Abstract: The rapid adoption of QR codes in digital payments, authentication, and information sharing has increased cybersecurity risks, particularly QR-code-based phishing attacks known as quishing. Traditional machine learning methods rely on handcrafted features and often lack interpretability, limiting their effectiveness against evolving threats. This paper proposes an explainable deep learning–based framework for malicious QR code detection using a convolutional neural network (CNN) to classify QR code images as benign or malicious. To improve transparency, Grad-CAM is applied to highlight important regions influencing model decisions, while a post-hoc URL analysis module examines protocol usage, domain age, and suspicious lexical patterns to validate predictions. Experimental results demonstrate high detection accuracy along with meaningful visual and analytical explanations, making the proposed approach suitable for real-world cybersecurity applications.

Keywords: QR Code Security, Malicious QR Detection, Deep Learning, CNN, Grad-CAM, Cybersecurity, URL Analysis, Image Classification

Downloads: | DOI: 10.17148/IJIREEICE.2026.14445