Visible to the public Weaponizing Unicodes with Deep Learning -Identifying Homoglyphs with Weakly Labeled Data

TitleWeaponizing Unicodes with Deep Learning -Identifying Homoglyphs with Weakly Labeled Data
Publication TypeConference Paper
Year of Publication2020
AuthorsDeng, Perry, Linsky, Cooper, Wright, Matthew
Conference Name2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
Keywordscybersecurity, homoglyphs, Measurement, Metrics, Plagiarism, Predictive models, predictive security metrics, pubcrawl, security, software development management, unicode, visualization, Weapons
AbstractVisually similar characters, or homoglyphs, can be used to perform social engineering attacks or to evade spam and plagiarism detectors. It is thus important to understand the capabilities of an attacker to identify homoglyphs - particularly ones that have not been previously spotted - and leverage them in attacks. We investigate a deep-learning model using embedding learning, transfer learning, and augmentation to determine the visual similarity of characters and thereby identify potential homoglyphs. Our approach uniquely takes advantage of weak labels that arise from the fact that most characters are not homoglyphs. Our model drastically outperforms the Normal-ized Compression Distance approach on pairwise homoglyph identification, for which we achieve an average precision of 0.97. We also present the first attempt at clustering homoglyphs into sets of equivalence classes, which is more efficient than pairwise information for security practitioners to quickly lookup homoglyphs or to normalize confusable string encodings. To measure clustering performance, we propose a metric (mBIOU) building on the classic Intersection-Over-Union (IOU) metric. Our clustering method achieves 0.592 mBIOU, compared to 0.430 for the naive baseline. We also use our model to predict over 8,000 previously unknown homoglyphs, and find good early indications that many of these may be true positives. Source code and list of predicted homoglyphs are uploaded to Github: https://github.com/PerryXDeng/weaponizing\_unicode.
DOI10.1109/ISI49825.2020.9280538
Citation Keydeng_weaponizing_2020