Ensign InfoSecurity Researchers Present ‘TypoSwype’: An Artificial Intelligence (AI) Based Imaging Approach to Detect Typosquatting Attacks

Cyberattackers use many methods to trick consumers into visiting malicious websites or giving over private information. One of the most popular forms of cyberattack is typosquatting, which takes advantage of people’s propensity to make typos when typing quickly or to misunderstand words with minor topographical flaws. For the most part, typosquatting involves the construction of malicious websites with URLs that are similar to those of legitimate sites but contain typos (e.g., “fqcebook” instead of “facebook” or “yuube” instead of “youtube”). If a user accidentally accesses one of these sites, they may unwillingly download malicious software or provide sensitive information to cybercriminals.

Therefore, researchers in the field of computer science are consistently striving to create more sophisticated methods to detect and counteract such attacks.

Most current methods for detecting such phishing attacks rely on using spell checkers. These techniques have limited utility outside of specific contexts because their effectiveness often depends on the lexicon of words used to teach them.

Researchers from Singapore’s end-to-end cybersecurity service provider, Ensign InfoSecurity, developed TypoSwype as an alternative image-analysis-based tool for detecting typosquatting threats. This tool uses sophisticated picture recognition methods to render text strings into keyboard graphics. 

TypoSwype captures the space between characters on the keyboard, unlike previously introduced methods for detecting typosquatting, by drawing lines between the buttons of consecutive characters on a hypothetical keyboard. This helps to correct the inaccuracies of previously used string edit distance metrics (i.e., methods that determine the degree of dissimilarity between two words or character sequences).

The team used image recognition methods since they are faster than string-matching solutions and can scan numerous potential typosquatting domains simultaneously.

Ensign InfoSecurity will integrate TypoSwype into its arsenal of anti-phishing solutions, making it accessible to people worldwide.

In a series of experiments, the researchers compared their typosquatting detection tool’s efficacy to that of the DLD algorithm, a popular cybersecurity model. They discovered that TypoSwype was superior to DLD in detecting typosquatting and correctly identified the legitimate, well-known domains that cybercriminals were attempting to “typo-squat” on.

As per the team, TypoSwype is the first application of convolutional neural networks (CNNs) to the problem of typosquatting using Swype inputs. Swyping automatically accounts for the distance from the keyboard that most typos have. Because it establishes a lower bound for dissimilar Swype images, Triplet loss and NT-Xent loss are also used by the researchers throughout the training process of their model. They enhanced metrics for identifying potentially malicious typosquatting domains by using string edit distance matching techniques, which effectively identify domains already quite similar.

The team hopes their work will help the research community develop cybersecurity techniques based on image recognition models.

This Article is written as a research summary article by Marktechpost Staff based on the research paper 'TypoSwype: An Imaging Approach to Detect Typo-Squatting'. All Credit For This Research Goes To Researchers on This Project. Check out the paper and reference article.
Please Don't Forget To Join Our ML Subreddit

Tanushree Shenwai is a consulting intern at MarktechPost. She is currently pursuing her B.Tech from the Indian Institute of Technology(IIT), Bhubaneswar. She is a Data Science enthusiast and has a keen interest in the scope of application of artificial intelligence in various fields. She is passionate about exploring the new advancements in technologies and their real-life application.