We will study how to detect targeted social engineering attacks that occur online. We will especially focus on spear phishing, which in recent years has been used to penetrate many enterprise and government systems. For instance, spear phishing has allowed attackers to steal over 40 million personal health records from major insurance companies and obtain background check information on over 20 million people from government systems. We will develop methods to detect spear phishing attacks, based on the patterns they induce in attack emails, with the goal of enabling organizations to defend themselves against this attack vector. We will also study other kinds of digital social engineering attacks. Our work aims to develop an understanding of exploitable human interactions in computer systems and derive a new set of techniques to prevent dangerous interactions.
Grant / January 2020