信息网络安全 ›› 2018, Vol. 18 ›› Issue (9): 80-85.doi: 10.3969/j.issn.1671-1122.2018.09.013

• • 上一篇    下一篇

恶意邮件检测技术研究

张健, 栗文真, 宫良一   

  1. 天津理工大学计算机科学与工程学院,天津 300384
  • 收稿日期:2018-07-17 出版日期:2018-09-30 发布日期:2020-05-11
  • 作者简介:

    作者简介:张健(1968—),男,天津,正高级工程师,博士,主要研究方向为网络空间安全、恶意代码防治;栗文真(1994—),女,河北,硕士研究生,主要研究方向为信息安全;宫良一(1987—),男,山东,讲师,博士,主要研究方向为普适计算、网络与信息安全。

  • 基金资助:
    国家重点研发计划[2016YFB0800805];天津市科技服务业科技重大专项[16ZXFWGX00140]

Research on Malicious E-mail Detection Technology

Jian ZHANG, Wenzhen LI, Liangyi GONG   

  1. School of Computer Science and Engineering, Tianjin University of Technology, Tianjin 300384, China
  • Received:2018-07-17 Online:2018-09-30 Published:2020-05-11

摘要:

随着个人隐私信息的大量泄露,攻击者可以通过收集攻击目标的相关信息制作出信息关联度较高的邮件用于传播恶意代码和APT攻击。传统的垃圾邮件检测方法大多依赖于邮件中提取的静态特征,然而对于复杂的、有针对性的新型恶意邮件的检测有很大的局限性。文章深入分析了近年邮件安全威胁的发展变化,发现了日益突出的恶意邮件安全问题,总结了现有的垃圾邮件检测技术,同时指出了恶意邮件检测技术存在的不足并给出了未来研究方向。

关键词: 垃圾邮件, 恶意邮件, 动态行为, 虚拟机自省, 检测

Abstract:

With the large leakage of personal privacy information, attackers can collect relevant information of the attack target, thereby creating an E-mail with high relevance to the recipients’ information to spread malicious code and APT attacks. Most of the traditional spam detection methods rely on the static features extracted from the E-mail, however, this has great limitations for the detection of complex and targeted new types of malicious E-mail. This paper thoroughly analyzed the development and changes of E-mail security threats in recent years, discovered the increasingly prominent issue of malicious E-mail security, then summarized the existing spam E-mail detection technology, and pointed out the inadequacies of malicious E-mail detection and proposed related improvement measures, finally introduced future research directions, and pointed out the inadequacies of malicious E-mail detection and proposed the future research directions.

Key words: spam E-mail, malicious E-mail, dynamic behavior, virtual machine introspection, detection

中图分类号: