SBIR-STTR Award

This Small Business Innovation Research (SBIR) Phase I project will develop a novel approach to protect people and businesses from damage inflicted by phony and malicious web-sites, which engage in URL-fraud. These web-sites exploit the carelessness and inexperience of users, who often mistype the name of a site or follow hyperlinks from email spam, which appears to be from a legitimate organization, such as their bank. The proposed core technology consists of a method to automatically detect whether a website is legitimate or not. The novelty of the work lies in the development of profiles, which capture multiple facets of the properties and the behavior of a website. The project requires a synergy between networking, datamining, graph-mining and machine learning in order to identify the right features in each profile and combine them intelligently for a final decision. The proposed work has high commercial potential and direct impact on regular Internet users. Web-fraud is an immediate and expensive problem that affects people and business through identity theft, email spam, and the spread of viruses, all of which are interconnected manifestations of Internet threats. Through the development of web-browser plug-ins and monitoring tools, the proposed technology will make web-surfing and email safer for the less tech-savvy people, such as elders and children, which are particularly vulnerable.

This Small Business Innovation Research Phase II project will develop a novel security capability for protecting websites against hackers by providing preventive and early diagnosis services. Compromising websites is an emerging and profitable business for hackers, with devastating effects since such attacks: (a) hurt the compromised site directly, e.g. stealing stored credit card information, (b) hurt the website visitors, who are subjected to viruses infections or identity theft via code injection, which turns a legitimate website into a distributor of malware, and (c) hurt the reputation of the code-injected website, which is inevitably blacklisted by search engines. The project will develop the technology to: (a) assess the vulnerability level of a website, (b) detect security breaches in the form of code injection, and (c) expedite the recovery of a compromised website. the proposed work focuses on three key goals: (a) massive scalability through the minimization of manual intervention, (b) robustness and manageability by a carefully designed software-hardware architecture, and (c) continuous process of self-improvement and assessment of performance. If successful, the impact of the proposed project has the potential to be immediate and direct: it promises to make website security more affordable, and not a luxury or an afterthought. Website security is an immediate and expensive problem: (a) it is estimate that most websites (over 60%) are vulnerable, (b) web-based malware spreading is taking the dimensions of a pandemic, (c) all of the reported 74M active websites are likely targets: from banks, to the local cookie store, and ultimately, (d) cyber-crime is a top national security threat according to the government. The proposed solution has the potential to make significant contributions in each of these four areas