We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
EMICS: E-mail based Malware Infected IP Collection System.
- Authors
Taejin Lee; Jin Kwak
- Abstract
Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.
- Subjects
CYBERTERRORISM; MALWARE; CYBERSPACE; INTERNET protocol address; INFRASTRUCTURE (Economics); INTERNET of things
- Publication
KSII Transactions on Internet & Information Systems, 2018, Vol 12, Issue 6, p2881
- ISSN
1976-7277
- Publication type
Article
- DOI
10.3837/tiis.2018.06.024