Computer Science Professor Phani Vadrevu Receives $ 1.2 Million NSF Grant To Fight Social Engineering Attacks

If you have emails or spend time browsing the internet, you’ve probably experienced some form of social engineering hack, which is a fraudulent attempt to gain access to personal information or your money.

Survey scams, scareware and phishing mailings are some examples of such attempts which can lead to malware and ransomware infections and cause financial damage to victims.

Phani Vadrevu, professor of computer science at the University of New Orleans, received a $ 1.2 million grant from the National Science Foundation to develop methods to protect users from such social engineering attacks on the Web.

The project, which will use artificial intelligence to track and model online attacks, is expected to improve the research community’s understanding of web-based social engineering and have a substantial impact on user protection.

“The NSF grant is focused on developing client-side defenses against all web-based social engineering attacks,” said Vadrevu. “Our goal there is to develop AI-based defenses that can help protect users from such attacks.”

The four-year research project is a collaboration between the UN Cyber ​​Center, the University of Georgia and Stonybrook University in New York City, Vadrevu said.

To defend against such attacks, the Vadrevu team plans to develop a comprehensive framework that uses several advanced machine learning techniques to discover, model and defend against web-based social engineering attacks on computers. desktop and mobile devices.

Researchers plan to develop targeted web crawling techniques to automatically harvest, analyze, and categorize instances of new social engineering attacks on the Internet.

The defense systems designed will track how web pages are delivered to users, monitor their execution in the browser, and extract visual functionality, as well as network and web content metadata.

By learning how attack models work, defense systems should detect new attacks in real time on desktops and mobile devices, the researchers said.

“PhishPrint”, another research project on public impact

Vadrevu is also working on an independent but complementary Internet user advocacy project that has earned him a monetary “bounty” from Google and recognition from other sectors of the tech industry, including a presentation of the results at the USENIX Security Symposium. USENIX is a highly selective security conference that publishes research on cybersecurity.

Vadrevu’s research is titled “PhishPrint: Avoiding Phishing Detection Bots by Prior Profiling”. This is a measurement study that revealed weaknesses in security mining systems used by larger companies, such as Google, Microsoft, and AT&T.

“Right now, I am working on a grant proposal to develop defenses against such weaknesses,” Vadrevu said.

The lead author of the article, Bhupendra Acharya, is a U.N. graduate student whose research is part of his thesis, Vadrevu said.

Many internet companies use bots, also known as crawlers, to automatically search for websites to determine whether or not they are safe, Vadrevu said. These bots then quickly, in real time, create a block list of “dangerous websites” and notify the user.

All major web browsers including Chrome, Edge, Safari, and email services like Outlook use these website listings to keep users safe. For example, Google’s bot service called Google Safe Browsing is deployed on more than 4 billion devices and is used by around 2 billion users worldwide, Vadrevu said.

However, by capitalizing on the idiosyncrasies of some of the security bots, Vadrevu’s research found new ways to bypass the security measure.

Vadrevu said researchers could easily “take the fingerprints” of bots and use the information to create their own smart phishing websites that would display “safe” content only to bots from security companies. Meanwhile, the same website would show “dangerous” content to a large percentage of potential human users.

“Our experiments, conducted with proper ethical considerations, have shown that if regular phishing sites can be detected and closed by these detection bots within hours, our ‘smart’ phishing websites can stay alive indefinitely despite multiple submissions. to several popular security robots. “Vadrevu said.” It showed the seriousness of the weaknesses we found in crawlers. “

UN researchers have discovered these loopholes in 23 security bots, including those used by Google, Microsoft, AlienVault (of AT&T), PhishTank (of Cisco), Norton and Sophos, said Vadrevu.

As is customary with security documents, the researchers contacted the organizations and provided detailed information on the vulnerabilities discovered.

Google responded with a $ 5,000 grant from its Vulnerability Reward program for discovery, Vadrevu said.

Source link

Comments are closed.