• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.5
• /
• pp.1445-1462
• /
• 2012

While botnets are used for various malicious activities, it is well known that they are widely used for email spam. Though the spam filtering systems currently in use block IPs that send email spam, simply blocking the IPs of zombie PCs participating in a botnet is not enough to prevent the spamming activities of the botnet because these IPs can easily be changed or manipulated. This IP blocking is also insufficient to prevent crimes other than spamming, as the botnet can be simultaneously used for multiple purposes. For this reason, we propose a system that detects botnets and zombie PCs based on email spam analysis. This study introduces the concept of "group pollution level" - the degree to which a certain spam group is suspected of being a botnet - and "IP pollution level" - the degree to which a certain IP in the spam group is suspected of being a zombie PC. Such concepts are applied in our system that detects botnets and zombie PCs by grouping spam mails based on the URL links or attachments contained, and by assessing the pollution level of each group and each IP address. For empirical testing, we used email spam data collected in an "email spam trap system" - Korea's national spam collection system. Our proposed system detected 203 botnets and 18,283 zombie PCs in a day and these zombie PCs sent about 70% of all the spam messages in our analysis. This shows the effectiveness of detecting zombie PCs by email spam analysis, and the possibility of a dramatic reduction in email spam by taking countermeasure against these botnets and zombie PCs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1251-1258
• /
• 2016

Recently, leaks of the personal information of Internet users have been occurring too frequently. Generally, Internet users have email accounts. The use of email as a communications tool in the private and public sectors has increased. Therefore, in email usage, password management to ensure a more secure email service is most important. In this study, we conducted an online survey of email users and analyzed their responses by using structural equation modeling software to find the psychological and behavioral characteristics of their password management. The results of this study provide useful suggestions on information security strategies related to email password management at both the enterprise and individual levels.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.146-149
• /
• 2022

With internet development, many peoples use their email to exchange documents, register for web services, and much more. Some individuals/organizations (including educational institutions) use their own domain name for email instead of a domain provided by commercial email services. However, suppose the domain used for custom email expires. In that case, other individuals/organizations can reuse the domain, and the new domain owner can send and receive all emails incoming to the domain. It makes us concerned about Privacy violations. Email that new domain owners can look into also contains sensitive emails like password reset notifications, credit card statements, order history, and more. In this research, we would like to describe the privacy violations caused by the expired domain used for email that did not remove all dependencies of email users and propose a solution.

• Journal of Internet Computing and Services
• /
• v.2 no.5
• /
• pp.93-104
• /
• 2001

In this paper. we analyze networks in accordance with topology which consists of ATM-LAN in order to enhance performance in multimedia environment, We analyze job processing time of Email, FTP and Http server for variance of node in star, ring and mesh topology, We analyze a load factor of Email, FTP and Http server and variance of sending/receiving rate for various topology, We examined that the constituent networks in this paper can minimize load of server in any other topology.

• The Journal of the Korea Contents Association
• /
• v.10 no.6
• /
• pp.43-48
• /
• 2010

Useful emails influence on consumers' purchase behavior and activate them to visit retail stores. Regular contact with consumers by e-mail has positive effects on brand loyalty. However, email marketing has a limitation. Spam now accounts for over half of all e-mail traffic. The increase of email users has resulted in the dramatic increase of spam emails during the past few years. In this paper, we proposed an ontology-based system offering personalized email services to overcome such limitation. Our method is not the ontology-driven spam filtering, but a personalized content service considering personal interests and relations among people by using FOAF and domain ontologies. Our system was successfully tested in email marketing domain.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.5
• /
• pp.835-846
• /
• 2020

BEC (Business Email Compromise) attacks are frequently occurring by impersonating accounts or management through e-mail and stealing money or sensitive information. This type of attack accounts for the largest portion of the recent trade fraud, and the FBI estimates that the estimated amount of damage in 2019 is about $17 billion. However, if you look at the response status of the companies compared to this, it relies on the traditional SPAM blocking system, so it is virtually defenseless against the BEC attacks that social engineering predominates. To this end, we will analyze the types and methods of BEC accidents and propose ways to effectively counter BEC attacks by companies through AI(Artificial Intelligence).

• International Journal of Computer Science & Network Security
• /
• v.22 no.6
• /
• pp.212-222
• /
• 2022

There has been a rapid increase in the use of cloud email services. As a result, email encryption has become more commonplace as concerns about cloud privacy and security grow. Nevertheless, this increase in usage is creating the challenge of how to effectively be searching and filtering the encrypted emails. They are popular technologies of solving the issue of the encrypted emails searching through searchable public key encryption. However, the problem of encrypted email filtering remains to be solved. As a new approach to finding and filtering encrypted emails in the cloud, we propose a ciphertext-based encrypted policy attribute-based encryption scheme and keyword search procedure based on hidden policy ciphertext. This feature allows the user of searching using some encrypted emails keywords in the cloud as well as allowing the emails filter-based server toward filter the content of the encrypted emails, similar to the traditional email keyword filtering service. By utilizing composite order bilinear groups, a hidden policy system has been successfully demonstrated to be secure by our dual system encryption process. Proposed system can be used with other scenarios such as searching and filtering files as an applicable method.

• Journal of Korea Multimedia Society
• /
• v.13 no.5
• /
• pp.754-762
• /
• 2010

Nowadays, email-based targeted attacks using malcode-bearing documents have been steadily increased. To improve the success rate of the attack and avoid anti-viruses, attackers mainly employ zero-day exploits and relevant social engineering techniques. In this paper, we propose an architecture of the email vaccine cloud system to prevent targeted attacks using malcode-bearing documents. The system extracts attached document files from email messages, performs behavior analysis as well as signature-based detection in the virtual machine environment, and completely removes malicious documents from the messages. In the process of behavior analysis, the documents are regarded as malicious ones in cases of creating executable files, launching new processes, accessing critical registry entries, connecting to the Internet. The email vaccine cloud system will help prevent various cyber terrors such as information leakages by preventing email based targeted attacks.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.19 no.3
• /
• pp.343-349
• /
• 2009

In this paper, it would be shown that individuals can have different responses to the same email based on their preferences through computing the distributions of user clusters' email responses from clustering results based on email users' preference information. This paper presents an approach that incorporates user preferences to construct an anti-spam mail system, which is different from the conventional content-based ones. We consider email category information derived from the email content as well as user preference information. We also build a user preference ontology to formally represent the important concepts and rules derived from a data mining process and then apply a rule optimization procedure to exclude unnecessary rules. Experimental results show that our user preference based system achieves good performance in terms of accuracy, the rules derived from the system and human comprehensibility.

• The Journal of the Korea Contents Association
• /
• v.6 no.7
• /
• pp.50-57
• /
• 2006

The implementation of cellular phone based applications has been growing very fast because of WIPI which is one of hardware independent platforms. In this paper, we design and implement a system to combine the animation avatar and e-mail service by using WIPI platform, so that the user can symbolize himself/herself by his/her avatar in using the email. Also, as the general email applications have functions to integrate the email and the scheduling, this system has the integrated email & scheduling functionality. At the same time, This system uses SMS service in order to notify scheduled time and it synchronizes the schedule data with Microsoft Outlook on the computer. So, this system extends the existing email applications by supporting the mobility.