Targeted phishing is one of the most common and damaging cybersecurity attacks, incurring tens of billions of dollars in losses a year. In order to increase the success of the phishing emails, attackers often craft emails that impersonate real people or legitimate online services, and send them from networks and hosting sites that have a high reputation. This leads major email security services, including Outlook and Gmail, to often misclassify these emails as legitimate.

In this summer research project, we will characterize the network signals in phishing emails on a proprietary email dataset in collaboration with Barracuda Networks. We plan to get a better understanding of where attackers send phishing emails, whether they relay these emails across multiple servers, and whether there are signals in the envelope of the email, all of which could lead to better detection of these attacks. Most of the prior characterizing network data for email is outdated, and primarily focuses on spam and not on targeted attacks. So we believe there is a significant potential for this project to be impactful.

Interested students should email a brief description of why they are interested in the project and what they hope to get from it (including rough time period and rough hours per week they hope to work), a CV/resume, an (unofficial) transcript, and (if available) links to Github repositories of related previous work or sample code.

Outcome

Be a full participant in a summer research project

Learning opportunity

Research experience, the ability to work on a large-scale security dataset with state-of-the-art tools (Spark)

One selected candidate may receive a stipend via the DSI Scholars program. Amount is subject to available funding.

Faculty Advisor

  • Professor: Asaf Cidon
  • Department/School: EE
  • Location: Morningside

Project Timeline

  • Anticipated workload: Desired commitment: 20-40 hours per week
  • Duration: 2020 summer, the project would be supervised by Professors Asaf Cidon and Ethan Katz-Bassett

Candidate requirements

  • Skills required: Spark, experience working with large-scale datasets, networking background, basic machine learning
  • Additional domain knowledge: Python programming experience, basic Linux experience
  • Student eligibility: freshman, sophomore, junior, senior, master’s