Google supercharges Chrome’s phishing detection mechanism

Author

Original post of this article

Google supercharges Chrome’s phishing detection mechanism

Vastly improved detection speeds in Chrome 92 eases CPU processing burden

Google has unveiled new phishing protection improvements for Chrome

Google says the latest version of Chrome detects phishing scams 50 times faster than its predecessor.

This dramatic improvement means users of Chrome 92, which was released on Tuesday (July 20), will be warned more quickly that they’ve unwittingly navigated to a malicious domain, claims the tech giant.

Users will on average “get their phishing classification results after 100 milliseconds, instead of 1.8 seconds”, explained Chrome developer Olivier Li Shing Tat-Dupuis in a blog post.

“This speed improvement makes a real difference in security – especially when it comes to stopping you from entering your password in a malicious site!”

Li Shing Tat-Dupuis says the streamlined detection algorithm also eases the burden on CPU time and therefore drains less battery power.

Color me good

Chrome’s development team achieved this through computational tweaks to how Chrome compares a web page’s color profile – comprising the range and frequency of colors presented – to those of known phishing domains.

Chrome’s phishing detection feature counts the basic colors in each pixel and stores the counts in one of three associative data structures called ‘hashmaps’ (for red, green, and blue colors).

Catch up on the latest browser security news and analysis

The algorithm has been updated to abandon tracking red-green-blue channels in three different hashmaps in favor of “only one to index by color” – slashing counting volumes by a factor of three.

“Consecutive pixels are summed before being counted in the hashmap,” said Li Shing Tat-Dupuis. “For a site with a uniform background color, this can reduce the hashmap overhead to almost nothing.”

CPU relaxation

This streamlines image processing, which “can often generate heavy workloads” for CPUs given “some modern monitors display upwards of 14 million pixels”, said the Chrome developer.

When Safe Browsing mode is enabled, images are analyzed by the user’s machine rather than outside of the browser in order to preserve privacy.

The optimized phishing mechanism has cut CPU time used by Chrome renderer and utility processes by 1.2%.

“Chrome now executes image-based phishing classification up to 50 times faster at the 50th percentile and 2.5 times faster at the 99th percentile,” said Li Shing Tat-Dupuis.

RELATED Google to bolster Chrome privacy protections with HTTPS-First Mode

More
articles