Combining Behavior Models to Secure Email Systems

@inproceedings{Stolfo2003CombiningBM,
  title={Combining Behavior Models to Secure Email Systems},
  author={S. Stolfo and Chia-Wei Hu and Wei-Jen Li and S. Hershkop and Ke Wang and Olivier Nimeskern},
  year={2003}
}
We introduce the Email Mining Toolkit (EMT), a system that implements behavior-based methods to improve security of email systems. Behavior models of email flows and email account usage may be used for a variety of detection tasks. Behavior-based models are quite different from "content-based" models in common use today, such as virus scanners. We evaluate the soundness of these techniques for the detection of the onset of viral propagations. The results achieved for the detection of the onset… Expand
Toward Email Archive Intrusion Detection
TLDR
A simple probabilistic model of user email behavior that correlates email senders and users’ dispositions of email messages is developed, suggesting that anomaly detection is a feasible strategy for securing email archives, one that does not require changes in user authentication or access patterns. Expand
A uniform approach for multilevel email security using image authentication, compression, OTP & cryptography
TLDR
This work proposes a safe confirmation administration construction modelling ISA-CC (Image Sequence Authentication-Compression & Cryptography) that is picture based and wipes out the requirement for content passwords. Expand
Detection of Anomalous Mailing Behavior Using Novel Data Mining Approaches
The paper presents a novel method for detecting anomalous mailing behavior based on data mining approaches. Known or unknown email viruses may cause anomalous behaviors. Such behavior can be measuredExpand
User identity verification via mouse dynamics
TLDR
This work introduces a novel method that continuously verifies users according to characteristics of their interaction with the mouse based on their physiological and behavioral characteristics and proposes a hierarchy of mouse actions from which the features are extracted. Expand
Social feature-based enterprise email classification without examining email contents
TLDR
The emphasis on social features in the proposed email classification method is a promising alternative for solving similar email classification problems, and experimental results demonstrate the high accuracy of the proposed method in classifying emails. Expand
A survey on E-mail Security and Authentication Process
TLDR
This paper focuses on novel information concealing methods gave by the field of steganography to confirm an encoded computerized signature, covered up in an advanced picture, using a calculation which utilizes these two procedures together and examines the execution of the framework. Expand
Cipher Technique to Secure Email Contents
Billions of emails are sent all over the world. Many a times these emails contain sensitive information. The email system providers do provide security for the emails sent. But if the authenticationExpand
Indirect Human Computer Interaction-Based Biometrics for Intrusion Detection Systems
  • R.V. Yampolskiy
  • Computer Science
  • 2007 41st Annual IEEE International Carnahan Conference on Security Technology
  • 2007
TLDR
This paper concentrates on the review and analysis of indirect human computer interaction-based biometrics frequently used in intrusion detection systems and an experimental demonstration of an intrusion detection system based on network traffic analysis. Expand
One Class Model Training for Zero-Day Virus Detection
The big ideas to write about in this introductory section is a) this is an improvement over prior MEF version that was based upon training models to detect new viruses using examples of known virusesExpand
Human Computer Interaction Based Intrusion Detection
  • Roman V Yampolskiy
  • Computer Science
  • Fourth International Conference on Information Technology (ITNG'07)
  • 2007
TLDR
The state of the art in human computer interaction based biometrics which are based on abilities, style, preference, knowledge, or strategy used by people while working with a computer are surveyed. Expand
...
1
2
...

References

SHOWING 1-10 OF 19 REFERENCES
MET: an experimental system for Malicious Email Tracking
TLDR
MET is a database of statistics about the trajectory of email attachments in and out of a network system, and the culling together of these statistics across networks to present a global view of the spread of the malicious software. Expand
MEF: Malicious Email Filter - A UNIX Mail Filter That Detects Malicious Windows Executables
TLDR
A freely distributed malicious binary filter incorporated into Procmail that can detect malicious Windows attachments by integrating with a UNIX mail server and allows for the efficient propagation of detection models from a central server. Expand
Learning Patterns from Unix Process Execution Traces for Intrusion Detection
TLDR
The preliminary experiments to extend the work pioneered by Forrest on learning the (normal abnormal) patterns of Unix processes can be used to identify misuses of and intrusions in Unix systems indicate that machine learning can play an important role by generalizing stored sequence information to perhaps provide broader intrusion detection services. Expand
Throttling viruses: restricting propagation to defeat malicious mobile code
  • Matthew M. Williamson
  • Computer Science
  • 18th Annual Computer Security Applications Conference, 2002. Proceedings.
  • 2002
TLDR
A simple technique to limit the rate of connections to "new" machines that is remarkably effective at both slowing and halting virus propagation without affecting normal traffic is described. Expand
Mining Audit Data to Build Intrusion Detection Models
TLDR
A data mining framework for constructing intrusion detection models to mine system audit data for consistent and useful patterns of program and user behavior, and use the set of relevant system features presented in the patterns to compute classifiers that can recognize anomalies and known intrusions. Expand
Email networks and the spread of computer viruses.
TLDR
Empirically the structure of this network of connections between individuals over which the virus spreads is investigated using data drawn from a large computer installation, and the implications for the understanding and prevention of computer virus epidemics are discussed. Expand
Machine learning
TLDR
Machine learning addresses many of the same research questions as the fields of statistics, data mining, and psychology, but with differences of emphasis. Expand
The "DGX" distribution for mining massive, skewed data
TLDR
This paper proposes a new probability distribution, the Discrete Gaussian Exponential (DGX), to achieve excellent fits in a wide variety of settings; this new distribution includes the Zipf distribution as a special case. Expand
Gauging Similarity with n-Grams: Language-Independent Categorization of Text
TLDR
A language-independent means of gauging topical similarity in unrestricted text by combining information derived from n-grams with a simple vector-space technique that makes sorting, categorization, and retrieval feasible in a large multilingual collection of documents. Expand
Computer Intrusion: Detecting Masquerades
TLDR
This document is intended to be used for educational purposes only, and should not be used as a guide to deal with individuals or groups unfamiliar with the use of these services. Expand
...
1
2
...