Web-based behavior-manipulation attacks (BMAs) - such as scareware, fake software downloads, tech support scams, etc. - are a class of social engineering (SE) attacks that exploit human decision-making vulnerabilities. These attacks remain under-studied compared to other attacks such as information harvesting attacks (e.g., phishing) or malware infections. Prior technical work has primarily focused on measuring BMAs, offering little in the way of generic defenses. To address this gap, we introduce Pixel Patrol 3D (PP3D), the first end-to-end browser framework for discovering, detecting, and defending against behavior-manipulating SE attacks in real time. PP3D consists of a visual detection model implemented within a browser extension, which deploys the model client-side to protect users across desktop and mobile devices while preserving privacy. Our evaluation shows that PP3D can achieve above 99% detection rate at 1% false positives, while maintaining good latency and overhead performance across devices. Even when faced with new BMA samples collected months after training the detection model, our defense system can still achieve above 97% detection rate at 1% false positives. These results demonstrate that our framework offers a practical, effective, and generalizable defense against a broad and evolving class of web behavior-manipulation attacks.

翻译：基于网络的行为操纵攻击（BMA）——例如恐吓软件、虚假软件下载、技术支持诈骗等——是一类利用人类决策漏洞的社会工程（SE）攻击。与信息窃取攻击（如钓鱼攻击）或恶意软件感染等其他攻击相比，此类攻击的研究尚不充分。先前的技术工作主要集中于测量BMA，而在通用防御方面贡献甚少。为填补这一空白，我们提出了Pixel Patrol 3D（PP3D），这是首个用于实时发现、检测和防御行为操纵型社会工程攻击的端到端浏览器框架。PP3D包含一个在浏览器扩展中实现的视觉检测模型，该模型在客户端部署以保护桌面和移动设备用户，同时保护隐私。我们的评估表明，PP3D在1%误报率下可实现超过99%的检测率，同时在各类设备上保持良好的延迟和开销性能。即使面对检测模型训练后数月收集的新BMA样本，我们的防御系统在1%误报率下仍能实现超过97%的检测率。这些结果表明，我们的框架为广泛且不断演变的网络行为操纵攻击提供了一种实用、有效且可推广的防御方案。