Browse > Article
http://dx.doi.org/10.7471/ikeee.2021.25.4.672

A Study on Email Security through Proactive Detection and Prevention of Malware Email Attacks  

Yoo, Ji-Hyun (Dept. of Software Convergence, Jangan University)
Publication Information
Journal of IKEEE / v.25, no.4, 2021 , pp. 672-678 More about this Journal
Abstract
New malware continues to increase and become advanced by every year. Although various studies are going on executable files to diagnose malicious codes, it is difficult to detect attacks that internalize malicious code threats in emails by exploiting non-executable document files, malicious URLs, and malicious macros and JS in documents. In this paper, we introduce a method of analyzing malicious code for email security through proactive detection and blocking of malicious email attacks, and propose a method for determining whether a non-executable document file is malicious based on AI. Among various algorithms, an efficient machine learning modeling is choosed, and an ML workflow system to diagnose malicious code using Kubeflow is proposed.
Keywords
Malware Detection; E-mail security; Reverse-Engineering; RandomForest; XGBoost; MLOps;
Citations & Related Records
연도 인용수 순위
  • Reference
1 "Virus Total," https://www.virustotal.com/gui/home/upload
2 J. Kinable and O. Kostakis, "Malware classication based on call graph clustering," Journal in Computer Virology, vol.7, no.4, pp.233-245, 2011. DOI: 10.1007/s11416-011-0151-y   DOI
3 R. Islam, R. Tian, L. M. Batten, and S. Versteeg, "Classification of malware based on integrated static and dynamic features," Journal of Network and Computer Applications, vol.36, no.2, pp.646-656, 2013. DOI: 10.1016/j.jnca.2012.10.004   DOI
4 M. Sokolova and G. Lapalme, "A system atic analysis of performance measures for classification tasks," Information Processing & Management, vol.45, no.4, pp.427-437, 2009. DOI: 10.1016/j.ipm.2009.03.002   DOI
5 "Kubeflow," https://www.kubeflow.org/
6 M. Islam, R. Tian, L. Batten, and S. Versteeg, "Classication of malware based on string and function feature selection," Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second, pp.9-17, 2010. DOI: 10.1109/CTC.2010.11   DOI
7 M. Zolkipli and A. Jantan, "An approach for malware behavior identification and classification," Computer Research and Development (ICCRD), 2011 3rd International Conference, vol.1, pp.191-194, 2011. DOI: 10.1109/ICCRD.2011.5764001   DOI
8 R. Tian, L. Batten, and S. Versteeg, "Function length as a tool for malware classification," Malicious and Unwanted Software, 2008. MALWARE 2008. 3 rd International Conference, pp.69-76, 2008. DOI: 10.1109/MALWARE.2008.4690860   DOI
9 R. Pascanu, J. Stokes, H. Sanossian, M. Marinescu, and A. Thomas, "Malware classification with recurrent networks," Acoustics, Speech and Signal Processing (ICASSP), 2015 IEEE International Conference, pp.1916-1920, 2015. DOI: 10.1109/ICASSP.2015.7178304   DOI
10 Lenny Zeltser, "Information Security in Businesses," https://zeltser.com/mastering-4-stages-of-malware-analysis/
11 "Malware Statistics & Trends Report," https://www.av-test.org/en/statistics/malware/
12 M. Bailey, J. Oberheide, J. Andersen, Z. Mao, F. Jahanian, and J. Nazario, "Automated classification and analysis of internet malware," Recent Advances in Intrusion Detection (C. Kruegel, R. Lippmann, and A. Clark, eds.), vol. 4637 of Lecture Notes in Computer Science, pp.178-197, 2007. DOI: 10.1007/978-3-540-74320-0_10   DOI