4.6 Article

GUI-Squatting Attack: Automated Generation of Android Phishing Apps

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING (2021)

Get Full Text
Add to Collection

Journal

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
Volume 18, Issue 6, Pages 2551-2568

Publisher

IEEE COMPUTER SOC
DOI: 10.1109/TDSC.2019.2956035

Keywords

Phishing; Graphical user interfaces; Cloning; Task analysis; Microsoft Windows; Malware; Android phishing apps; android GUI attacks; android apps

Categories

Computer Science, Hardware & Architecture Computer Science, Information Systems Computer Science, Software Engineering

Funding

  1. National Satellite of Excellence in Trustworthy Software System [NRF2018NCR-NSOE003-0001]
  2. National Research Foundation, Prime Ministers Office, Singapore under its National Cybersecurity RD Program [NRF2018NCR-NCR005-0001]
  3. NSFC [61502170]
  4. Science and Technology Commission of Shanghai Municipality [18511103802]

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

Mobile phishing attacks using disguise techniques have raised security concerns, with current detection methods potentially vulnerable. A new attack technique, GUI-Squatting attack, can automatically generate phishing apps on the Android platform using deep learning algorithms. Experimental results suggest existing phishing defenses are ineffective against emergent attacks, stimulating the need for more efficient detection techniques.
Mobile phishing attacks, such as mimic mobile browser pages, masquerade as legitimate applications by leveraging repackaging or clone techniques, have caused varied yet significant security concerns. Consequently, detection techniques have been receiving increasing attention. However, many such detection methods are not well tested and may therefore still be vulnerable to new types of phishing attacks. In this article, we propose a new attacking technique, named GUI-Squatting attack, which can generate phishing apps (phapps) automatically and effectively on the Android platform. Our method adopts image processing and deep learning algorithms, to enable powerful and large-scale attacks. We observe that a successful phishing attack requires two conditions, page confusion and logic deception during attacks synthesis. We directly optimize these two conditions to create a practical attack. Our experimental results reveal that existing phishing defenses are less effective against such emergent attacks and may, therefore, stimulate more efficient detection techniques. To further demonstrate that our generated phapps can not only bypass existing detection techniques, but also deceive real users, we conduct a human study and successfully steal users' login information. The human study also shows that different response messages (e.g., Crash and Server failed) after pressing the login button mislead users to regard our phapps as functionality problems instead of security threats. Extensive experiments reveal that such newly proposed attacks still remain mostly undetected, and are worth further exploration.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.6
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.