Dr. Indrakshi Ray is a Professor in the Computer Science Department at Colorado State University. She is the Director of Colorado Center for Cybersecurity at Colorado State University. She is also the Site Director of NSF IUCRC Center for Cybersecurity Analytics and Automation. Dr. Ray has been a visiting faculty at Air Force Research Laboratory, Naval Research Laboratory, and at INRIA, Rocquencourt, France. She obtained her Ph.D. in Information Technology from George Mason University.
Dr. Ray's research interests include software assurance, data analytics and security. She has published almost two hundred technical papers in refereed journals and conference proceedings with the support from agencies including Air Force Research Laboratory, Air Force Office of Scientific Research, National Institute of Health, National Institute of Standards and Technology, National Science Foundation, the United States Department of Agriculture, and industries from the US, Norway, and Japan.
Dr. Ray is on the editorial board of IEEE Transactions on Services Computing, International Journal of Information Security, Computer Standards and Interfaces, and Associate Editor of IEEE Security & Privacy. She was a member of the editorial board of IEEE Transactions on Dependable and Secure Computing. She serves on the program committees of various prestigious conferences and has chaired many of them. Dr. Ray is a senior member of the IEEE and a senior member of the ACM. Dr. Ray is also active in endeavors trying to increase minority participation in Computer Science.
Phishing attacks, even with sophisticated detection algorithms, still dominate the cyber-crime landscape. FBI’s Internet Crime Complaint Center (IC3) reports phishing (including its various forms such as vishing, smishing, and pharming) to be the most prevalent crime type by number in 2019, with an estimated 12.5 billion USD in financial losses worldwide be- tween 2013-2018. Phishing attacks often aim to lure victims into fake websites that resemble genuine well-known ones. Users mistake these fake websites for real-ones and enter their sensitive personal information, such as credentials. Attackers capture this information and later use it for their own gains. Machine learning appears to be a promising technique for phishing detection. However, there appears to be some challenges in using machine learning effectively. These include lack of availability of attack data, existence of bias in the dataset, performance issues, and prone to adversarial attacks. Another challenging factor is that attackers change their strategies over time. We describe some of our recent works in addressing these challenges.