Seminar:
Scalable Approaches Towards Characterizing and Mitigating Emerging Phishing Scams
When: 11:00 am Thursday November 21st, 2024 |
Where: Room 3107 Patrick F. Taylor Hall |
ABSTRACT |
Phishing scams have rapidly evolved into sophisticated online threats, posing significant challenges to existing detection and prevention methods and resulting in billions of dollars in damages from data breaches and identity theft. In this talk, I will draw from my research to present a systematic, data-driven approach to combat emerging phishing scams by focusing on the identification of new sources of threat intelligence, the detection of novel evasion tactics, and the development of proactive defenses against adversarial techniques designed to circumvent detection. Additionally, I will examine the role of Generative AI in this landscape—not only as a tool that enables attackers to scale their efforts with minimal effort but also as a means to design more effective security warnings and training programs that can help end-users in identifying phishing scams. |
Sayak Saha RoyUniversity of Texas, ArlingtonSayak Saha Roy is currently pursuing a Ph.D. in Computer Science at the University of Texas at Arlington, advised by Prof. Shirin Nilizadeh. His research focuses on studying online abuse across various platforms, with an emphasis on developing real-time frameworks for detecting and reporting evasive phishing threats. He takes an interdisciplinary approach, integrating methods from Machine Learning, Natural Language Processing, Social Computing, and Software Security to achieve this goal.His work has been published in several top-tier security and web conferences, including IEEE S&P, ACM IMC, and ICWSM, and has been recognized by the industry (Comcast, Google), resulting in the takedown of over 68,000 scams. Notably, his work on using social media to identify zero-day social engineering scams earned the Best Paper award at APWG eCrime 2021, as well as the Comcast Innovation Grant in 2022 and 2024. Additionally, his recent work on exploiting commercial Large Language Models to generate evasive phishing attacks received the Distinguished Paper award at IEEE S&P 2024. |