Tech

An image recognition tool to detect typographical attacks


TypoSwype: An image recognition engine to detect squat typing attacks

Credit: Lee & Yam.

In recent decades, cyberattacks have become increasingly diverse, offering various strategies to lure users to malicious websites or ask them to share sensitive data. Therefore, computer scientists are constantly trying to develop more advanced tools to detect and neutralize these attacks.

Typing, one of the most common attacks carried out online, exploits the tendency of people to misspelled words when typed quickly or misread words when they have minor topographical errors. Typing essentially consists of creating malicious web pages with URLs similar to established ones but with slight typos (e.g. “fqcebook” instead of “facebook” or “yuube” instead of ” youtube”). When users mistakenly visit these websites, they can unknowingly download malware or share personal information with attackers.

Most of the techniques available to detect these phishing attack based on spell checking tools. While these tools may work in some cases, they do not generalize well, as their performance often depends on the vocabulary used to train them.

Researchers at Ensign InfoSecurity, an end-to-end cybersecurity service provider based in Singapore, recently created TypoSwype, an alternative tool for detecting typographical attacks based on classification. image collection. The tool, introduced in a pre-published paper on arXiv, uses advanced image recognition techniques to convert strings of characters into images that also consider the position of the letters on the table. keys.

“Typing uses typographical or typographical errors (e.g., ‘googgle.com’ instead of ‘google.com’) to mislead users,” said David Yam, one of the researchers who carried out the study. visit unwanted websites. “Current techniques for dealing with these phishing attacks use string editing distances that are independent of character position on the keyboard (‘g’ is found in a different keyboard region than ‘ z’) and therefore less accurate misspelling (e.g. ‘googgle.com’ and ‘googzle.com’ are also far from ‘google.com’). image formats such as Legitimate Neural Networks (CNN) and specific loss functions to improve typographical error detection.”

TypoSwype: An image recognition engine to detect squat typing attacks

Domains (left) and Swype-like versions (right). Typosquatted domains have been grouped using their Swype-like versions. Credit: Lee & Peng David.

In contrast to other previously introduced spelling detection methods, TypoSwype is able to capture the spacing between different characters on the keyboard, by tracing the lines between the buttons of consecutive characters. on the imaginary keyboard. This helps to reduce errors that current string editing distance metrics (i.e. methods that calculate how different two words or strings are different) are prone to.

“We used image recognition techniques because it can batch process many possible typographic domains in a single shot, allowing for faster processing than other solutions,” explains Lee. string comparison. “Additionally, using Swype input allows us to visually enter inputs that might be each other’s typos, such as ‘fqcebook’ and ‘facebook.'”

Yam and his colleague Lee Joon Sern evaluated their misspelling engine in a series of tests, comparing its performance with that of the DLD algorithm, a widely used cybersecurity model. cobble. They found that TypoSwype was able to detect typos more reliably than DLD, and correctly identified well-established and secure domains that attackers were trying to copy or “type”.

“TypoSwype is (to our knowledge) CNN’s first to resolve typos using Swype input,” Yam said. “Using Swype inherently captures key-key distance metrics for typographical errors. We also use tripping and NT-Xent loss as the superior mechanism for training our model. us because it provides minimal boundaries between dissimilar Swype images.This allows us to improve our index (score F1) in detecting typographic domains that are already quite similar (method 1 correction). correcting distances) using string editing distance matching algorithms.”

The recent work of this group of researchers may soon inspire the development of other cybersecurity techniques based on image recognition models. Meanwhile, TypoSwype will be included in Ensign InfoSecurity’s online phishing detection toolkit, made available to users worldwide.


Surf the web safer with a new method to detect malicious modes


More information:
Joon Sern Lee, Yam Gui Peng David, TypoSwype: A visual approach to detecting typographical errors. arXiv: 2209.00783v1 [cs.CR], arxiv.org/abs/2209.00783

© 2022 Science X Network

Quote: TypoSwype: An image recognition engine to detect typographical attacks (2022, October 13) retrieved October 16, 2022 from https://techxplore.com/news/2022-10 -typoswype-image-recognition-tool-typosquatting.html

This document is the subject for the collection of authors. Other than any fair dealing for personal study or research purposes, no part may be reproduced without written permission. The content provided is for informational purposes only.

news7f

News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button