Learn about an innovative cybersecurity research presentation from USENIX Security '24 that introduces PhishDecloaker, a groundbreaking AI-powered solution for detecting CAPTCHA-cloaked phishing websites. Explore how this 13-minute talk demonstrates a hybrid vision-based interactive model that mimics human behavior to solve CAPTCHAs and expose hidden phishing content. Discover how the system orchestrates five deep computer vision models to detect, analyze, and solve CAPTCHA challenges, effectively restoring phishing detection rates from 0% to 74.25% on average. Examine the solution's impressive generalization capabilities with 86% precision and 69% recall on unseen CAPTCHAs, while maintaining robustness against various adversarial attacks including FGSM, JSMA, PGD, DeepFool, and DPatch. Understand the real-world impact demonstrated through a 30-day field study, revealing PhishDecloaker's ability to uncover 7.6% more CAPTCHA-cloaked phishing websites, highlighting the growing significance of CAPTCHA-cloaking in modern phishing campaigns.
Overview
Syllabus
USENIX Security '24 - PhishDecloaker: Detecting CAPTCHA-cloaked Phishing Websites via Hybrid...
Taught by
USENIX