research-article
Authors: Mateusz Kazimierczak, Thanyathorn Thanapattheerakul, and Jonathan H. Chan
SOICT '23: Proceedings of the 12th International Symposium on Information and Communication Technology
December 2023
Pages 274 - 281
Published: 07 December 2023 Publication History
- 1citation
- 61
- Downloads
Metrics
Total Citations1Total Downloads61Last 12 Months61
Last 6 weeks10
New Citation Alert added!
This alert has been successfully added and will be sent to:
You will be notified whenever a record that you have chosen has been cited.
To manage your alert preferences, click on the button below.
Manage my Alerts
New Citation Alert!
Please log in to your account
Get Access
- Get Access
- References
- Media
- Tables
- Share
Abstract
With the increasing reliance on instant messaging applications like WhatsApp, ensuring user privacy and security has become paramount. This paper argues for the need to enhance the security of the WhatsApp messaging service. An API endpoint and Chrome extension capable of detecting profanity, malicious URLs, and inappropriate images are developed to satisfy this need. In its current stage, not only can malicious URLs circulate freely through WhatsApp without any checks, but it is also easy to send inappropriate images and texts which receiving users should be careful with. We survey existing publicly available services and APIs in the domains of profanity, malicious URLs, and inappropriate images. A novel approach that incorporates the most appropriate models for our purpose in an integrated detection system, based on simple statistical models and output from the third-party APIs, is proposed. We compile two extensive datasets of profane text and malicious URLs and employ them in testing the effectiveness of our proposed model using statistical methods. Additionally, we present a publicly available proof of concept Chrome extension that incorporates our model to provide users with an added layer of protection. Finally, we discuss potential areas for future research and suggest improvements to enhance the effectiveness of the proposed system and the cybersecurity aspect of chatting applications in general.
References
[1]
[n. d.]. Surge AI toxicity dataset. Retrieved October 29, 2023 from https://www.surgehq.ai/datasets/toxicity-dataset
[2]
Anupama Aggarwal, Ashwin Rajadesingan, and Ponnurangam Kumaraguru. 2012. PhishAri: Automatic realtime phishing detection on twitter. In 2012 eCrime Researchers Summit. IEEE, Las Croabas, PR, USA, 1–12. https://doi.org/10.1109/eCrime.2012.6489521
[3]
Jigsaw/Conversation AI. [n. d.]. Toxic Comment Classification Dataset. Retrieved October 29, 2023 from https://www.kaggle.com/competitions/jigsaw-toxic-comment-classification-challenge/data
[4]
Sumitra Biswal. 2018. What’s Vulnerable in WhatsApp. HELIX 8, 5 (Aug. 2018), 3710–3715. https://doi.org/10.29042/2018-3710-3715
[5]
Thomas Davidson, Dana Warmsley, Michael Macy, and Ingmar Weber. 2017. Automated Hate Speech Detection and the Problem of Offensive Language. http://arxiv.org/abs/1703.04009 arXiv:1703.04009 [cs].
[6]
S Dixon. 2023. Number of social media users worldwide from 2017 to 2027. https://www.statista.com/statistics/278414/number-of-worldwide-social-network-users/
[7]
Peggy E.Bruggman. 1995. Beyond Pinups: Workplace Restrictions on the Private Consumption of p*rnography. https://repository.uclawsf.edu/cgi/viewcontent.cgi?article=1594&context=hastings_constitutional_law_quaterly
[8]
Ethan Fast, Binbin Chen, and MichaelS. Bernstein. 2016. Empath: Understanding Topic Signals in Large-Scale Text. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems. ACM, San Jose California USA, 4647–4657. https://doi.org/10.1145/2858036.2858535
Digital Library
[9]
Google. [n. d.]. What is Safe Browsing?https://developers.google.com/safe-browsing
[10]
Cyril Goutte and Eric Gaussier. 2005. A Probabilistic Interpretation of Precision, Recall and F-Score, with Implication for Evaluation. 345–359.
[11]
Aviran Hazum, Bodgan Melnykov, and Israel Wenik. 2021. New wormable android malware spreads by creating auto-replies to messages in whatsapp. (April 2021). https://research.checkpoint.com/2021/new-wormable-android-malware-spreads-by-creating-auto-replies-to-messages-in-whatsapp/
[12]
Mateusz Kazimierczak. [n. d.]. Toxic Langauge Dataset. Retrieved October 29, 2023 from https://www.kaggle.com/datasets/mateuszalicante/toxic-langauge-dataset
[13]
Rida Khan, Salma Barakat, Lulwah AlAbduljabbar, Yara AlTayash, Nofe AlMussa, Maryam AlQattan, and Nor ShahidaMohd Jamail. 2022. WhatsApp: Cyber Security Risk Management, Governance and Control. In 2022 Fifth International Conference of Women in Data Science at Prince Sultan University (WiDS PSU). IEEE, Riyadh, Saudi Arabia, 160–165. https://doi.org/10.1109/WiDS-PSU54548.2022.00044
[14]
PonemonInstitute LLC. 2018. 2018 Cost of Data Breach Study: Impact of Business Continuity Management. https://www.ibm.com/downloads/cas/4DNXZYWK
[15]
Hossin M and Sulaiman M.N. 2015. A Review on Evaluation Metrics for Data Classification Evaluations. International Journal of Data Mining & Knowledge Management Process 5, 2 (March 2015), 01–11. https://doi.org/10.5121/ijdkp.2015.5201
[16]
Microsoft. [n. d.]. Microsoft Content Moderator Documentation.Retrieved October 29, 2023 from https://westus.dev.cognitive.microsoft.com/docs/services/57cf753a3f9b070c105bd2c1/operations/57cf753a3f9b070868a1f66f
[17]
Rahul Pradhan, Ankur Chaturvedi, Aprna Tripathi, and DilipKumar Sharma. 2020. A Review on Offensive Language Detection. In Advances in Data and Information Sciences, MohanL. Kolhe, Shailesh Tiwari, MuneshC. Trivedi, and KrishnK. Mishra (Eds.). Vol.94. Springer Singapore, Singapore, 433–439. https://doi.org/10.1007/978-981-15-0694-9_41 Series Title: Lecture Notes in Networks and Systems.
