorithm to classify whether a certain URL is a phish or not. Lastly, the authors have evaluated the propose technique using machine learning and obtained more than 90% accuracy. This proves, that the proposed technique would able to help mitigating APT attack through spear phishing in the Smartphone.

[1]  Richard J. Enbody,et al.  Targeted Cyberattacks: A Superset of Advanced Persistent Threats , 2013, IEEE Security & Privacy.

[2]  T. L. McCluskey,et al.  Intelligent rule-based phishing websites classification , 2014, IET Inf. Secur..

[3]  Rui Zhao,et al.  The Highly Insidious Extreme Phishing Attacks , 2016, 2016 25th International Conference on Computer Communication and Networks (ICCCN).

[4]  Young Shik Moon,et al.  A New Snake for Hand Tracking Using Textural Information , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[5]  Xuhua Ding,et al.  Anomaly Based Web Phishing Page Detection , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[6]  B. Wu,et al.  Detecting APT Malware Infections Based on Malicious DNS and Traffic Analysis , 2015, IEEE Access.

[7]  Manmeet Mahinderjit Singh,et al.  Advanced Persistent Threat Mitigation Using Multi Level Security - Access Control Framework , 2015, ICCSA.

[8]  Wouter Joosen,et al.  Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse , 2015, NDSS.

[9]  Yi-Min Wang,et al.  Strider Typo-Patrol: Discovery and Analysis of Systematic Typo-Squatting , 2006, SRUTI.

[10]  Christoforos Ntantogian,et al.  An advanced persistent threat in 3G networks: Attacking the home network from roaming networks , 2014, Comput. Secur..

[11]  Jeanna N. Matthews,et al.  A method for the automated detection phishing websites through both site characteristics and image analysis , 2012, Defense + Commercial Sensing.

[12]  Lorrie Faith Cranor,et al.  An Empirical Analysis of Phishing Blacklists , 2009, CEAS 2009.

[13]  Max-Emanuel Maurer,et al.  Sophisticated Phishers Make More Spelling Mistakes: Using URL Similarity against Phishing , 2012, CSS.

[14]  JungMin Kang,et al.  Advanced White List Approach for Preventing Access to Phishing Sites , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[15]  Ponnurangam Kumaraguru,et al.  Analyzing social and stylometric features to identify spear phishing emails , 2014, 2014 APWG Symposium on Electronic Crime Research (eCrime).

[16]  Jong Hyuk Park,et al.  DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks , 2015, The Journal of Supercomputing.

[17]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..