信息网络安全 ›› 2015, Vol. 15 ›› Issue (9): 180-185.doi: 10.3969/j.issn.1671-1122.2015.09.041

• 入选论文 • 上一篇    下一篇

基于社会工程学的邮件样本关联分析

梁宏1(), 张慧云2, 肖新光2   

  1. 1. 国家计算机病毒应急处理中心,天津 300457
    2. 安天科技股份有限公司,黑龙江哈尔滨 150028
  • 收稿日期:2015-07-15 出版日期:2015-09-01 发布日期:2015-11-13
  • 作者简介:

    作者简介: 梁宏(1977-),女,天津,高级工程师,硕士,主要研究方向:计算机病毒应急处置;张慧芸(1988-),女,黑龙江,工程师,主要研究方向:恶意代码分析;肖新光(1974-),男,黑龙江,高级工程师,主要研究方向:反病毒引擎、恶意代码分析、APT检测与分析。

Analysis of E-mail Sample Correlation Based on Social Engineering

Hong LIANG1(), Hui-yun ZHANG2, Xin-guang XIAO2   

  1. 1. National Computer Virus Emergency Response Center, Tianjin 300457, China
    2. Antiy laboratory, Harbin Heilongjiang 150028, China
  • Received:2015-07-15 Online:2015-09-01 Published:2015-11-13

摘要:

文章从基于社会工程学的邮件攻击方式和造成的危害出发,对利用社会工程学的电子邮件攻击进行了深入的分析。目前利用社会工程学技巧依托电子邮件发起攻击已是常见攻击方法,是当前恶意代码流行的重要手段。文章依托捕获的一些安全事件,对邮件的传播手段、附件文件的攻击方法进行了关联分析。最后,通过提取同类特征挖掘出更多的类似攻击邮件,并进行了整体的关联分析与总结。

关键词: 社会工程学, 电子邮件, 恶意代码, 样本

Abstract:

Starting from the email attacks and hazards of view based on social engineering, the paper deeply analysis email attacks based on social engineering. Currently, email attack based on social engineering techniques is a common method of attack, and is an important channel of the malicious code. This paper relies on a number of captured events, and correlative analysis attack method by means of communication and attachment file of email. Finally, by extracting similar characteristic, the paper digs out more similar attack email, and gives the overall correlation analysis and summary.

Key words: social engineering, E-mail, malicious code, sample

中图分类号: