Smishing Detector: A security model to detect smishing through SMS content analysis and URL behavior analysis

Smartphone's popularity and their constant connectivity to the World Wide Web have made these devices vulnerable to phishing and smishing attacks. Phishing is a practice of sending malicious emails to users. Smishing is a combined form of SMS and Phishing in which invaders send SMS containing malicious content to the victim. This content sometimes includes links which redirect the user to websites containing malicious applications and user interfaces. Researchers have proposed various methods in past years to detect smishing but still, we lack a method that significantly avoids false-positive results i.e. falsely categorizing a message as malicious when it is genuine. Hence, we have proposed a model called 'Smishing Detector' to identify smishing messages while reducing false-positive results at every possible step. The proposed method consists of four modules, namely, SMS Content Analyzer, URL Filter, Source Code Analyzer and Apk Download Detector. SMS Content Analyzer analyzes the text message contents. Naive Bayes Classification Algorithm is used to identify the malicious contents and keywords present in the text message. URL Filter inspects the URL to identify malicious features. Source Code Analyzer examines the source code of the website to identify the harmful code embedded in it. Form tag and URL domain present in the source code are also inspected in this module. APK Download Detector identifies whether any malicious file is downloaded while invoking the URL. User consent taken while downloading the file is also inspected in this module. Finally, we have developed a prototype of the proposed system which has been validated with experiments on SMS datasets. In this paper, we have demonstrated the results of each module separately and also we have demonstrated the final results. The results of the experiments show an overall accuracy of 96.29%. We have compared this model with other models proposed by various researchers and we have found that this model covers more security aspects as compared to other models. (C) 2020 Elsevier B.V. All rights reserved.