Loading…

Loading grant details…

Completed STANDARD GRANT National Science Foundation (US)

Collaborative Research: SaTC: CORE: Medium: Defending Against Social Engineering Attacks with In-Browser AI

$4M USD

Funder National Science Foundation (US)
Recipient Organization University of Georgia Research Foundation Inc
Country United States
Start Date Oct 01, 2021
End Date Sep 30, 2025
Duration 1,460 days
Number of Grantees 1
Roles Principal Investigator
Data Source National Science Foundation (US)
Grant ID 2126641
Grant Description

Web-based social engineering attacks represent a growing class of cyber-attacks that exploit weaknesses in humans' decision-making processes via pretexts, baiting, and phishing. These attacks aim at deceiving users into performing online actions that may have critical cyber security and privacy implications. For instance, users may be deceived by malicious websites into revealing sensitive personal information or installing malicious software in their devices because they believe they would get something for free (e.g., a gift card).

This project makes the Internet safer by building novel and robust real-time in-browser defenses that use artificial intelligence methods to dynamically detect and block such kinds of web-based social engineering attacks before users are affected. The project artifacts have immense potential to transition to practical use via collaboration with Google and AARP.

Furthermore, the project involves activities across three institutions to broaden the participation of underrepresented groups in computing.

Existing web defenses often rely on reactive approaches (e.g., blocklists) that do not address social engineering attacks. Unlike previous approaches, this research introduces a novel framework for discovering, modeling, and defending against web-based social engineering attacks on both desktop and mobile environments. On the discovery front, this project introduces a web-crawler to automatically harvest, analyze, and categorize instances of social-engineering attacks, considering different browsing devices.

Given the discoveries of the crawler, this project uses machine-learning approaches to model the in-browser behavior of the attacks. Finally, to defend users, the project introduces real-time in-browser defense systems that track how web pages and web push notifications are delivered to users, monitor how they are executed within the browser, and extract visual features as well as network and web-content metadata.

Overall, this project's outcomes improve the research community's understanding of web-based social-engineering attacks and exerts practical impact in protecting users against these attacks.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

All Grantees

University of Georgia Research Foundation Inc

Advertisement
Apply for grants with GrantFunds
Advertisement
Browse Grants on GrantFunds
Interested in applying for this grant?

Complete our application form to express your interest and we'll guide you through the process.

Apply for This Grant