반도체디스플레이기술학회지 (Journal of the Semiconductor & Display Technology)

한국반도체디스플레이기술학회 (The Korean Society Of Semiconductor & Display Technology)
권호 표지

NLP와 PunyCode 변환 기법을 활용한 스미싱 메시지 탐지 시스템 설계 및 구현

Design and Implementation of a Smishing Message Detection System Using NLP and PunyCode Conversion Techniques

  • 국중진 (상명대학교 전자정보시스템공학과) ;
  • 이건희 (상명대학교 전자정보시스템공학과) ;
  • 김주환 (상명대학교 정보보안공학과) ;
  • 오재혁 (상명대학교 정보보안공학과) ;
  • 박재한 (상명대학교 정보보안공학과) ;
  • 박정은 (상명대학교 정보보안공학과)
  • Joongjin Kook (Dept. of Electronics and Information System Engineering, Sangmyung University) ;
  • Keonhee Lee (Dept. of Electronics and Information System Engineering, Sangmyung University) ;
  • Juhwan Kim (Dept. of Information Security Engineering, Sangmyung University) ;
  • Jaehyeok Oh (Dept. of Information Security Engineering, Sangmyung University) ;
  • Jaehan Park (Dept. of Information Security Engineering, Sangmyung University) ;
  • Jungeun Park (Dept. of Information Security Engineering, Sangmyung University)
  • 투고 : 2024.08.29
  • 심사 : 2024.09.14
  • 발행 : 2024.09.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

As smartphones become more integral to daily life, security concerns, particularly regarding smishing, have risen significantly. With the increasing frequency and variety of smishing attacks, current detection methods struggle to provide effective solutions, with most commercial algorithms achieving around a 70% detection rate. This paper proposes a novel approach to enhancing smishing detection accuracy by utilizing Natural Language Processing to analyze message syntax and semantics, combined with URL Punycode conversion and whitelist techniques. The approach focuses on improving detection through comprehensive message analysis, aiming to address the limitations of existing preventive methods. The proposed system offers conceptual improvements in smishing detection strategies, providing a more robust framework for addressing evolving security challenges.

키워드

참고문헌

  1. Choi, M., "Current Status, Types, Trends, and Implications of Voice Phishing," Korean Social Trends 2022, pp. 307-315, 2022.
  2. Choi, J.Y., Oh, S.J., Roh, G.W., and Jeong, W.H., "Utilizing Pre-trained Language Models for Effective Smishing Detection," Proceedings of the Korean Institute of Information Scientists and Engineers (KIISE) Conference, Busan, Dec. 2023.
  3. Jeong, S.H., Do, H.J., Cho, J.E., Park, Y.E., Kim, J.W., and Choi, J.Y., "Development of a Smishing Detection Mobile Application Using Text Mining," Proceedings of the Korean Institute of Communications and Information Sciences (KICS) Conference, Gangwon, Feb. 2022.
  4. Ulfath, R.E., Sarker, I.H., Chowdhury, M.J.M., and Hammoudeh, M., "Detecting Smishing Attacks Using Feature Extraction and Classification Techniques," Proceedings of the International Conference on Big Data, IoT, and Machine Learning, pp. 677-689, Dec. 2021.
  5. Verma, S., Ayala-Rivera, V., and Portillo-Dominguez, A.O., "Detection of Phishing in Mobile Instant Messaging Using Natural Language Processing and Machine Learning," Proceedings of the 2023 11th International Conference in Software Engineering Research and Innovation (CONISOFT), Leon, Guanajuato, Mexico, Nov. 2023. DOI: 10.1109/CONISOFT58849.2023.00029.
  6. https://www.virustotal.com/gui/home/upload
  7. https://github.com/haccer/subjack
  8. https://book.hacktricks.xyz/v/kr/pentesting-web/domain-subdomain-takeover