Research on Malicious E-mail Detection Technology

doi:10.3969/j.issn.1671-1122.2018.09.013

Abstract

Abstract:

With the large leakage of personal privacy information, attackers can collect relevant information of the attack target, thereby creating an E-mail with high relevance to the recipients’ information to spread malicious code and APT attacks. Most of the traditional spam detection methods rely on the static features extracted from the E-mail, however, this has great limitations for the detection of complex and targeted new types of malicious E-mail. This paper thoroughly analyzed the development and changes of E-mail security threats in recent years, discovered the increasingly prominent issue of malicious E-mail security, then summarized the existing spam E-mail detection technology, and pointed out the inadequacies of malicious E-mail detection and proposed related improvement measures, finally introduced future research directions, and pointed out the inadequacies of malicious E-mail detection and proposed the future research directions.

Key words: spam E-mail, malicious E-mail, dynamic behavior, virtual machine introspection, detection

CLC Number:

TP309

Jian ZHANG, Wenzhen LI, Liangyi GONG. Research on Malicious E-mail Detection Technology[J]. Netinfo Security, 2018, 18(9): 80-85.

Figures/Tables 7

References 13

[1]	PATEL K, DUBEY S K.To Recognize and Analyze Spam Domains from Spam Emails by Data Mining[C]//IEEE. 3rd International Conference on Computing for Sustainable Global Development, March 16-18, 2016, New Delhi, India. New Jersey: IEEE, 2016: 4030-4035.
[2]	HUNT R, CARPINTER J.Current and New Developments in Spam Filtering[C]//IEEE. 14th IEEE International Conference on Networks, September 13-15, 2006, Singapore. New Jersey: IEEE, 2006: 1-6.
[3]	WEST A G, AVIV A J, CHANG Jian, et al.Spam Mitigation Using Spatio-temporal Reputations from Blacklist History[C]//ACM. 26th Annual Computer Security Applications Conference, December 5-9, 2010, Orlando, Florida. New York: ACM, 2010: 161-170.
[4]	MOURA G C M, SPEROTTO A, SADRE R, et al. Evaluating Third-party Bad Neighborhood Blacklists for Spam Detection[C]//IFIP, IEEE. 2013 IFIP/IEEE International Symposium on Integrated Network Management, May 27-31, 2013, Ghent, Belgium. New Jersey: IEEE, 2013: 252-259.
[5]	HIJAWI W, FARIS H, ALQATAWNA J, et al.Improving Email Spam Detection Using Content Based Feature Engineering Approach[C]//IEEE. 2017 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies, October 11-13, 2017, Aqaba, Jordan. New Jersey: IEEE, 2017: 1-6.
[6]	PATIL P, RANE R, BHALEKAR M. Detecting Spam and Phishing Mails Using SVM and Obfuscation URL Detection Algorithm[EB/OL]. , 2018-4-11.
[7]	ALAZAB M, LAYTON R, BROADHURST R, et al.Malicious Spam Emails Developments and Authorship Attribution[C]//IEEE. 4th Cybercrime and Trustworthy Computing Workshop, November 21-22, 2013, Sydney NSW, Australia. New Jersey: IEEE, 2014: 58-68.
[8]	SONGKHLA C N, PIROMSOPA K.Statistical Rules for Thai Spam Detection[C]//IEEE. 2nd International Conference on Future Networks, January 22-24, 2010, Sanya, Hainan, China. New Jersey: IEEE, 2010: 238-242.
[9]	GARFINKEL T, Rosenblum M. A Virtual Machine Introspection Based Architecture for Intrusion Detection[EB/OL]. , 2018-4-12.
[10]	ZHANG Jian, GAO Cheng, GONG Liangyi, et al.Research on Virtual Machine Introspection Technology[J]. Netinfo Security, 2017, 17(9): 63-68.
	张健,高铖,宫良一,等. 虚拟机自省技术研究[J]. 信息网络安全,2017,17(9):63-68.
[11]	DINABURG A, ROYAL P, SHARIF M, et al.Ether: Malware Analysis via Hardware Virtualization Extensions[C]//ACM. 15th ACM Conference on Computer and Communications Security, October 27-31, 2008, Alexandria, Virginia, USA. New York: ACM, 2008: 51-62.
[12]	NIU Pengfei, ZHANG Jian, CHANG Qing, et al.Research and Design on Abnormal Behavior Online Detection Platform Based on Xen[J]. Netinfo Security, 2016, 16(9): 139-144.
	牛鹏飞,张健,常青,等. 基于Xen的异常行为在线检测平台研究与设计[J]. 信息网络安全,2016,16(9):139-144.
[13]	BINDU V, THOMAS C.Performance Evaluation of Classifiers for Spam Detection with Benchmark Datasets[C]//IEEE. 2016 International Conference on Data Mining and Advanced Computing, March 16-18, 2016, Ernakulam, India. New Jersey: IEEE, 2016: 17-22.

