cacr logo

apwg logo


Who are we?

some students studying
Image © 2005 Indiana Daily Student,

The phishing group at Indiana University is one of the strongest research groups in this field, with an unusual breadth in competence ranging from technical issues and user interface design to social and legal issues, and faculty in Informatics, Computer Science, Psychology and the School of Law. We study deception and technical vulnerabilities to understand better what makes phishing work - using this knowledge we then develop countermeasures aimed at reducing the threat and allowing detection of attacks. As soon as we identify a new attack, we alert affected parties, and suggest appropriate countermeasures. With a substantial corporate involvement, we make certain that we address relevant problems.

We understand that security is more than technology - it is also a matter of suitable user interfaces, human psychology, economic factors, and legal limitations and ramifications. The strengths of this holistic approach include numerous connections to and collaborative efforts with research groups representing these areas. Our approach has won us world recognition, both in academic and corporate settings, and helps propel our students to highly competitive summer internships and employment opportunities.

How can you join?

If you are already a student at Indiana University, and are interested in joining our research group, please let us know, and we will welcome you to our seminars, suggest classes for you to take, and describe exciting projects that you can get involved in.

If you are not a student at Indiana University, please take a look at our degree programs, whether undergraduate, masters or doctorate programs. The cybersecurity program is based on a well balanced combination of applied and theoretical foundations of security. Students will be immersed in material reflecting the most recent trends, including cryptography, wireless technologies, pervasive computing, electronic voting and medical security applications. Students will also build an intimate knowledge of various forms of attacks, including phishing, click-fraud, denial of service and malware. This knowledge will allow them to understand likely trends and enable them to devise better countermeasures. We combine the traditional classroom approach with a hands-on approach in which our students get an insider's view of everything from the honeypot project to the daily operation of the Internet2 operations center.

If you are already enrolled in another degree program, or are not interested in applying to IU at this point, we are still happy to work with you. We accept visitors coming with their own funding, assuming an alignment in skills and interests. As a visitor, you will be welcomed into our group, and offered the opportunity to participate in one or more projects of interest to you.