Skip to content

lindsey98/MyXdriver_pub

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

131 Commits

browsers

browsers

 
 

configs

configs

 
 

js

js

 
 

security

security

 
 

testing

testing

 
 

xutils

xutils

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

WebInteraction Diagram.png

WebInteraction Diagram.png

 
 

XDriver.py

XDriver.py

 
 

__init__.py

__init__.py

 
 

cleanup.sh

cleanup.sh

 
 

configs.py

configs.py

 
 

requirements.txt

requirements.txt

 
 

setup.py

setup.py

 
 

setup.sh

setup.sh

 
 

setup_redhat.sh

setup_redhat.sh

 
 

Repository files navigation

MyXdriver

In this repository, we build a system to automatically decide the maliciousness of a phishing webpage through its behaviors.

This repository includes partial code for our paper "Knowledge Expansion and Counterfactual Interaction for Reference-Based Phishing Detection". Published in USENIX Security 2023.

The main repository is here: https://github.com/code-philia/Dynaphish

Supported functionalities:

  • ✅ Locate all inputs, submission buttons, etc.
  • ✅ Decide the semantics of inputs and fill in faked credentials
  • ✅ Submit forms
  • ✅ Track webpage state changes
  • ✅ Detect the presence of reCaptcha
  • ✅ Detect the presence of error messages
  • ✅ HTML obfuscation
  • ✅ Observe the suspicious behaviors during login action
    • 🏁 Let users proceed without verification on fake credentials
    • 🏁 Redirect to third-party webpage after form submission

System Overview

We build an interaction webdriver (Selenium-based) to automatically perform form filling, form submission, and webpage transition detection. Our main goal is to report suspicious behaviors during the login process, such as (1) no verification of fake account details and (2) evasive redirection to third-party websites upon form submission.

Updates

  • [2023-09-23] ❗❗❗ Somehow the model downloading in setup.sh does not always work because of the git lfs limit 😢 , alternatively, you can download the model_final.pth from this link.
  • [2023-09-12] 🍋🍋🍋🍋🍋🍋🍋 If you want to speed up, you can switch to the "simple" branch. 🍋🍋🍋🍋🍋🍋🍋🍋

Setup

Implemented and tested on Ubuntu 16.04 and 20.04 with Python 3.8. Should work on other Debian-based systems as well. 1.
Clone this MyXDriver_pub repo and cd into it

git clone https://github.com/lindsey98/MyXdriver_pub.git
cd MyXdriver_pub
  1. Manually download chromedriver executable (https://chromedriver.chromium.org/), and put it under config/webdrivers.
  • Make sure the webdriver's version is compatible with the corresponding browsers' version
  1. run ./setup.sh

Usage

Reference

If you find our tool helpful, please consider citing our paper

 @inproceedings {291106,
 author = {Ruofan Liu and Yun Lin and Yifan Zhang and Penn Han Lee and Jin Song Dong},
 title = {Knowledge Expansion and Counterfactual Interaction for {Reference-Based} Phishing Detection},
 booktitle = {32nd USENIX Security Symposium (USENIX Security 23)},
 year = {2023},
 isbn = {978-1-939133-37-3},
 address = {Anaheim, CA},
 pages = {4139--4156},
 url = {https://www.usenix.org/conference/usenixsecurity23/presentation/liu-ruofan},
 publisher = {USENIX Association},
 month = aug,
 }

About

Selenium webdriver to automatically perform login and submission action, and observe the suspicious behaviours

Topics

selenium-webdriver phishing-detection

Resources

Readme

License

GPL-3.0 license
Activity

Stars

6 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages