The Community for Technology Leaders
RSS Icon
Issue No.03 - May-June (2012 vol.10)
pp: 64-71
Rohan M. Amin , George Washington University
Julie J.C.H. Ryan , George Washington University
Johan Rene van Dorp , George Washington University
Targeted malicious emails (TME) for computer network exploitation have become more insidious and more widely documented in recent years. Beyond spam or phishing designed to trick users into revealing personal information, TME can exploit computer networks and gather sensitive information. They can consist of coordinated and persistent campaigns that can span years. A new email-filtering technique based on email's persistent-threat and recipient-oriented features with a random forest classifier outperforms two traditional detection methods, SpamAssassin and ClamAV, while maintaining reasonable false positive rates.
email, spam, threat, targeted attacks, TME spear phishing, recipient
Rohan M. Amin, Julie J.C.H. Ryan, Johan Rene van Dorp, "Detecting Targeted Malicious Email", IEEE Security & Privacy, vol.10, no. 3, pp. 64-71, May-June 2012, doi:10.1109/MSP.2011.154
1. Targeted Trojan Email Attacks, briefing 08/2005, Nat'l Infrastructure Security Co-ordination Centre, 2005;
2. Targeted Trojan Email Attacks, tech. cybersecurity alert TA05-189A, US-CERT, 2005;
3. J.A. Lewis, "Holistic Approaches to Cybersecurity to Enable Network Centric Operations," statement before Armed Services Committee, Subcommittee on Terrorism, Unconventional Threats and Capabilities, 110th Cong., 2nd sess., 1 April 2008.
4. 2009 Report to Congress of the U.S.-China Economic and Security Review Commission, report, Nov. 2009;
5. B. Krekel, Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation, Oct. 2009;
6. I. Androutsopoulos et al., "An Experimental Comparison of Naive Bayesian and Keyword-Based Anti-Spam Filtering with Personal E-mail Messages," Proc. 23rd Ann. Int'l ACM SIGIR Conf. Research and Development in Information Retrieval, ACM, 2000, pp. 160–167.
7. R.M. Amin, "Detecting Targeted Malicious Email through Supervised Classification of Persistent Threat and Recipient Oriented Features," PhD thesis, Dept. Eng. and Applied Sciences, George Washington Univ., 2011.
8. L. Breiman, "Random Forests," Machine Learning, vol. 45, no. 1, 2001, pp. 5–32.
9. T. Hastie, R. Tibshirani, and J. Friedman, The Elements of Statistical Learning: Data Mining, Inference, and Prediction, 2nd ed., Springer, 2008.
10. E. Hutchins, M. Cloppert, and R. Amin, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains," Proc. 6th Int'l Conf. Information Warfare and Security (ICIW 11), Academic Conferences, 2011, pp. 113–125.
29 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool