CyberCops: The Houston Alliance for Student Research on Deceptive Attacks

Abstract

This project engages undergraduate STEM ROTC students, military connected students, and student veterans, as well as graduate students and faculty from three universities located in Houston, Texas: Texas Southern University, University of Houston and University of Houston Downtown. The undergraduate CyberCops will build technical and research skills in three main areas: machine learning, natural language processing and cybersecurity, in the context of deception, fake news and social engineering attack detection. All three subfields of focus in this project are rapidly advancing in importance and scope in Internet-based societies and economies. Fake news and other deceptive attacks such as phishing, spear phishing, job scams, and business email compromise are increasing, according to the FBI Infragard and the Anti-Phishing Working Group. This is especially concerning in the remote work and learning environment caused by COVID-19, since corporate networks and resources are being accessed through less-secure home networks and devices.Although considerable research has been done on securing machines and networks by academia and industry experts, attackers are still succeeding by persuading Internet users to: either click on malicious links or download Trojan attachments. These attacks, called phishing or spearphishing, are typically sent through emails or messages, but they do have variants such as vishing (voice based), qrishing (QR codes based), and smishing (SMS based), etc. No amount of technology can save a system, if an employee downloads a malicious attachment, which enables privilege escalation by exploiting a zero-day vulnerability. CyberCops students will conduct research on deceptive attacks including phishing, spearphishing, business email compromise, job scams and social engineering attacks. PIs recent work shows that, although there is considerable work on phishing detection already, much of it has missed the security perspective. In particular, datasets used have been old and balanced, whereas real-world scenarios have evolving attacks and imbalanced ratios of legitimate instances versus attacks. Another issue is that the datasets tend to be quite small, perhaps because labeled data is hard to procure, whereas even a small-medium enterprise of 50-100 employees will typically receive upwards of 10K emails in a day. Specific CyberCops summer projects include: Real-time Processing and Reduced Annotation, Feature Analysis, Variants of Phishing, Proactive Security and Adversarial Machine Learning and User Susceptibility.

Document Details

Document Type

DoD Grant Award

Publication Date

Apr 06, 2021

Source ID

N000142112270

Entities

Tags