Whyte et al., 2005 - Google Patents
Addressing malicious smtp-based mass-mailing activity within an enterprise networkWhyte et al., 2005
View PDF- Document ID
- 8527300372806816544
- Author
- Whyte D
- Van Oorschot P
- Kranakis E
- Publication year
- Publication venue
- Carleton University, School of Computer Science, Technical Report TR-05-06
External Links
Snippet
Malicious mass-mailing activity on the Internet is a serious and continuing threat that includes massmailing worms, spam, and phishing. A mechanism commonly used to deliver such malicious mass mail is an SMTP-engine, which turns an infected system into a …
- 230000000694 effects 0 title abstract description 80
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages
- H04L51/12—Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages with filtering and selective blocking capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/58—Message switching systems, e.g. electronic mail systems
- H04L12/585—Message switching systems, e.g. electronic mail systems with filtering and selective blocking capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7984493B2 (en) | DNS based enforcement for confinement and detection of network malicious activities | |
| Whyte et al. | DNS-based Detection of Scanning Worms in an Enterprise Network. | |
| Srivastava et al. | A recent survey on DDoS attacks and defense mechanisms | |
| EP2147390B1 (en) | Detection of adversaries through collection and correlation of assessments | |
| US9674217B2 (en) | Method and system for mitigation of distributed denial of service (DDOS) attacks | |
| US20080256622A1 (en) | Reduction of false positive reputations through collection of overrides from customer deployments | |
| US20120278889A1 (en) | Detecting malicious behaviour on a network | |
| Schneider | The state of network security | |
| Hudaib et al. | DNS advanced attacks and analysis | |
| Hands et al. | A study on botnets utilizing DNS | |
| Trabelsi et al. | Preventing ARP attacks using a fuzzy-based stateful ARP cache | |
| Whyte et al. | Addressing malicious smtp-based mass-mailing activity within an enterprise network | |
| Jin et al. | Trigger-based blocking mechanism for access to email-derived phishing URLs with user alert | |
| Arafat et al. | A realistic approach and mitigation techniques for amplifying ddos attack on dns | |
| Xie et al. | Thwarting e-mail spam laundering | |
| Kessler | Denial‐of‐Service Attacks | |
| Whyte et al. | Addressing SMTP-based mass-mailing activity within enterprise networks | |
| Hashmi et al. | Intrusion Prevention System based Defence Techniques to manage DDoS Attacks | |
| Kamal et al. | Analysis of network communication attacks | |
| Arslan | A solution for ARP spoofing: Layer-2 MAC and protocol filtering and arpserver | |
| Al-Bataineh et al. | Detection and prevention methods of botnet-generated spam | |
| Huang et al. | On capturing and containing e-mail worms | |
| Zhang et al. | Internet-scale malware mitigation: combining intelligence of the control and data plane | |
| Tupakula et al. | DoSTRACK: a system for defending against DoS attacks | |
| Berger-Sabbatel et al. | Architecture of a platform for malware analysis and confinement |