Cover Image

Qsecr: secure QR code scanner according to a novel malicious URL detection framework.

Malicious Uniform Resource Locators (URLs) are the major issue posed by cybersecurity threats. Cyberattackers spread malicious URLs to carry out attacks such as phishing and malware, which lead unsuspecting visitors into scams, resulting in monetary loss and information theft. The adoption of Quick...

Full description

Saved in:
Bibliographic Details
Main Authors: Rafsanjani, Ahmad Sahban, Kamaruddin, Norshaliza, Mohd. Rusli,, Hazlifah, Dabbagh, Mohammad
Format: Article
Language:English
Published: Institute of Electrical and Electronics Engineers Inc. 2023
Subjects:
T Technology (General)
Online Access:http://eprints.utm.my/104905/1/NorshalizaKamaruddin2023_QsecRSecureQRCodeScannerAccordingtaNovel.pdf
http://eprints.utm.my/104905/
http://dx.doi.org/10.1109/ACCESS.2023.3291811
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.utm.104905
record_format eprints
spelling my.utm.1049052024-04-01T06:03:23Z http://eprints.utm.my/104905/ Qsecr: secure QR code scanner according to a novel malicious URL detection framework. Rafsanjani, Ahmad Sahban Kamaruddin, Norshaliza Mohd. Rusli,, Hazlifah Dabbagh, Mohammad T Technology (General) Malicious Uniform Resource Locators (URLs) are the major issue posed by cybersecurity threats. Cyberattackers spread malicious URLs to carry out attacks such as phishing and malware, which lead unsuspecting visitors into scams, resulting in monetary loss and information theft. The adoption of Quick Response (QR) codes with malicious URLs is a growing concern and is an open security issue. The existing QR link detection scanner applications mostly utilize the blacklist method to detect malicious URLs, which is not the optimal method for detecting new websites. Recently, machine learning methods have gained popularity as a means of enhancing the detection of malicious URLs. However, these methods are entirely data-dependent, and a large and updated dataset is required for the training to create an effective detection method. This research proposes QsecR, a secure and privacy-friendly QR code scanner, according to a malicious URL detection framework. QsecR is an Android QR code scanner based on predefined static feature classification by employing 39 classes of blacklist, lexical, host-based, and content-based features. A dataset containing 4000 real-world random URLs was gathered from URLhaus and PhishTank. The QsecR is evaluated by several QR code scanners in terms of security and privacy. The experimental result shows that QsecR outperforms others and achieves a detection accuracy of 93.50% and a precision value of 93.80%, which is significantly higher than the current secure QR code scanners. Also, QsecR is one of the most privacy-friendly application with the least privilege permission. Institute of Electrical and Electronics Engineers Inc. 2023-07-03 Article PeerReviewed application/pdf en http://eprints.utm.my/104905/1/NorshalizaKamaruddin2023_QsecRSecureQRCodeScannerAccordingtaNovel.pdf Rafsanjani, Ahmad Sahban and Kamaruddin, Norshaliza and Mohd. Rusli,, Hazlifah and Dabbagh, Mohammad (2023) Qsecr: secure QR code scanner according to a novel malicious URL detection framework. IEEE Access, 11 . pp. 92523-92539. ISSN 2169-3536 http://dx.doi.org/10.1109/ACCESS.2023.3291811 DOI: 10.1109/ACCESS.2023.3291811
institution Universiti Teknologi Malaysia
building UTM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Malaysia
content_source UTM Institutional Repository
url_provider http://eprints.utm.my/
language English
topic T Technology (General)
spellingShingle T Technology (General)
Rafsanjani, Ahmad Sahban
Kamaruddin, Norshaliza
Mohd. Rusli,, Hazlifah
Dabbagh, Mohammad
Qsecr: secure QR code scanner according to a novel malicious URL detection framework.
description Malicious Uniform Resource Locators (URLs) are the major issue posed by cybersecurity threats. Cyberattackers spread malicious URLs to carry out attacks such as phishing and malware, which lead unsuspecting visitors into scams, resulting in monetary loss and information theft. The adoption of Quick Response (QR) codes with malicious URLs is a growing concern and is an open security issue. The existing QR link detection scanner applications mostly utilize the blacklist method to detect malicious URLs, which is not the optimal method for detecting new websites. Recently, machine learning methods have gained popularity as a means of enhancing the detection of malicious URLs. However, these methods are entirely data-dependent, and a large and updated dataset is required for the training to create an effective detection method. This research proposes QsecR, a secure and privacy-friendly QR code scanner, according to a malicious URL detection framework. QsecR is an Android QR code scanner based on predefined static feature classification by employing 39 classes of blacklist, lexical, host-based, and content-based features. A dataset containing 4000 real-world random URLs was gathered from URLhaus and PhishTank. The QsecR is evaluated by several QR code scanners in terms of security and privacy. The experimental result shows that QsecR outperforms others and achieves a detection accuracy of 93.50% and a precision value of 93.80%, which is significantly higher than the current secure QR code scanners. Also, QsecR is one of the most privacy-friendly application with the least privilege permission.
format Article
author Rafsanjani, Ahmad Sahban
Kamaruddin, Norshaliza
Mohd. Rusli,, Hazlifah
Dabbagh, Mohammad
author_facet Rafsanjani, Ahmad Sahban
Kamaruddin, Norshaliza
Mohd. Rusli,, Hazlifah
Dabbagh, Mohammad
author_sort Rafsanjani, Ahmad Sahban
title Qsecr: secure QR code scanner according to a novel malicious URL detection framework.
title_short Qsecr: secure QR code scanner according to a novel malicious URL detection framework.
title_full Qsecr: secure QR code scanner according to a novel malicious URL detection framework.
title_fullStr Qsecr: secure QR code scanner according to a novel malicious URL detection framework.
title_full_unstemmed Qsecr: secure QR code scanner according to a novel malicious URL detection framework.
title_sort qsecr: secure qr code scanner according to a novel malicious url detection framework.
publisher Institute of Electrical and Electronics Engineers Inc.
publishDate 2023
url http://eprints.utm.my/104905/1/NorshalizaKamaruddin2023_QsecRSecureQRCodeScannerAccordingtaNovel.pdf
http://eprints.utm.my/104905/
http://dx.doi.org/10.1109/ACCESS.2023.3291811
_version_ 1797905672471314432
score 13.211869

Similar Items