Misuse Detection of New Malicious Emails

A serious security threat today is malicious emails, arriving as email attachments. An email virus is an email that can infect other programs by modifying them to include a replication of it. When the infected emails are opened, the email virus spreads itself to others. Today’s society has seen a dramatic increase in the use of emails. We present a novel approach to detect misuse emails by gathering and maintaining knowledge of the behavior of the malicious emails rather than anticipating attacks by unknown assailants. Our approach is based on building and maintaining a profile of the malicious emails through analyzing its static activity. Any new activity of the email is compared to the malicious profile to detect a potential misuse. Comparison results show that our proposed methods outperformed than anti-virus software.

Dong-Her Shih
Chun-Pin Chang
Hsiu-Sen Chiang