Unlock instant, AI-driven research and patent intelligence for your innovation.

Spear phishing mail detection method and device

A technology of phishing emails and detection methods, which is applied in the detection field of spear phishing emails, can solve problems such as inability to be detected in time, and achieve accurate detection results

Active Publication Date: 2015-11-18
四川国讯网络安全信息技术研究院
View PDF4 Cites 43 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the method of detecting link domain names in phishing emails also has certain limitations. For example, attackers use methods of attacking third-party servers (watering hole attacks), and trick users to click on websites with tampered content by hanging horses on websites with legitimate domain names. Legitimate websites, the existing methods for detecting link domain names in phishing emails cannot detect them in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Spear phishing mail detection method and device
  • Spear phishing mail detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0044] see figure 1 , is a schematic flowchart of a spear-phishing email detection method provided by an embodiment of the present invention. The detection method of this spear phishing email includes steps:

[0045] S101. Obtain mail data traffic in the network, and restore the content of the mail according to the encoding type of the obtained mail, so as to obtain current mail information;

[0046] Specifically, the current mail information can be obtained in t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a spear phishing mail detection method, which comprises the steps of: acquiring mail data traffic in a network, reverting content of an mail according to an encoding type of the acquired mail to acquire current mail information; judging whether a sender of the current mail is one of frequent trust contacts of a receiver through sender information of the acquired current mail information; if the sender is one of the frequent trust contacts of the receiver, comparing and analyzing the current mail with historical communication mails which are sent from the sender to the receiver based on multi-dimensional communication characteristics, thereby determining whether the current mail is a spear phishing mail or not; and if the sender is not one of the frequent trust contacts of the receiver, extracting at least one of an IP address, a domain name and a link in the current mail for comparative analysis when a visual similarity between the current mail and mails of well-known authoritative websites reaches a threshold value, thereby determining whether the current mail is a spear phishing mail or not. The invention further discloses a spear phishing mail detection device.

Description

technical field [0001] The invention relates to the field of information security detection, in particular to a detection method and device for spear phishing emails. Background technique [0002] With the development of computer network, the Internet has played an increasingly important role in people's daily life. And because of various flaws in network operating systems and network applications, Internet security problems are becoming more and more serious. The essence of security is continuous confrontation. In recent years, with the continuous improvement of defense technology, attack techniques and methods have also been constantly changing, from the traditional direct vulnerability attack based on the target network to the indirect social engineering of computer personnel vulnerabilities. Attacks, using people's own consciousness defects to attack the target user's personal computer, mobile phone and other equipment, execute the malicious code customized and develope...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1483H04L51/212
Inventor 黄玮范文庆
Owner 四川国讯网络安全信息技术研究院
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com