Skip to content

Detecting Targeted Malicious Email

Authors: Rohan M. Amin, Julie J.C.H. Ryan, and J. ReneĢ van Dorp

Publication: IEEE Security and Privacy, vol. 10, no. 3, pp. 64-71, May-June 2012, doi:10.1109/MSP.2011.154

Abstract: Targeted malicious emails (TME) for computer network exploitation have become more insidious and more widely documented in recent years. Beyond spam or phishing designed to trick users into revealing personal information, TME can exploit computer networks and gather sensitive information. They can consist of coordinated and persistent campaigns that can span years. A new email-filtering technique based on email’s persistent-threat and recipient-oriented features with a random forest classifier outperforms two traditional detection methods, SpamAssassin and ClamAV, while maintaining reasonable false positive rates.

Paper is here.

Post a Comment

Your email is never published nor shared. Required fields are marked *