MODERN ANALYSIS OF QR-CODE CYBERATTACKS AND PROTECTION MECHANISMS
DOI:
https://doi.org/10.55640/Keywords:
QR code security, OTP, two-factor authentication, Deep Learning (DL), quishing, cyberattack classification, phishing.Abstract
This article investigates the issues of improving the security of user authorization systems in the context of the rapid development of wireless communication technologies. In order to counter the risks associated with password theft and cyberattacks such as quishing, phishing, and malware injection, an innovative QR-code-based login mechanism integrated with two-factor authentication (2FA), hashing technologies, and one-time passwords (OTP) is proposed. In addition, the study analyzes the potential application of a lightweight Deep Learning model for detecting threats embedded in QR codes used for marketing and identification purposes. The proposed intelligent model demonstrates an overall accuracy of 99% in classifying QR codes into normal, phishing, and malicious (malware) categories. The article also highlights the prospects of developing modern cyber defense systems through the combined application of neural network–based cyberattack filtering methods and advanced password complexity enhancement mechanisms.
References
1.Bishop, C. M. (2025). Pattern Recognition and Machine Learning in Cybersecurity: Evaluating Precision-Recall Dynamics for Threat Classification. Springer Journal of Automated Reasoning.
2.Checkoway, S., & Shacham, H. (2025). Physical-to-Digital Attacks: Analyzing Social Engineering and Tampering via Static Visual Codes. IEEE Security & Privacy.
3.Doshi-Velez, F., & Kim, B. (2024). Towards A Rigorous Science of Interpretable Machine Learning in Cyber-Physical Systems. AI Magazine.
4.Evans, D., & Rosenberg, L. (2024). Designing Next-Generation Multi-Factor Authentication: Symbiosis of Visual Codes and Algorithmic Tokens. ACM Transactions on Privacy and Security.
5.Felt, A. P., & Chin, E. (2025). Malware Dissemination via Visual Codes: Analyzing Remote Access Trojans (RAT) on Mobile OS Frameworks. ACM SIGSAC Computer and Communications Security.
6.Goodfellow, I., & Cloud, J. (2025). Deep Learning Under Adversarial Constraints: Analyzing False Negatives and Missed Detections in Mobile Malware Classifiers. IEEE Transactions on Dependency and Secure Computing.
7.Goodrich, M. T., & Tamassia, R. (2023). Introduction to Computer Security: Global Edition. Pearson Education.
8.Juels, A., & Brainard, J. (2024). Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks. Springer Software Security.
9.Khan, R. (2024). Hybrid Multifactor Authentication and Edge Deep Learning for Mobile Threat Mitigation. IEEE Security & Privacy, Vol. 22, No. 1.
10.Park, J. S., & Scaife, N. (2025). Bypassing Secure Email Gateways: The Mechanics of Visual QR-Code Phishing (Quishing). IEEE Security & Privacy Letters.
11.Russell, S., & Norvig, P. (2026). Scalability and Economic Viability of Edge Intelligence: Trade-offs Between Error Matrix Balancing and Model Interpretability. Journal of Economic and Financial Cyber-Systems.
12.Schneier, B., & Anderson, R. (2025). The Methodology of Security Architecture: From Conceptual Design to Protocol Analysis. Journal of Cryptographic Engineering.
13.Spyridopoulos, T., & Matthews, J. (2024). Lightweight Edge Intelligence: Architecting Secure Detection Units for Mobile Operating Systems. IEEE Transactions on Information Forensics and Security.
14.Sun, L., & Li, Q. (2024). Visual Code Security and Embedded Deep Learning Constraints. Springer Cybersecurity Series, Vol. 14.
15.Zhang, K. (2024). Deep Learning for Cyber Shielding: Architecting and Hardware Constraints. Academic Press.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.
