QR code security: an adaptive retraining approach for dynamic URL-based threat detection

Abstract The extensive integration of QR codes into daily activities highlights their pivotal role in facilitating seamless information exchange. However, this widespread adoption also exposes QR codes to cybersecurity threats. Malicious QR codes, often persuasive as legitimate code, can carry unwanted or harmful content, posing significant risks to users. Particularly, the encoded information within QR codes, including URLs, is a prime target for cybercriminals. Consequently, to effectively mitigate these threats, precise detection systems are imperative for identifying novel instances of malicious URLs embedded within QR codes. Traditional approaches, like blacklists, are increasingly inadequate against the evolving threat landscape. Therefore, there has been a shift towards leveraging pre-trained language modelling techniques as a more robust solution to enhance QR code security. This study aims to harness the power of a BERT-based architecture to differentiate and classify QR codes based on the URLs embedded within them, distinguishing between benign and malicious URLs. Moreover, the study adopts an adaptive and dynamic approach through periodic model refinement. By continuously updating and retraining the model with newly recorded URL data sourced from diverse resources, this methodology ensures its adaptability to evolving threats, thus fortifying QR code security measures. The experimental findings from the proposed BERT model showcase superior performance in accurately detecting malicious URLs, outperforming other methods.