• Proceedings of the Korea Technology Innovation Society Conference
• /
• 2004.11a
• /
• pp.239-244
• /
• 2004

피싱(Phishing)이란 '위장 홈페이지를 만들어 불특정 다수의 이메일 사용자에게 메일을 보내는 수법으로 수신자의 개인정보를 빼내 금융범죄에 악용하는 행위'를 말한다. 기존의 스팸메일 둥과 달리 피싱은 이메일 사용자에게 금융, 신용 피해를 줄 수 있어 개인에게 미치는 피해가 심각한 경우가 발생할 수 있다. 이에 대응하여, 미국에서는 'SB California SB 1386' 등의 법안을 제정하고, 'Coalition on Online Identity Theft' 등의 조직을 결성하는 등 피싱으로 인한 피해 예방 및 대처를 위해 적극적으로 노력하고 있다. 국내에서도 금융기관과 기업에서의 주의 메일 발송, 홈페이지에의 피싱 주의 안내문 게시 둥의 방법으로 대응하고 있으나, 피싱으로 인한 피해를 예방하기에는 미진한 것으로 여겨진다. 이에 본 고에서는 미국을 중심으로 한 피싱에 대한 피해.대응현황과 국내 대응방안에 대해 살펴본다.

• Journal of KIISE:Software and Applications
• /
• v.31 no.8
• /
• pp.1092-1100
• /
• 2004

An E-mails have regarded as one of the most popular methods for exchanging information because of easy usage and low cost. Meanwhile, exponentially growing unwanted mails in user's mailbox have been raised as main problem. Recognizing this issue, Korean government established a law in order to prevent e-mail abuse. In this paper we suggest hybrid spam mail filtering system using weighted Bayesian classifier which is extended from naive Bayesian classifier by adding the concept of preprocessing and intelligent agents. This system can classify spam mails automatically by using training data without manual definition of message rules. Particularly, we improved filtering efficiency by imposing weight on some character by feature extraction from spam mails. Finally, we show efficiency comparison among four cases - naive Bayesian, weighting on e-mail header, weighting on HTML tags, weighting on hyperlinks and combining all of four cases. As compared with naive Bayesian classifier, the proposed system obtained 5.7% decreased precision, while the recall and F-measure of this system increased by 33.3% and 31.2%, respectively.

• Journal of KIISE:Software and Applications
• /
• v.37 no.5
• /
• pp.378-385
• /
• 2010

The explosive increase in the use of email has made to need email classification efficiently and accurately. Current work on the email classification method have mainly been focused on a binary classification that filters out spam-mails. This methods are based on Support Vector Machines, Bayesian classifiers, rule-based classifiers. Such supervised methods, in the sense that the user is required to manually describe the rules and keyword list that is used to recognize the relevant email. Other unsupervised method using clustering techniques for the multi-category classification is created a category labels from a set of incoming messages. In this paper, we propose a new automatic email multi-category classification method using NMF for automatic category label construction method and dynamic category hierarchy method for the reorganization of email messages in the category labels. The proposed method in this paper, a large number of emails are managed efficiently by classifying multi-category email automatically, email messages in their category are reorganized for enhancing accuracy whenever users want to classify all their email messages.

• Journal of Platform Technology
• /
• v.9 no.2
• /
• pp.26-37
• /
• 2021

E-mail is one of the important tools for communicating with people in everyday life. With COVID-19 (Coronavirus) increasing non-face-to-face activity, security incidents through e-mail such as spam, phishing, and ransomware are increasing. E-mail security incidents are increasing as social engineering attack using human psychology rather than arising from technological weaknesses that e-mails have. Security incidents using human psychology can be prevented and defended by improving security awareness. This study empirically studies the analysis of changes in response to malicious e-mail due to improved security awareness through malicious e-mail simulations on executives and employees of domestic and foreign company. In this study, the factors of security training, top-down security management, and security issue sharing are found to be effective in safely responding to malicious e-mail. This study presents a new study by conducting empirical analysis of theoretical research on security awareness in relation to malicious e-mail responses, and results obtained from simulations in a practical setting may help security work.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.2
• /
• pp.129-137
• /
• 2008

