PP3D: An In-Browser Vision-Based Defense Against Web Behavior Manipulation Attacks

TL;DR

PP3D is a browser-based framework that detects and defends against web behavior-manipulation attacks like scams in real time, achieving high accuracy and low false positives across devices.

Contribution

This work introduces the first end-to-end in-browser system for real-time detection and defense against web behavior-manipulation attacks, with privacy-preserving client-side deployment.

Findings

Achieves above 99% detection rate with 1% false positives on known attacks.

Maintains above 97% detection rate with 1% false positives on new, unseen attacks.

Operates efficiently across desktop and mobile devices.

Abstract

Web-based behavior-manipulation attacks (BMAs) - such as scareware, fake software downloads, tech support scams, etc. - are a class of social engineering (SE) attacks that exploit human decision-making vulnerabilities. These attacks remain under-studied compared to other attacks such as information harvesting attacks (e.g., phishing) or malware infections. Prior technical work has primarily focused on measuring BMAs, offering little in the way of generic defenses. To address this gap, we introduce Pixel Patrol 3D (PP3D), the first end-to-end browser framework for discovering, detecting, and defending against behavior-manipulating SE attacks in real time. PP3D consists of a visual detection model implemented within a browser extension, which deploys the model client-side to protect users across desktop and mobile devices while preserving privacy. Our evaluation shows that PP3D can achieve above 99% detection rate at 1% false positives, while maintaining good latency and overhead performance across devices. Even when faced with new BMA samples collected months after training the detection model, our defense system can still achieve above 97% detection rate at 1% false positives. These results demonstrate that our framework offers a practical, effective, and generalizable defense against a broad and evolving class of web behavior-manipulation attacks.