Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations

R. Sonia; S. Anila; S. A. Karthik; S. Meenakshi; Eric Howard; Kartikeya Parmar; J. K. Periasamy; V. Vijayan

doi:10.1063/5.0235981

Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations

R. Sonia^*, S. Anila, S. A. Karthik, S. Meenakshi, Eric Howard, Kartikeya Parmar, J. K. Periasamy, V. Vijayan

^*Corresponding author for this work

School of Mathematical and Physical Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

Abstract

Research has demonstrated that Machine-Learning Phishing Webpage Detectors, which is vulnerable to malicious changes of the input webpage's HTML code. Unfortunately, the newly suggested assaults have not been very effective so far because they target specific HTML components and don't optimise the employment of the manipulations that have been accepted. To get over these limitations, we created a novel set of granular manipulations that can change input phishing webpage HTML code while keeping its aesthetic appeal and malevolent intent (alterations are rendered-preserving and functional by design). After that, we use a query-efficient black-box optimization technique to choose which alterations to apply in order to evade the target detector. In contrast to the weaker attacks created in earlier work, our results demonstrate that our attacks may completely demolish the performance of state-of-the-art ML-PWD with only 30 questions. This allows for a considerably more equitable evaluation of ML-robustness. PWD's

Original language	English
Title of host publication	ICGRMSD24
Subtitle of host publication	Proceedings of the 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development
Place of Publication	Thanjavur, India
Publisher	AIP Publishing
Pages	020006-1-020006-11
Number of pages	11
DOIs	https://doi.org/10.1063/5.0235981
Publication status	Published - 11 Nov 2024
Event	2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development, ICGRMSD 2024 - Thanjavur, India Duration: 1 Feb 2024 → 2 Feb 2024

Publication series

Name	AIP Conference Proceedings
Publisher	AIP Publishing
Number	1
Volume	3193
ISSN (Print)	0094-243X
ISSN (Electronic)	1551-7616

Conference

Conference	2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development, ICGRMSD 2024
Country/Territory	India
City	Thanjavur
Period	1/02/24 → 2/02/24

Keywords

adversarial attacks
HTML
machine learning
Optimization
phishing

Access to Document

10.1063/5.0235981

Cite this

Sonia, R., Anila, S., Karthik, S. A., Meenakshi, S., Howard, E., Parmar, K., Periasamy, J. K., & Vijayan, V. (2024). Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations. In ICGRMSD24: Proceedings of the 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development (pp. 020006-1-020006-11). (AIP Conference Proceedings; Vol. 3193, No. 1). AIP Publishing. https://doi.org/10.1063/5.0235981

Sonia, R. ; Anila, S. ; Karthik, S. A. et al. / Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations. ICGRMSD24: Proceedings of the 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development. Thanjavur, India : AIP Publishing, 2024. pp. 020006-1-020006-11 (AIP Conference Proceedings; 1).

@inproceedings{a8e5af7d421540559cd5535c64767917,

title = "Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations",

abstract = "Research has demonstrated that Machine-Learning Phishing Webpage Detectors, which is vulnerable to malicious changes of the input webpage's HTML code. Unfortunately, the newly suggested assaults have not been very effective so far because they target specific HTML components and don't optimise the employment of the manipulations that have been accepted. To get over these limitations, we created a novel set of granular manipulations that can change input phishing webpage HTML code while keeping its aesthetic appeal and malevolent intent (alterations are rendered-preserving and functional by design). After that, we use a query-efficient black-box optimization technique to choose which alterations to apply in order to evade the target detector. In contrast to the weaker attacks created in earlier work, our results demonstrate that our attacks may completely demolish the performance of state-of-the-art ML-PWD with only 30 questions. This allows for a considerably more equitable evaluation of ML-robustness. PWD's",

keywords = "adversarial attacks, HTML, machine learning, Optimization, phishing",

author = "R. Sonia and S. Anila and Karthik, {S. A.} and S. Meenakshi and Eric Howard and Kartikeya Parmar and Periasamy, {J. K.} and V. Vijayan",

year = "2024",

month = nov,

day = "11",

doi = "10.1063/5.0235981",

language = "English",

series = "AIP Conference Proceedings",

publisher = "AIP Publishing",

number = "1",

pages = "020006--1--020006--11",

booktitle = "ICGRMSD24",

note = "2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development, ICGRMSD 2024 ; Conference date: 01-02-2024 Through 02-02-2024",

