Detecting tabnabbing attacks via an rl-based agent

Abstract

Tabnabbing attacks exploit user behavior in web browsers, deceiving users by altering content in inactive tabs to appear legitimate, leading to data disclosure or unintended actions. This research evaluates the effectiveness of Reinforcement Learning (RL) in detecting Tabnabbing attacks at the web browser level, presenting a proactive defense mechanism against this cyber threat. The study began with a literature review to find the top 5 critical features of Tabnabbing attacks and were extracted using a publicly available dataset from "Phishpedia". Data preprocessing is conducted to handle missing and incorrect data, resulting in a refined dataset. The RL agent is designed using the Deep QNetwork (DQN) algorithm, which effectively handles highdimensional state spaces. The evaluation of the RL agent demonstrates promising results. However, there is room for improvement requiring further research and model tuning.