Browse > Article
http://dx.doi.org/10.33778/kcsa.2020.20.3.061

Spear-phishing Mail Filtering Security Analysis : Focusing on Corporate Mail Hosting Services  

Shin, Dongcheon (중앙대학교 산업보안학과)
Yum, Dayun (중앙대학교 대학원 융합보안학과)
Publication Information
Convergence Security Journal / v.20, no.3, 2020 , pp. 61-69 More about this Journal
Abstract
Since spear-phishing mail attacks focus on a particular target persistently to collect and take advantage of information, it can incur severe damage to the target as a part of the intelligent and new attacks such as APT attacks and social engineering attacks. The usual spam filtering services can have limits in countering spear-phishing mail attacks because of different targets, goals, and methods. In this paper, we analyze mail security services of several enterprises hosted by midium and small-sized enterprises with relatively security vulnerabilities in order to see whether their services can effectively respond spear-phishing mail attacks. According to the analysis result, we can say that most of mail security hosting services lack in responding spear-phishing mail attacks by providing functions for mainly managing mails including spam mail. The analysis result can be used as basic data to extract the effective and systematic countermeasure.
Keywords
Spear-phishing; Mail Filtering; Mail Hosting Services; Bayesian Intelligent;
Citations & Related Records
연도 인용수 순위
  • Reference
1 https://www.bizmeka.com/store/main/storesubView.doproductId=PRO_000563&categoryId=collabor
2 중소벤처기업부, "중소기업 기술보호역량수준 실태조사", 2019.
3 https://www.hiworks.com/manual#/hiworks/103
4 한국인터넷진흥원(KISA), "국내 스피어피싱 유형 분석", 2014.
5 한국인터넷진흥원(KISA), "피싱 예방 가이드"
6 http://www.duzongroupware.com/
7 https://support.google.com/a/topic/7556597?hl=ko&ref_topic=7556782
8 The research company, "그룹웨어 시장점유율 조사 보고서", 2019.
9 https://bizmarket.uplus.co.kr/intro/introMain?sltnId=BPZ0000004&sltnId1=BPZ0000004
10 H. Hu, P. Peng and G. Wang, "Towards Understanding the Adoption of Anti-Spoofing Protocols in Email Systems," 2018 IEEE Cybersecurity Development (SecDev), Cambridge, MA, pp. 94-101, 2018.
11 J. Wu and T. Deng, "Research in Anti-Spam Method Based on Bayesian Filtering," 2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application, Wuhan, pp. 887-891, 2008.
12 Mario Silic, Andrea Back "The dark side of social networking sites: Understanding phishing risks", Computers in Human Behavior, pp. 35-43, 2016.
13 P Chen, L Desmet, C Huygens, "A study on advanced persistent threats", IFIP International Conference on Communications and Multimedia Security, pp. 63-72, 2014.
14 Trend Micro, "Spear-Phishing Email: Most Favored APT Attack Bait", Trend Micro Incorporated Research Paper, 2012.
15 https://www.mailplug.com/mailplug/why_mailplug/security
16 https://mailnara.co.kr/index.php/business/functional
17 https://daouoffice.com/intro/security.jsp
18 https://help.worksmobile.com/kr/mail/spam-mail/