}

Sonia, R, Anila, S, Karthik, SA, Meenakshi, S, Howard, E, Parmar, K, Periasamy, JK & Vijayan, V 2024, Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations. in ICGRMSD24: Proceedings of the 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development. AIP Conference Proceedings, no. 1, vol. 3193, AIP Publishing, Thanjavur, India, pp. 020006-1-020006-11, 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development, ICGRMSD 2024, Thanjavur, India, 1/02/24. https://doi.org/10.1063/5.0235981

Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations. / Sonia, R.; Anila, S.; Karthik, S. A. et al.
ICGRMSD24: Proceedings of the 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development. Thanjavur, India: AIP Publishing, 2024. p. 020006-1-020006-11 (AIP Conference Proceedings; Vol. 3193, No. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations

AU - Sonia, R.

AU - Anila, S.

AU - Karthik, S. A.

AU - Meenakshi, S.

AU - Howard, Eric

AU - Parmar, Kartikeya

AU - Periasamy, J. K.

AU - Vijayan, V.

PY - 2024/11/11

Y1 - 2024/11/11

N2 - Research has demonstrated that Machine-Learning Phishing Webpage Detectors, which is vulnerable to malicious changes of the input webpage's HTML code. Unfortunately, the newly suggested assaults have not been very effective so far because they target specific HTML components and don't optimise the employment of the manipulations that have been accepted. To get over these limitations, we created a novel set of granular manipulations that can change input phishing webpage HTML code while keeping its aesthetic appeal and malevolent intent (alterations are rendered-preserving and functional by design). After that, we use a query-efficient black-box optimization technique to choose which alterations to apply in order to evade the target detector. In contrast to the weaker attacks created in earlier work, our results demonstrate that our attacks may completely demolish the performance of state-of-the-art ML-PWD with only 30 questions. This allows for a considerably more equitable evaluation of ML-robustness. PWD's

AB - Research has demonstrated that Machine-Learning Phishing Webpage Detectors, which is vulnerable to malicious changes of the input webpage's HTML code. Unfortunately, the newly suggested assaults have not been very effective so far because they target specific HTML components and don't optimise the employment of the manipulations that have been accepted. To get over these limitations, we created a novel set of granular manipulations that can change input phishing webpage HTML code while keeping its aesthetic appeal and malevolent intent (alterations are rendered-preserving and functional by design). After that, we use a query-efficient black-box optimization technique to choose which alterations to apply in order to evade the target detector. In contrast to the weaker attacks created in earlier work, our results demonstrate that our attacks may completely demolish the performance of state-of-the-art ML-PWD with only 30 questions. This allows for a considerably more equitable evaluation of ML-robustness. PWD's

KW - adversarial attacks

KW - HTML

KW - machine learning

KW - Optimization

KW - phishing

UR - http://www.scopus.com/inward/record.url?scp=85210248419&partnerID=8YFLogxK

U2 - 10.1063/5.0235981

DO - 10.1063/5.0235981

M3 - Conference proceeding contribution

AN - SCOPUS:85210248419

T3 - AIP Conference Proceedings

SP - 020006-1-020006-11

BT - ICGRMSD24

PB - AIP Publishing

CY - Thanjavur, India

T2 - 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development, ICGRMSD 2024

Y2 - 1 February 2024 through 2 February 2024

ER -

Sonia R, Anila S, Karthik SA, Meenakshi S, Howard E, Parmar K et al. Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations. In ICGRMSD24: Proceedings of the 2nd International Interdisciplinary Scientific Conference on Green Energy, Environmental and Renewable Energy, Advanced Materials, and Sustainable Development. Thanjavur, India: AIP Publishing. 2024. p. 020006-1-020006-11. (AIP Conference Proceedings; 1). doi: 10.1063/5.0235981

Refining adversarial attacks on machine-learning phishing webpage detectors through functionality-preserving HTML manipulations

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Cite this