[18]
Julio C.S. Reis and Fabrício Benevenuto. 2021. Supervised Learning for Misinformation Detection in WhatsApp. In Proceedings of the Brazilian Symposium on Multimedia and the Web. ACM, Belo Horizonte Minas Gerais Brazil, 245–252. https://doi.org/10.1145/3470482.3479641
Digital Library
[19]
Richard Shay, Saranga Komanduri, AdamL. Durity, Phillip(Seyoung) Huh, MichelleL. Mazurek, SeanM. Segreti, Blase Ur, Lujo Bauer, Nicolas Christin, and LorrieFaith Cranor. 2016. Designing Password Policies for Strength and Usability. ACM Transactions on Information and System Security 18, 4 (May 2016), 1–34. https://doi.org/10.1145/2891411
Digital Library
[20]
MANU SIDDHARTHA. [n. d.]. Malicious URLs dataset (Version 1). Retrieved October 29, 2023 from https://www.kaggle.com/datasets/sid321axn/malicious-urls-dataset
[21]
PeterK. Smith, Jess Mahdavi, Manuel Carvalho, Sonja Fisher, Shanette Russell, and Neil Tippett. 2008. Cyberbullying: its nature and impact in secondary school pupils. Journal of Child Psychology and Psychiatry 49, 4 (April 2008), 376–385. https://doi.org/10.1111/j.1469-7610.2007.01846.x
[22]
Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, and Dawn Song. 2011. Design and Evaluation of a Real-Time URL Spam Filtering Service. In 2011 IEEE Symposium on Security and Privacy. IEEE, Oakland, CA, USA, 447–462. https://doi.org/10.1109/SP.2011.25
Digital Library
[23]
Guang Xiang, Jason Hong, CarolynP. Rose, and Lorrie Cranor. 2011. CANTINA+: A Feature-Rich Machine Learning Framework for Detecting Phishing Web Sites. ACM Transactions on Information and System Security 14, 2 (Sept. 2011), 1–28. https://doi.org/10.1145/2019599.2019606
Digital Library
[24]
Jianlong Zhou, AmirH. Gandomi, Fang Chen, and Andreas Holzinger. 2021. Evaluating the Quality of Machine Learning Explanations: A Survey on Methods and Metrics. Electronics 10, 5 (March 2021), 593. https://doi.org/10.3390/electronics10050593
Cited By
View all
- Bimantoro RFitrani ABusono S(2024)Sistem WhatsApp sebagai Notifikasi pada UMSIDA Farm Store Berbasis WebJournal of Internet and Software Engineering10.47134/pjise.v1i1.22481:1(14)Online publication date: 31-Jan-2024
Index Terms
Enhancing Security in WhatsApp: A System for Detecting Malicious and Inappropriate Content
Security and privacy
Human and societal aspects of security and privacy
Privacy protections
Social aspects of security and privacy
Software and application security
Social network security and privacy
Web application security
Software and its engineering
Software creation and management
Software verification and validation
Empirical software validation
Recommendations
- Detecting malicious facebook applications
With 20 million installs a day [1], third-party apps are a major reason for the popularity and addictiveness of Facebook. Unfortunately, hackers have realized the potential of using apps for spreading malware and spam. The problem is already significant,...
Read More
- Detecting and Combating Malicious Email
Read More
- An approach for detecting malicious keyloggers
InfoSecCD '12: Proceedings of the 2012 Information Security Curriculum Development Conference
Keyloggers are applications that are installed onto computers with the intent of monitoring and storing keystrokes that are input by a user. These keystrokes can either be stored on a physical hard disk or transmitted via a network connection to a ...
Read More
Comments
Information & Contributors
Information
Published In
SOICT '23: Proceedings of the 12th International Symposium on Information and Communication Technology
December 2023
1058 pages
ISBN:9798400708916
DOI:10.1145/3628797
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [emailprotected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 07 December 2023
Permissions
Request permissions for this article.
Check for updates
Author Tags
- Cybersecurity
- Dataset
- Privacy
- Social media
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
SOICT 2023
SOICT 2023: The 12th International Symposium on Information and Communication Technology
December 7 - 8, 2023
Ho Chi Minh, Vietnam
Acceptance Rates
Overall Acceptance Rate 147 of 318 submissions, 46%
Contributors
Other Metrics
View Article Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations
1
Total Citations
61
Total Downloads
- Downloads (Last 12 months)61
- Downloads (Last 6 weeks)10
Other Metrics
View Author Metrics
Citations
Cited By
View all
- Bimantoro RFitrani ABusono S(2024)Sistem WhatsApp sebagai Notifikasi pada UMSIDA Farm Store Berbasis WebJournal of Internet and Software Engineering10.47134/pjise.v1i1.22481:1(14)Online publication date: 31-Jan-2024
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in
Full Access
Get this Publication
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatMedia
Figures
Other
Tables