Loading…
Loading grant details…
| Funder | National Science Foundation (US) |
|---|---|
| Recipient Organization | University of Georgia Research Foundation Inc |
| Country | United States |
| Start Date | Oct 01, 2021 |
| End Date | Sep 30, 2025 |
| Duration | 1,460 days |
| Number of Grantees | 1 |
| Roles | Principal Investigator |
| Data Source | National Science Foundation (US) |
| Grant ID | 2126641 |
Web-based social engineering attacks represent a growing class of cyber-attacks that exploit weaknesses in humans' decision-making processes via pretexts, baiting, and phishing. These attacks aim at deceiving users into performing online actions that may have critical cyber security and privacy implications. For instance, users may be deceived by malicious websites into revealing sensitive personal information or installing malicious software in their devices because they believe they would get something for free (e.g., a gift card).
This project makes the Internet safer by building novel and robust real-time in-browser defenses that use artificial intelligence methods to dynamically detect and block such kinds of web-based social engineering attacks before users are affected. The project artifacts have immense potential to transition to practical use via collaboration with Google and AARP.
Furthermore, the project involves activities across three institutions to broaden the participation of underrepresented groups in computing.
Existing web defenses often rely on reactive approaches (e.g., blocklists) that do not address social engineering attacks. Unlike previous approaches, this research introduces a novel framework for discovering, modeling, and defending against web-based social engineering attacks on both desktop and mobile environments. On the discovery front, this project introduces a web-crawler to automatically harvest, analyze, and categorize instances of social-engineering attacks, considering different browsing devices.
Given the discoveries of the crawler, this project uses machine-learning approaches to model the in-browser behavior of the attacks. Finally, to defend users, the project introduces real-time in-browser defense systems that track how web pages and web push notifications are delivered to users, monitor how they are executed within the browser, and extract visual features as well as network and web-content metadata.
Overall, this project's outcomes improve the research community's understanding of web-based social-engineering attacks and exerts practical impact in protecting users against these attacks.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
University of Georgia Research Foundation Inc
Complete our application form to express your interest and we'll guide you through the process.
Apply for This Grant