A Behavior-Based Approach To Securing Email Systems
The Malicious Email Tracking (MET) system, reported in a prior publication, is a behavior-based security system for email services. The Email Mining Toolkit (EMT) presented in this paper is an offline email archive data mining analysis system that is designed to assist computing models of malicious email behavior for deployment in an online MET system. EMT includes a variety of behavior models for email attachments, user accounts and groups of accounts. Each model computed is used to detect anomalous and errant email behaviors. We report on the set of features implemented in the current version of EMT, and describe tests of the system and our plans for extensions to the set of models.
- EMT-ACNS03.pdf application/pdf 918 KB Download File
Also Published In
More About This Work
- Academic Units
- Computer Science
- Published Here
- April 30, 2010
Computer network security: Second International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2003, St. Petersburg, Russia, September 21-23, 2003: proceedings, Lecture Notes in Computer Science, vol. 2776 (New York: Springer, 2003), pp. 57-81.