Identifying Email Threats Using Predictive Analysis
| Title | Identifying Email Threats Using Predictive Analysis |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Zeng, Y. G. |
| Conference Name | 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security) |
| ISBN Number | 978-1-5090-5063-5 |
| Keywords | Analytical models, attackers, Collaboration, composability, Computer crime, Electronic mail, email threat identification, feature extraction, invasive software, learning (artificial intelligence), machine learning algorithms, machine learning model, malicious emails, Malware, malware attachment, policy, Policy-Governed Secure Collaboration, Policy-Governed systems, predictive analysis approach, Predictive models, pubcrawl, Random Forest, Sandboxing, static analysis, Support vector machines, targeted attacks, Uniform resource locators, unseen emails, unsolicited e-mail, URL |
| Abstract | Malicious emails pose substantial threats to businesses. Whether it is a malware attachment or a URL leading to malware, exploitation or phishing, attackers have been employing emails as an effective way to gain a foothold inside organizations of all kinds. To combat email threats, especially targeted attacks, traditional signature- and rule-based email filtering as well as advanced sandboxing technology both have their own weaknesses. In this paper, we propose a predictive analysis approach that learns the differences between legit and malicious emails through static analysis, creates a machine learning model and makes detection and prediction on unseen emails effectively and efficiently. By comparing three different machine learning algorithms, our preliminary evaluation reveals that a Random Forests model performs the best. |
| URL | https://ieeexplore.ieee.org/document/8074848/ |
| DOI | 10.1109/CyberSecPODS.2017.8074848 |
| Citation Key | zeng_identifying_2017 |
- Policy
- URL
- unsolicited e-mail
- unseen emails
- Uniform resource locators
- targeted attacks
- Support vector machines
- static analysis
- sandboxing
- Random Forest
- pubcrawl
- Predictive models
- predictive analysis approach
- Policy-Governed systems
- Policy-Governed Secure Collaboration
- Analytical models
- malware attachment
- malware
- malicious emails
- machine learning model
- machine learning algorithms
- learning (artificial intelligence)
- invasive software
- feature extraction
- email threat identification
- Electronic mail
- Computer crime
- composability
- collaboration
- attackers