• DocumentCode
    1366126
  • Title

    Detecting Targeted Malicious Email

  • Author

    Amin, Rohan M. ; Ryan, Julie J C H ; Van Dorp, J. René

  • Author_Institution
    George Washington Univ., Washington, DC, USA
  • Volume
    10
  • Issue
    3
  • fYear
    2012
  • Firstpage
    64
  • Lastpage
    71
  • Abstract
    Targeted malicious emails (TME) for computer network exploitation have become more insidious and more widely documented in recent years. Beyond spam or phishing designed to trick users into revealing personal information, TME can exploit computer networks and gather sensitive information. They can consist of coordinated and persistent campaigns that can span years. A new email-filtering technique based on email´s persistent-threat and recipient-oriented features with a random forest classifier outperforms two traditional detection methods, SpamAssassin and ClamAV, while maintaining reasonable false positive rates.
  • Keywords
    computer crime; information filtering; pattern classification; trees (mathematics); unsolicited e-mail; ClamAV; SpamAssassin; computer network exploitation; coordinated campaign; email persistent-threat feature; email-filtering technique; false positive rate; persistent campaign; personal information; phishing; random forest classifier; recipient-oriented feature; sensitive information; spam; targeted malicious email detection; Computer security; Electronic mail; Feature extraction; Google; Internet; Unsolicited electronic mail; TME spear phishing; email; recipient; spam; targeted attacks; threat;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2011.154
  • Filename
    6065730
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1366126