QRFence: A flexible and scalable QR link security detection framework for Android devices

Android security is an ongoing topic of interest to both the research community and industry, particularly as the mobile threat landscape evolves. A threat that has yet to be resolved is malicious link dissemination via QR codes, and such codes are widely used by mobile users in countries such as China. Thus, this paper proposes a threat-oriented QR malicious link detection framework, QRFence, based on a novel machine learning-based link threat-degree evaluation model. Specifically, QRFence comprises a QR malicious link detection scheme and an integrated permission detection scheme, and provides the following properties: multiple classification algorithms, extensive training features and various permission combinations. The proposed framework is independent of the security detection plugin, and performs threat evaluation on the QR links during decoding; therefore, allowing users to understand potential threats of malicious links on-the-fly. Findings from our evaluations indicate that the average accuracy rate of this proposed QR link detection framework is 93.20%.