Collaborative Research: SaTC: CORE: Medium: Defending Against Social Engineering Attacks with In-Browser AI
协作研究:SaTC:核心:中:利用浏览器内人工智能防御社会工程攻击
基本信息
- 批准号:2422035
- 负责人:
- 金额:$ 40万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2023
- 资助国家:美国
- 起止时间:2023-10-01 至 2025-09-30
- 项目状态:未结题
- 来源:
- 关键词:
项目摘要
Web-based social engineering attacks represent a growing class of cyber-attacks that exploit weaknesses in humans' decision-making processes via pretexts, baiting, and phishing. These attacks aim at deceiving users into performing online actions that may have critical cyber security and privacy implications. For instance, users may be deceived by malicious websites into revealing sensitive personal information or installing malicious software in their devices because they believe they would get something for free (e.g., a gift card). This project makes the Internet safer by building novel and robust real-time in-browser defenses that use artificial intelligence methods to dynamically detect and block such kinds of web-based social engineering attacks before users are affected. The project artifacts have immense potential to transition to practical use via collaboration with Google and AARP. Furthermore, the project involves activities across three institutions to broaden the participation of underrepresented groups in computing.Existing web defenses often rely on reactive approaches (e.g., blocklists) that do not address social engineering attacks. Unlike previous approaches, this research introduces a novel framework for discovering, modeling, and defending against web-based social engineering attacks on both desktop and mobile environments. On the discovery front, this project introduces a web-crawler to automatically harvest, analyze, and categorize instances of social-engineering attacks, considering different browsing devices. Given the discoveries of the crawler, this project uses machine-learning approaches to model the in-browser behavior of the attacks. Finally, to defend users, the project introduces real-time in-browser defense systems that track how web pages and web push notifications are delivered to users, monitor how they are executed within the browser, and extract visual features as well as network and web-content metadata. Overall, this project's outcomes improve the research community's understanding of web-based social-engineering attacks and exerts practical impact in protecting users against these attacks.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
基于web的社会工程攻击代表了一种日益增长的网络攻击,这种攻击通过借口、诱饵和网络钓鱼来利用人类决策过程中的弱点。这些攻击旨在欺骗用户执行可能具有关键网络安全和隐私影响的在线操作。例如,用户可能会被恶意网站欺骗,泄露敏感的个人信息或在他们的设备中安装恶意软件,因为他们认为他们可以免费获得某些东西(例如礼品卡)。该项目通过构建新颖而强大的实时浏览器内防御,在用户受到影响之前使用人工智能方法动态检测和阻止此类基于网络的社会工程攻击,从而使互联网更安全。通过与谷歌和AARP的协作,项目工件具有巨大的转化为实际使用的潜力。此外,该项目涉及三个机构的活动,以扩大代表性不足的群体对计算机的参与。现有的网络防御通常依赖于反应性方法(例如,黑名单),而不能解决社会工程攻击。与以前的方法不同,本研究引入了一个新的框架,用于发现、建模和防御桌面和移动环境下基于web的社会工程攻击。在发现方面,该项目引入了一个网络爬虫,用于自动收集、分析和分类社会工程攻击实例,同时考虑到不同的浏览设备。鉴于爬虫的发现,该项目使用机器学习方法来模拟攻击的浏览器内行为。最后,为了保护用户,该项目引入了实时浏览器内防御系统,该系统跟踪网页和网络推送通知是如何传递给用户的,监控它们在浏览器内的执行情况,并提取视觉特征以及网络和网络内容元数据。总的来说,该项目的成果提高了研究界对基于web的社会工程攻击的理解,并在保护用户免受这些攻击方面产生了实际影响。该奖项反映了美国国家科学基金会的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
数据更新时间:{{ journalArticles.updateTime }}
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Krishna Phani Vadrevu其他文献
Krishna Phani Vadrevu的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Krishna Phani Vadrevu', 18)}}的其他基金
Collaborative Research: SaTC: CORE: Medium: Defending Against Social Engineering Attacks with In-Browser AI
协作研究:SaTC:核心:中:利用浏览器内人工智能防御社会工程攻击
- 批准号:
2126655 - 财政年份:2021
- 资助金额:
$ 40万 - 项目类别:
Standard Grant
相似国自然基金
Research on Quantum Field Theory without a Lagrangian Description
- 批准号:24ZR1403900
- 批准年份:2024
- 资助金额:0.0 万元
- 项目类别:省市级项目
Cell Research
- 批准号:31224802
- 批准年份:2012
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Cell Research
- 批准号:31024804
- 批准年份:2010
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Cell Research (细胞研究)
- 批准号:30824808
- 批准年份:2008
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Research on the Rapid Growth Mechanism of KDP Crystal
- 批准号:10774081
- 批准年份:2007
- 资助金额:45.0 万元
- 项目类别:面上项目
相似海外基金
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330940 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317232 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338301 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317233 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338302 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330941 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Small: Towards Secure and Trustworthy Tree Models
协作研究:SaTC:核心:小型:迈向安全可信的树模型
- 批准号:
2413046 - 财政年份:2024
- 资助金额:
$ 40万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: EDU: RoCCeM: Bringing Robotics, Cybersecurity and Computer Science to the Middled School Classroom
合作研究:SaTC:EDU:RoCCeM:将机器人、网络安全和计算机科学带入中学课堂
- 批准号:
2312057 - 财政年份:2023
- 资助金额:
$ 40万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Investigation of Naming Space Hijacking Threat and Its Defense
协作研究:SaTC:核心:小型:命名空间劫持威胁及其防御的调查
- 批准号:
2317830 - 财政年份:2023
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Small: Towards a Privacy-Preserving Framework for Research on Private, Encrypted Social Networks
协作研究:SaTC:核心:小型:针对私有加密社交网络研究的隐私保护框架
- 批准号:
2318843 - 财政年份:2023
- 资助金额:
$ 40万 - 项目类别:
Continuing Grant