Worldwide, billions of users have been affected by cyberattacks born of socially engineered email offensives that cause everything from mild inconveniences to putting human lives at risk when resources such as hospitals and government agencies are compromised.
Gang Wang, an assistant professor of computer science in Virginia Tech’s College of Engineering, has received a National Science Foundation (NSF) Faculty Early Career Development Award (CAREER) to develop methods to thwart increasingly disruptive and dangerous cybersecurity threats from phishing attacks.
Wang will use the five-year grant, totaling $538,522, to create novel techniques that combine human intelligence and machine learning to combat real-world phishing attacks.
“Right now, automated detection systems run by algorithms tend to let questionable emails go through because false detections can be costly to users,” said Wang. “Think about all the email you receive in a day and how frustrated you would be if you were constantly missing important messages. What I am hoping to accomplish with this grant is to combine the nuance of human understanding in the smaller amount of emails that are questionable and develop techniques to help machines more easily uncover new attacks while maintaining the reliability of the system.”
The crux of the email phishing problem is twofold. While machines are excellent at combing through huge amounts of data very quickly, they are not good at detecting nuanced cues humans could otherwise readily detect. Secondly, no matter how sophisticated the machine learning models that are employed, advanced machine learning models only use historical data and are ineffective at detecting new threats that invariably pop up.
In some cases it may take only one or two emails to breach a large system.
Wang’s project has three broad goals: develop new measurement tools to automatically diagnose vulnerabilities in the existing phishing defense for email and social network systems; create novel machine learning interpretation techniques to drastically enhance users’ ability for phishing detection; and identify new crowdsourcing methods to produce reliable and real-time phishing alerts.
Wang’s preliminary results showed that carefully crafted phishing emails can penetrate most existing defenses, including Gmail, Outlook, and iCloud, leaving users exposed to phishing without any warnings. He based his findings on a scanning of 1 million domains and a penetration test on 35 email services.
Wang will study the effectiveness of his techniques using automated methods to block the massive phishing attacks with clear malicious signals while delivering the small portion of uncertain messages to users for further investigation. To improve the user ability of phishing detection, he will investigate fundamental techniques to translate machine learning results to human-interpretable semantics to assist users’ decision-making. The crowdsourced user results will then be aggregated to produce real-time phishing alerts for the broad Internet community.
Established in 1995, the NSF CAREER Award is the most prestigious award given by the NSF in support of junior faculty who demonstrate the potential to effectively integrate research and education.
Written by Amy Loeffler