In this paper, we propose an improved Bayesian Filtering mechanism to reduce the False Positives that occurs in the existing Bayesian Filtering mechanism. In the existing Bayesian Filtering mechanism, the same Bayesian Filtering DB trained at the e-mail server is applied to each e-mail user. Also, the training method using receiving e-mails only could not provide the high quality of ham DB. Due to these problems, the existing Bayesian Filtering mechanism can produce the False Positives which misclassify the ham e-mails into the spam e-mails. In the proposed mechanism, the sending e-mails of the user are treated as the high quality of ham information, and are trained to the Bayesian ham DB automatically. In addition, by providing a different Bayesian DB to each e-mail user respectively, more efficient e-mail filtering service is possible. Our experiments show the improvement of filtering accuracy by 3.13%, compared to the existing Bayesian Filtering mechanism.

• Journal of Advanced Navigation Technology
• /
• v.13 no.3
• /
• pp.419-425
• /
• 2009

The amount of incoming e-mails is increasing rapidly due to the wide usage of Internet. Therefore, it is more required to classify incoming e-mails efficiently and accurately. Currently, the e-mail classification techniques are focused on two way classification to filter spam mails from normal ones based mainly on Bayesian and Rule. The clustering method has been used for the multi-way classification of e-mails. But it has a disadvantage of low accuracy of classification and no category labels. The classification methods have a disadvantage of training and setting of category labels by user. In this paper, we propose a novel multi-way e-mail hierarchy classification method that uses PCA for automatic category generation and dynamic category hierarchy for high accuracy of classification. It classifies a huge amount of incoming e-mails automatically, efficiently, and accurately.

• The KIPS Transactions:PartC
• /
• v.12C no.1 s.97
• /
• pp.137-146
• /
• 2005

The email using internet is situated by means of basic communication method that ordinardy people use. Thereby damage scale of the spam mail becomes wider. The many blocking methods of the spam mail are proposed and archived. Hut they are insufficient to block various types of spam mail The blocking method of spam mail proposed by this paper is consisted of 3 steps (collection, frequency analysis and blocking). It can effectively block various types of spam mail using collected spam mail and various forms of spam mail that changes.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.19 no.3
• /
• pp.343-349
• /
• 2009

In this paper, it would be shown that individuals can have different responses to the same email based on their preferences through computing the distributions of user clusters' email responses from clustering results based on email users' preference information. This paper presents an approach that incorporates user preferences to construct an anti-spam mail system, which is different from the conventional content-based ones. We consider email category information derived from the email content as well as user preference information. We also build a user preference ontology to formally represent the important concepts and rules derived from a data mining process and then apply a rule optimization procedure to exclude unnecessary rules. Experimental results show that our user preference based system achieves good performance in terms of accuracy, the rules derived from the system and human comprehensibility.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.17 no.2
• /
• pp.160-166
• /
• 2007

When a mail was given to users, each user's response could be different according to his or her preference. This paper presents a solution for this situation by constructing a user preferred ontology for anti-spam systems. To define an ontology for describing user behaviors, we applied associative classification mining to study preference information of users and their responses to emails. Generated classification rules can be represented in a formal ontology language. A user preferred ontology can explain why mail is decided to be spam or ron-spam in a meaningful way. We also suggest a new rule optimization procedure inspired from logic synthesis to improve comprehensibility and exclude redundant rules.

• KIPS Transactions on Software and Data Engineering
• /
• v.4 no.3
• /
• pp.129-134
• /
• 2015

Since automatic social engineering based spam attacks induce for users to click or receive the short message service (SMS), e-mail, site address and make a relationship with an unknown friend, it is very easy for them to active in online social networks. The previous spam detection schemes only apply manual filtering of the system managers or labeling classifications regardless of the features of social networks. In this paper, we propose the spam detection metric after reflecting on a couple of features of social networks followed by analysis of real social network data set, Twitter spam. In addition, we provide the online social networks based unsupervised scheme for automated social engineering spam with self organizing map (SOM). Through the performance evaluation, we show the detection accuracy up to 90% and the possibility of real time training for the spam detection without the manager.