Issue No.03 - May-June (2012 vol.10)
Rohan M. Amin , George Washington University
Julie J.C.H. Ryan , George Washington University
Johan Rene van Dorp , George Washington University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.154
Targeted malicious emails (TME) for computer network exploitation have become more insidious and more widely documented in recent years. Beyond spam or phishing designed to trick users into revealing personal information, TME can exploit computer networks and gather sensitive information. They can consist of coordinated and persistent campaigns that can span years. A new email-filtering technique based on email's persistent-threat and recipient-oriented features with a random forest classifier outperforms two traditional detection methods, SpamAssassin and ClamAV, while maintaining reasonable false positive rates.
email, spam, threat, targeted attacks, TME spear phishing, recipient
Rohan M. Amin, Julie J.C.H. Ryan, Johan Rene van Dorp, "Detecting Targeted Malicious Email", IEEE Security & Privacy, vol.10, no. 3, pp. 64-71, May-June 2012, doi:10.1109/MSP.2011.154