Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for detecting spear phishing emails

A technology of phishing emails and detection methods, which is applied in the detection field of spear phishing emails, can solve problems such as inability to be detected in time, and achieve accurate detection results

Active Publication Date: 2016-08-17
四川国讯网络安全信息技术研究院
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are certain limitations in the method of detecting linked domain names in phishing emails. For example, attackers use the method of attacking a third-party server (watering hole attack), and hang a horse on a legitimate domain name website to induce users to click on the website whose content has been tampered with. Legitimate websites, the existing methods for detecting link domain names in phishing emails cannot detect them in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting spear phishing emails
  • Method and device for detecting spear phishing emails

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0042] see figure 1 , is a schematic flowchart of a spear-phishing email detection method provided by an embodiment of the present invention. The detection method of this spear phishing email includes steps:

[0043] S101. Obtain mail data traffic in the network, and restore the content of the mail according to the encoding type of the obtained mail, so as to obtain current mail information;

[0044] Specifically, the current mail information can be obtained in t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a spear-phishing mail detection method, which comprises the steps of: obtaining mail data flow in the network, and restoring the content of the mail according to the code type of the obtained mail, so as to obtain current mail information; according to the obtained The sender information in the current mail information is used to determine whether the sender of the current mail is a frequently trusted contact of the recipient; Comparative analysis of the historical communication emails sent by the sender to the recipient, so as to determine whether the current email is a spear phishing email; When the degree reaches the threshold, at least one of the IP address, domain name and link in the current mail is extracted for comparative analysis, so as to determine whether the current mail is a spear phishing mail. The invention discloses a detection device for spear fishing emails.

Description

technical field [0001] The invention relates to the field of information security detection, in particular to a detection method and device for spear phishing emails. Background technique [0002] With the development of computer networks, the Internet has played an increasingly important role in people's daily life. And because of various flaws in the network operating system and network application program, the security problem of the Internet is becoming more and more serious. The essence of security is continuous confrontation. In recent years, with the continuous improvement of defense technology, attack techniques and methods have also been constantly changing, from the traditional direct vulnerability attack based on the target network to the indirect social engineering of computer personnel vulnerabilities. Attacks, using people's own consciousness defects to attack the target user's personal computer, mobile phone and other equipment, execute the malicious code cus...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1483H04L51/212
Inventor 黄玮范文庆
Owner 四川国讯网络安全信息技术研究院