Clicking on an innocuous-looking link received over WhatsApp is all it takes for an unsuspecting user to fall prey to a phishing attack .
That probability has only increased manifold ever since the onset of the pandemic last year, with companies and individuals being hit by waves after waves of such attacks .
Realising the seriousness of the problem , a four-member team of computer science students, who have now passed out, from the Rajagiri School of Engineering and Technology (RSET) have developed a Deep Learning-based solution to detect websites with phishing motives as part of their B.Tech final year project. The solution has caught the eyes of Kerala Police Cyberdome , which is now in the process of adding it as a module to their existing app, BSafe, for alerting fraud and spam calls.
“Unlike the existing models for detecting phishing attacks that largely take into account the website URL alone, our solution collects HTML, including script tags, to differentiate a malicious website from a benign one. We have developed a browser extension where a user can feed the website URL and the solution will run a phishing check,” said Nithin Valiyaveedu, a member of the team. Roshan Reju, Nithin K.M, and Vysakh Murali made up the rest of the team guided by Sangeetha Jamal, Assistant Professor, RSET
The team reached out to Cyberdome using Mr. Roshan's contacts there in his capacity as an ethical hacker. Two presentations were held for the Cyberdome representatives who were impressed by the solution. The team has since then shared the API (Application Programming Interface) code of the solution with the Cyberdome for adding it as a module in BSafe.
“BSafe, a mobile and web-based application, is building up a database of numbers involved in scams and helps users of the app to alert and even block such numbers automatically. We plan to incorporate the phishing attack detecting solution as an additional feature in our app for which the process is now underway,” said Cyberdome sources.
Mr. Roshan said that their innovation defers from the existing Machine Learning-based models against detecting phishing attacks. “Deep Learning is more advanced and accurate compared to Machine Learning with greater computation power as well,” he said.
The youngsters, all of whom have since then gotten jobs, said that though they could have marketed their solution as a separate product, they chose to associate with Cyberdome for the larger good of the public.