EPSRC logo

Details of Grant 

EPSRC Reference: EP/D051819/1
Title: Defending the Weakest Link: Intrusion via Social Engineering
Principal Investigator: Clark, Professor JA
Other Investigators:
Jacob, Dr J Banse, Dr R
Researcher Co-Investigators:
Project Partners:
Department: Computer Science
Organisation: University of York
Scheme: Standard Research (Pre-FEC)
Starts: 01 August 2006 Ends: 31 January 2010 Value (£): 189,277
EPSRC Research Topic Classifications:
Networks & Distributed Systems Software Engineering
EPSRC Industrial Sector Classifications:
No relevance to Underpinning Sectors
Related Grants:
Panel History:  
Summary on Grant Application Form
Fraud has been with us since time immemorial. With the rise of cyberspace opportunities for fraud abound. Recent years has seen a dramatic increase in what have become known as 'phishing' attacks. The most obvious means is via email. You might receive an email purporting to be from a familiar organisation, e.g. your bank, indicating that some information they maintain on you is inaccurate. You are requested to click on a link that takes you to a web page where you are requested to enter confidential information, such as your account number and on-line banking password details (and other confidential information). The message might also threaten to suspend you account if you do not do so.On the face of it this is a plausible scenario. The messages and web site look authentic, but they are not. If you have responded as requested then your confidential details are now in the hands of a frauster. What you expected to be the result of your actions is not the actual result - though it may be a while (too late) before you realise this. Your model of the world is at odds with reality. But by scrutinising the email carefully can we deduce that it is likely to be a phishing attack?This project will investigate phishing attacks, attempting to extract features of attempted cons. We shall do this using our security expertise and experience informed by methodical empirical surveys carried out by an experienced psychology researcher.If we can formalise these features then we can attempt to automatically detect phishing attacks. The benefits of doing so are obvious. Phishing attacks may be short lived; they need only to persuade a few unfortunate naive people to fall for the con to have succeeded. We need to identify phishing attacks at the earliest opportunity. We aim to develop prototype tool support to determine the degree to which we can actually detect phishing attacks automatically and test it out initially in a campus environment (where user sophistication varies hugely).
Key Findings
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Potential use in non-academic contexts
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Impacts
Description This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Summary
Date Materialised
Sectors submitted by the Researcher
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Project URL: http://www.cs.york.ac.uk/security/projDWL.html
Further Information:  
Organisation Website: http://www.york.ac.uk