EMT/MET: Systems for Modeling and Detecting Errant Email

  title={EMT/MET: Systems for Modeling and Detecting Errant Email},
  author={Salvatore J. Stolfo and Shlomo Hershkop and Ke Wang and Olivier Nimeskern},
The Malicious Email Tracking (MET) system is an online "behavior-based" security system employing anomaly detection techniques to detect deviations from a system’s or user’s normal email behavior, rather than solely by attempting to identify known attacks against a system via signature-based methods. The Email Mining Toolkit (EMT) is an offline data analysis system designed to assist a security analyst compute, visualize and test models of email behavior for use in MET. In this brief report, we… CONTINUE READING