Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.2.197

A Study On Malicious Mail Training Model  

Kang, Young-Mook (Korea Graduate School of Information Security)
Lee, Sang-Jin (Korea Graduate School of Information Security)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.2, 2020 , pp. 197-212 More about this Journal
Abstract
With the advent of virtual currency and electronic wallets creating a way to make financial gains based on anonymity, malicious code dissemination using malicious mail has continued to increase. In order to minimize the damage, the human factors, security awareness and the ability to respond, which are technical factors, should be improved evenly, which can be improved through malicious mail training. This study presented a model considering the performance of malicious mail training, such as practice. It was classified as a training for enhancing awareness of security for employees and detection and response to improve their ability to respond to malicious mail. A training system suitable for the purpose, the core functions of malware training, implementation and camouflage skills, and bypass techniques were described. Based on the above model, the training data conducted over three years were collected and the effectiveness of the training was studied through analysis of the results according to the number of training sessions, training themes and camouflage techniques.
Keywords
Malicious Mail; Malware; Reversing; Training; Security Awareness;
Citations & Related Records
Times Cited By KSCI : 6  (Citation Analysis)
연도 인용수 순위
1 S. Sheng, "Who Falls for Phish? A Demographic Analysis of Phishing Susceptibility and Effectiveness of Interventions," Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp.373-382, Apr. 2010.
2 Deanna D. Caputo, "Going Spear Phishing: Exploring Embedded Training and Awareness", IEEE security & privacy v.12 no.1, pp.28-38, Aug. 2013.   DOI
3 Duck-sang Yoon, "A Study on the Change of Capability and Behavior against Phishing Attack by Continuous Practical Simulation Training," Journal of the Korea Institute of Information Security &Cryptology 27(2), pp.267-279, Apr. 2017.   DOI
4 Jun-hee Lee, "A Study on Human Vulnerability Factors of Companies :Through Spam Mail Simulation Training Experiments", Journal of the Korea Institute of Information Security & Cryptology 29(4), pp.847-857, Aug. 2019.   DOI
5 KISA, "Wannacry Analysis Special Report", https://www.boho.or.kr/filedownload.do?attach_file_seq=2235&attach_file_id=EpF2235.pdf, Oct. 2017.
6 KISA, "Cyber Security Issue Report : Q2 2019", https://www.boho.or.kr/filedownload.do?attach_file_seq=2235&attach_file_id=EpF2235.pdf, Aug. 2019.
7 In-Sook Jang, "A Study On Cybersecurity Training and Exercise Format", Proceedings of the 2016 KISS conference, pp.1039-1041, Jun. 2016.
8 Jae-hwi Lee, "A Study on API Wrapping in Themida and Unpacking Technique", Journal of the Korea Institute of Information Security and Cryptology v.27 no.1, pp.67-77, Feb. 2017.   DOI
9 Kyeong Sik Lee, "Research on Bypass the malware dynamic analysis and Response method", Proceedings of the 2017 KISS conference, pp.1069-1071, Jul. 2017.
10 AMIR AFIANIAN, "Malware Dynamic Analysis Evasion Techniques: A Survey", ACM Computing Surveys, Vol. 52, No. 6 Article 126, Nov. 2019.
11 Woo-Jin Joe, "Method of detecting variant malicious codes using behavior signature", Proceedings of the 2018 KISS conference, pp.1026-1028, Dec. 2018.
12 Jae Hyuk Suk. "Analysis of Virtualization Obfuscated Executable Files and Implementation of Automatic Analysis Tool", Journal of the Korea Institute of Information Security and Cryptology v.23 no.4, pp.709-720, Aug. 2013.   DOI
13 Seong-Kyun Mok, "Program Slicing for Binary code Deobfuscation", Journal of the Korea Institute of Information Security & Cryptology 27(1), pp.59-66, Feb. 2017.   DOI
14 Lee Kyung-Roul, "A Novel Process Design for Analyzing Malicious Codes That Bypass Analysis Techniques", Informatization policy v.24 no.4 = no.93, pp.68-78, Dec. 2017.
15 Choi suk-woo, "Method Of Obfuscation Binary Analysis" Communications of the Korean Institute of Information Scientists and Engineers v.36 no.3, pp.26-31, Mar. 2018.   DOI
16 Ah Reum Kang, "Detection of Malicious PDF based on Document Structure Features and Stream Objects", Journal of The Korea Society of Computer and Information Vol. 23 No. 11, pp. 85-93, Nov. 2018.   DOI
17 Financial Security Institute, "Campaign DOKKAIEBI", http://www.fsec.or.kr/common/proc/fsec/bbs/163/fileDownLoad/1754.do, Aug. 2018.
18 Kyung-Roul Lee, "A New Analysis Method for Packed Malicious Codes", Journal of advanced navigation technology v.16 no.3 = no.54, pp.488-494. Feb. 2012.   DOI
19 Financial Security Institute, "TA505 Threat Group Profiling", http://www.fsec.or.kr/common/proc/fsec/bbs/163/fileDownLoad/2297.do, Aug. 2020.
20 Financial Security Institute, "Campaign RIFLE", http://www.fsec.or.kr/common/proc/fsec/bbs/163/fileDownLoad/1752.do, Jul. 2017.
21 Mimecast, "The State of Email Security Report 2019", https://www.mimecast.com/resources/press-releases/dates/2019/5/state-of-email-security-2019, May. 2019.
22 Financial Security Institute, "2020 Cyber Threat and Prospecting Report", http://www.fsec.or.kr/common/proc/fsec/bbs/41/fileDownLoad/2237.do, Dec. 2019.
23 Eric Johnson, "Why Training Doesn't Mitigate Phishing", https://www.bankinfosecurity.com/interviews/spear-phishing-training-weaknesses-idd-i-2148, Jan. 2014.
24 AT Stephanou, "The impact ofinformation security awareness training on information security behaviour: the case for further research", Proceedings of the ISSA 2008 Innovative Minds Conference, pp.309-329, Jul. 2008