Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Mail attachment threat detection method and system

A threat detection and attachment technology, applied in the field of email attachment threat detection, can solve the problems of increasing traffic processing delay, unable to continue processing subsequent traffic quickly, and reducing threat detection efficiency

Inactive Publication Date: 2022-01-18
北京微步在线科技有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in practice, it is found that after parsing the attachment, it continues to process in the original process, which increases the delay of traffic processing and cannot continue to process subsequent traffic quickly, thereby reducing the efficiency of threat detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mail attachment threat detection method and system
  • Mail attachment threat detection method and system
  • Mail attachment threat detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] Please see figure 1 , figure 1 A schematic flow chart of a method for detecting threats of email attachments is provided for the embodiment of the present application. Wherein, the email attachment threat detection method is applied to an email attachment threat detection system, and the email attachment threat detection system includes a traffic analysis module and a threat detection module, including:

[0045] S101. The traffic analysis module acquires email data between the client and the server.

[0046] As an optional implementation, the traffic analysis module obtains email data between the client and the server, including:

[0047] The traffic analysis module obtains the communication traffic between the client and the server;

[0048] The traffic analysis module identifies the mail protocol of the communication traffic to obtain the mail data.

[0049] In the above implementation manner, the communication traffic between the client and the server may specifi...

Embodiment 2

[0086] Please see figure 2 , figure 2 It is a schematic structural diagram of an email attachment threat detection system provided by the embodiment of the present application. Such as figure 2 As shown, the email attachment threat detection system traffic analysis module 210 and threat detection module 220 .

[0087] The traffic analysis module is used to obtain the email data between the client and the server; and analyze the email data to obtain attachment-related information; and send the attachment-related information to the threat detection module.

[0088] The threat detection module is configured to perform threat detection on email attachments according to attachment-related information to obtain detection results; and generate detection logs according to the detection results.

[0089] Please also refer to Figure 5 , Figure 5 It is a schematic diagram of information interaction between modules of an email attachment threat detection system provided by the e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a mail attachment threat detection method and system, which relate to the technical field of network security. The mail attachment threat detection method comprises the following steps that a flow analysis module firstly obtains mail data between a client and a server, then analyzes the mail data to obtain attachment related information, then the attachment related information is sent to a threat detection module; and then, the threat detection module performs threat detection on the mail attachment according to the attachment related information to obtain a detection result, and generates a detection log according to the detection result, so that asynchronous processing of flow processing and threat detection can be realized, the delay of flow processing is reduced, subsequent flow can be rapidly and continuously processed, and the threat detection efficiency is improved.

Description

technical field [0001] The present application relates to the technical field of communication security, and in particular, to a method and system for detecting threat of email attachments. Background technique [0002] In people's daily work, email is indispensable for everyone's communication. Because of this, there are many attacks carried by email. Malicious information can be transmitted through emails to induce users to perform some operations; malicious network links can also be transmitted to obtain usernames and passwords; another is to transmit malicious programs, which usually exist in the form of attachments. Existing email attachment threat detection methods usually extract email attachments when receiving email traffic, and then send the email attachments to an antivirus engine, and give an alarm if found to be malicious software. However, in practice, it is found that after the attachment is parsed, it continues to be processed in the original process, which ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40H04L51/42
CPCH04L63/1416H04L63/1425
Inventor 关营赵林林童兆丰薛锋
Owner 北京微步在线科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com