Spaces:
Runtime error
Runtime error
Niv Sardi
commited on
Commit
•
d8acda9
1
Parent(s):
a865450
update readme
Browse filesSigned-off-by: Niv Sardi <xaiki@evilgiggle.com>
- README.org +32 -4
README.org
CHANGED
|
@@ -1,20 +1,48 @@
|
|
| 1 |
#+TITLE: Spoof Detect
|
| 2 |
|
| 3 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
https://github.com/ModelDepot/tfjs-yolo-tiny
|
| 5 |
https://github.com/Hyuto/yolov5-tfjs
|
| 6 |
|
| 7 |
** augmentation
|
| 8 |
https://github.com/srp-31/Data-Augmentation-for-Object-Detection-YOLO-
|
| 9 |
|
| 10 |
-
|
| 11 |
-
* proveedores
|
| 12 |
http://www.bcra.gov.ar/SistemasFinancierosYdePagos/Proveedores-servicios-de-pago-ofrecen-cuentas-de-pago.asp
|
| 13 |
http://www.bcra.gov.ar/SistemasFinancierosYdePagos/Proveedores-servicios-de-billeteras-digitales-Interoperables.asp
|
| 14 |
|
| 15 |
http://www.bcra.gob.ar/SistemasFinancierosYdePagos/Entidades_financieras.asp
|
| 16 |
|
| 17 |
-
|
| 18 |
https://stackoverflow.com/questions/6566545/is-there-any-way-to-access-certificate-information-from-a-chrome-extension
|
| 19 |
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest#accessing_security_information
|
| 20 |
https://chromium-review.googlesource.com/c/chromium/src/+/644858
|
|
|
|
| 1 |
#+TITLE: Spoof Detect
|
| 2 |
|
| 3 |
+
Detect spoofed website by detecting logos from bank and financial entities in
|
| 4 |
+
pages with =ssl certificates= that do not match.
|
| 5 |
+
|
| 6 |
+
The process is pretty simple:
|
| 7 |
+
- scrape gvt websites to get a list of entities (for argentina it's BCRA)
|
| 8 |
+
- get logos, names and url
|
| 9 |
+
- navigate the url, extract the ssl certificate and look for =img= and tags
|
| 10 |
+
with =id= or =class= logo (needs more heuristics) to make a db of logos
|
| 11 |
+
- screenshot the page and slice it into tiles generating YOLO annotations for
|
| 12 |
+
the detected logos
|
| 13 |
+
- augment data using the logos database and the logoless tiles as background images
|
| 14 |
+
- train yolov5s
|
| 15 |
+
- feed everything to a web extension that will detect the logos in any page
|
| 16 |
+
and show a warning if the =SSL certificate= mismatches the collected one.
|
| 17 |
+
|
| 18 |
+
* running
|
| 19 |
+
#+begin_src sh
|
| 20 |
+
# build the training dataset
|
| 21 |
+
docker-compose up --build --remove-orphans
|
| 22 |
+
|
| 23 |
+
# run the training on your machine or collab
|
| 24 |
+
# https://colab.research.google.com/drive/10R7uwVJJ1R1k6oTjbkkhxPDka7COK-WE
|
| 25 |
+
git clone https://github.com/ultralytics/yolov5 # clone repo
|
| 26 |
+
pip install -U -r yolov5/requirements.txt # install dependencies
|
| 27 |
+
python3 yolov5/train.py --img 416 --batch 80 --epochs 100 --data ./ia/data.yaml --cfg ./ia/yolov5s.yaml --weights ''
|
| 28 |
+
|
| 29 |
+
#+end_src
|
| 30 |
+
|
| 31 |
+
* research
|
| 32 |
+
** yolo
|
| 33 |
https://github.com/ModelDepot/tfjs-yolo-tiny
|
| 34 |
https://github.com/Hyuto/yolov5-tfjs
|
| 35 |
|
| 36 |
** augmentation
|
| 37 |
https://github.com/srp-31/Data-Augmentation-for-Object-Detection-YOLO-
|
| 38 |
|
| 39 |
+
** proveedores
|
|
|
|
| 40 |
http://www.bcra.gov.ar/SistemasFinancierosYdePagos/Proveedores-servicios-de-pago-ofrecen-cuentas-de-pago.asp
|
| 41 |
http://www.bcra.gov.ar/SistemasFinancierosYdePagos/Proveedores-servicios-de-billeteras-digitales-Interoperables.asp
|
| 42 |
|
| 43 |
http://www.bcra.gob.ar/SistemasFinancierosYdePagos/Entidades_financieras.asp
|
| 44 |
|
| 45 |
+
** certs in browsers
|
| 46 |
https://stackoverflow.com/questions/6566545/is-there-any-way-to-access-certificate-information-from-a-chrome-extension
|
| 47 |
https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest#accessing_security_information
|
| 48 |
https://chromium-review.googlesource.com/c/chromium/src/+/644858
|