Abstract:

Phishing campaigns that target employees of enterprises are typically addressed with training, to avoid “trick and click” user behavior, and technical solutions that filter known phishing sites from corporate email and web traffic. Customers of an enterprise are easier prey; they generally are not protected with the same technical solutions. In this presentation, we describe fast detection of phishing sites using ML technology and quickly responding by changing the economics of the attack. We do this by flooding malicious websites with fake decoy credentials that poison whatever may have been stolen. These decoys are monitored for later misuse, which reveals information sufficient to fingerprint the phisher to detect their activities elsewhere. The content of phishing sites is analyzed for several purposes: a) to identify what identity information is sought by the fake site in order to generate believable decoy information for stuffing b) evaluating the danger of the site based upon this information, and c) profiling of the phisher based upon the variables they use in their html and JavaScript code. If time permits, we may provide a short description of a new research area, Cybersecurity for Quantum Computing.

Bio: Salvatore Stolfo is a Professor of Computer Science at Columbia University. He is regarded as creating the area of machine learning applied to computer security in the mid-1990’s and has created several anomaly detection algorithms and systems addressing some of the hardest problems in securing computer systems. He is an IEEE fellow and ACM fellow. Stolfo is the