Issue No. 03 - May-June (2012 vol. 10)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.154
Rohan M. Amin , George Washington University
Julie J.C.H. Ryan , George Washington University
Johan Rene van Dorp , George Washington University
Targeted malicious emails (TME) for computer network exploitation have become more insidious and more widely documented in recent years. Beyond spam or phishing designed to trick users into revealing personal information, TME can exploit computer networks and gather sensitive information. They can consist of coordinated and persistent campaigns that can span years. A new email-filtering technique based on email's persistent-threat and recipient-oriented features with a random forest classifier outperforms two traditional detection methods, SpamAssassin and ClamAV, while maintaining reasonable false positive rates.
email, spam, threat, targeted attacks, TME spear phishing, recipient
R. M. Amin, J. J. Ryan and J. R. van Dorp, "Detecting Targeted Malicious Email," in IEEE Security & Privacy, vol. 10, no. , pp. 64-71, 2011.