[1]	Rong WANG, Chunguang MA, Peng WU. An Intrusion Detection Method Based on Federated Learning and Convolutional Neural Network [J]. Netinfo Security, 2020, 20(4): 47-54.
[2]	Lingyu BIAN, Linlin ZHANG, Kai ZHAO, Fei SHI. Ethereum Malicious Account Detection Method Based on LightGBM [J]. Netinfo Security, 2020, 20(4): 73-80.
[3]	Zhiyan ZHAO, Xiaomo JI. Research on the Intelligent Fusion Model of Network Security Situation Awareness [J]. Netinfo Security, 2020, 20(4): 87-93.
[4]	Zhaojun GU, Yitong REN, Chunbo LIU, Zhi WANG. Intranet Log Anomaly Detection Model Based on Conformal Prediction [J]. Netinfo Security, 2020, 20(3): 45-50.
[5]	Wenhua LUO, Caidian XU. Network Intrusion Detection Based on Improved MajorClust Clustering [J]. Netinfo Security, 2020, 20(2): 14-21.
[6]	Zongping LÜ, Chundi ZHAO, Zhaojun GU, Jingxian ZHOU. Dynamic Detection of Ransomware Based on Stacking Model Fusion [J]. Netinfo Security, 2020, 20(2): 57-57.
[7]	Hao ZHANG, Long CHEN, Zhiqiang WEI. Abnormal Traffic Detection Technology Based on Data Augmentation and Model Update [J]. Netinfo Security, 2020, 20(2): 66-74.
[8]	Tao JING, Wei WAN. Research on a P2P Network Communication Behavior Analytical Method for Status Migration Attribute-oriented [J]. Netinfo Security, 2020, 20(1): 16-25.
[9]	Xiaoran LI, Rong HAO, Jia YU. Certificateless Provable Data Possession with Data Uploading Control [J]. Netinfo Security, 2020, 20(1): 83-88.
[10]	Xin SONG, Kai ZHAO, Linlin ZHANG, Wenbo FANG. Research on Android Malware Detection Based on Random Forest [J]. Netinfo Security, 2019, 19(9): 1-5.
[11]	Jian KANG, Jie WANG, Zhengxu LI, Guangda ZHANG. A Model for Anomaly Intrusion Detection with Different Feature Extraction Strategies in IoT [J]. Netinfo Security, 2019, 19(9): 21-25.
[12]	Like CHEN, Shuhua RUAN, Xingshu CHEN, Haizhou WANG. Research on Intelligent Detection of Social Media Robot Accounts [J]. Netinfo Security, 2019, 19(9): 96-100.
[13]	Wenying FENG, Xiaobo GUO, Yuanye HE, Cong XUE. Intrusion Detection Model Based on Feedforward Neural Network [J]. Netinfo Security, 2019, 19(9): 101-105.
[14]	Liangchen CHEN, Baoxu LIU, Shu GAO. Research on Traffic Data Sampling Technology in Network Attack Detection [J]. Netinfo Security, 2019, 19(8): 22-28.
[15]	Xuli RAO, Pengna XU, Zhide CHEN, Li XU. Network Intrusion Detection with Incomplete Information Based on Deep Learning [J]. Netinfo Security, 2019, 19(6): 53-60.