Grant / March 2024

LLM-Powered Spear Phishing Detection Solution

Problem Statement

“Imagine a bustling city street, alive with people going about their daily life. In this action-packed environment, a skilled pickpocket moves with stealth, blending anonymously and seamlessly into the crowd… but this isn’t just any ordinary thief – this is a highly skilled criminal that is carefully observing the behavior of the passerby, specifically identifying a victim to maximize the value gained and chance of success.”

Much like an adept pickpocket, Spear Phishing poses a grave threat in the digital realm. Crafted with precision and personalization, these deceptive emails slip past traditional cyber defenses, causing 66% of breaches despite making up less than 0.01% of all email traffic.

Abstract

The cybersecurity industry continues to grapple with the persistent threat of spear phishing attacks, which manipulate human psychology using intricate social engineering tactics through email. Existing defense strategies, including heuristic analysis, rule-based systems, and supervised learning, have yet to provide robust solutions to this challenge. Our research focuses on harnessing the emerging technology of Large Language Models (LLMs) to address this critical challenge. This innovative approach represents a paradigm shift in cybersecurity, leveraging deep learning and Natural Language Processing (NLP) with large datasets to more effectively combat increasingly sophisticated attacks. We plan to refine a specialized version of GPT with a dataset of real-world spear phishing emails to improve the model’s ability to discern the nuanced linguistic and contextual cues that characterize attacks. We aim to develop a solution that will proactively alert the end user within their inbox via an API call to our GPT. Through comprehensive validation and testing, we will evaluate the efficacy of our solution, including an analysis of how to minimize false positive and negative rates. Our research will provide a roadmap for future investigations and advancements in this domain. Our collaboration with CLTC underscores our dedication to exploring the ethical, legal, and societal implications of deploying AI-driven solutions in cybersecurity. Ultimately, we anticipate contributing valuable insights and methodologies to the academic community, enhancing our collective understanding of spear phishing detection strategies in the age of advanced AI technologies.

Project Description

Our Team AI Phish Fighters, developed a transformative solution fueled by Large Language Models (LLMs), colloquially known as Generative AI, and harnessed OpenAI’s GPT technology.  Our innovation reshapes the landscape of Spear Phishing defense, delivering real-time email analyses directly to your inbox.

Project Solution

  • The LLM-Powered Spear Phishing Detection Solution leverages OpenAI’s GPT to provide real-time analysis of emails, to identify whether any could be Spear Phishing
    • Lightweight integration with Outlook
      • Actionable insights delivered with negligible friction
    • Designed with users and nonprofits in mind
      • Highly effective at low cost
      • No technical expertise required
      • Minimal effort to implement and operate
  • Actionable insights at your fingertips for informed decisions.
  • User-Centric Design prioritizing ease of use for all, including nonprofits.
  • Cost-effective accessibility, ensuring broad adoption.
  • No Technical Expertise Required, making cybersecurity accessible to everyone.
  • Easy Implementation & Maintenance, reducing operational burdens.