ALFA: A Safe-by-Design Approach to Mitigate Quishing Attacks Launched via Fancy QR Codes

TL;DR

ALFA is a comprehensive safe-by-design approach that detects and mitigates malicious fancy QR codes, enhancing security against Quishing attacks by converting, correcting, and analyzing QR code structures with high accuracy.

Contribution

The paper introduces ALFA, a novel method combining binary grid conversion, error correction, and structural analysis to effectively identify and prevent malicious fancy QR codes.

Findings

Achieved a false negative rate of 0.06% in detection.

Demonstrated high classification reliability in real-world tests.

Validated effectiveness on diverse synthetic QR code datasets.

Abstract

Phishing with Quick Response (QR) codes is termed as Quishing. The attackers exploit this method to manipulate individuals into revealing their confidential data. Recently, we see the colorful and fancy representations of QR codes, the 2D matrix of QR codes which does not reflect a typical mixture of black-white modules anymore. Instead, they become more tempting as an attack vector for adversaries which can evade the state-of-the-art deep learning visual-based and other prevailing countermeasures. We introduce "ALFA", a safe-by-design approach, to mitigate Quishing and prevent everyone from accessing the post-scan harmful payload of fancy QR codes. Our method first converts a fancy QR code into the replica of binary grid and then identify the erroneous representation of modules in that grid. Following that, we present "FAST" method which can conveniently recover erroneous modules from that binary grid. Afterwards, using this binary grid, our solution extracts the structural features of fancy QR code and predicts its legitimacy using a pre-trained model. The effectiveness of our proposal is demonstrated by the experimental evaluation on a synthetic dataset (containing diverse variations of fancy QR codes) and achieve a FNR of 0.06% only. We also develop the mobile app to test the practical feasibility of our solution and provide a performance comparison of the app with the real-world QR readers. This comparison further highlights the classification reliability and detection accuracy of this solution in real-world environments.