EMT/MET: Systems for Modeling and Detecting Errant Email

Abstract

The Malicious Email Tracking (MET) system is an online "behavior-based" security system employing anomaly detection techniques to detect deviations from a system’s or user’s normal email behavior, rather than solely by attempting to identify known attacks against a system via signature-based methods. The Email Mining Toolkit (EMT) is an offline data analysis system designed to assist a security analyst compute, visualize and test models of email behavior for use in MET. In this brief report, we enumerate the features implemented in the EMT system.

DOI: 10.1109/DISCEX.2003.1194980

1 Figure or Table

Cite this paper

@inproceedings{Stolfo2003EMTMETSF, title={EMT/MET: Systems for Modeling and Detecting Errant Email}, author={Salvatore J. Stolfo and Shlomo Hershkop and Ke Wang and Olivier Nimeskern}, booktitle={DISCEX}, year={2003} }