透過您的圖書館登入 IP:18.117.196.217
透過您的圖書館登入
IP:18.117.196.217
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 期刊

惡意電子郵件偵測之研究-以自我組織映射圖與k-medoids群集模式為例

Detection of New Malicious Emails Based on Self-Organizing Maps and K-Medoids Clustering

施東河(Dong-Her Shih)
《資訊管理學報》 11卷2期 (2004/04) Pp. 211-235
https://doi.org/10.6382/JIM.200404.0211
全文下載

摘要

現今最重要的網際網路安全威脅議題之一,便是透過電子郵件為傳播媒介的惡意電子郵件病毒與網路蠕蟲,這些病毒與蠕蟲每年以數千隻的比率在成長,構成的一連串的安全威脅。現今的防毒軟體大都以找出病毒特徵碼的方式來防範新的電子郵件病毒,但在新的電子郵件病毒特徵碼尚未找出與更新之前,使用者電腦是暴露在電子郵件病毒的威脅之下。本研究擬提出惡意電子郵件偵測模式,結合自我組織映射圖與k-medoids群集模式來偵測未知、新的惡意電子郵件病毒。 本研究所提之惡意電子郵件偵測模式係透過分析各種惡意電子郵件病毒的特性,找出正常電子郵件與惡意電子郵件病毒間的行為特徵,以便自動偵測新的、未知的惡意電子郵件病毒。本文採用偵測率與誤判率作為績效指標,將本研究所提之惡意電子郵件偵測模式與貝式分類、防毒軟體做比較,實驗結果顯示,本研究提出的惡意電子郵件偵測模式明顯優於貝式分類與一般防毒軟體。

關鍵字

自我組織映射圖 k-medoids群集 電子郵件病毒偵測 電子郵件病毒

並列摘要

A serious security threat today is malicious emails, especially new, unseen Internet worms and virus often arriving as email attachments. These new malicious emails are created at the rate of thousands every year and pose a serious security threat. Current anti-virus systems attempt to detect these new malicious mail viruses with signatures generated by hand but it is costly and oftentimes. In this paper, we present a method of combining self-organizing maps (SOM) and a k-medoids clustering for detecting new, previously unseen malicious emails accurately and automatically. This method automatically found behaviors in data set and used these behaviors to detect a set of new malicious mail viruses included scripts that hadn't been discussed before. Naïve Bayes classification and anti-virus software's results are also shown for comparison. Comparison results show that our proposed method outperformed than other methods.

並列關鍵字

self-organizing maps SOM K-medoids email virus detection anti-virus

參考文獻

Trend Micro
Arnold W.,Tesauro G.(2000).Automatically Generated Win32 Heuristic Virus Detection.Proceedings of the 2000 International Virus Bulletin Conference.(Proceedings of the 2000 International Virus Bulletin Conference).
Coulthard A.,Vuori T.A.(2002).Computer viruses: a quantitative analysis.Logistics Information Management.15(5/6),400-409.
Crawford R.,Kerchen P.,Levitt K.,Olsson R.,Archer M.,Casillas M.(1993).Automated Assistance for Detecting Malicious Code.Proceedings of the 6th International Computer Virus and Security Conference.(Proceedings of the 6th International Computer Virus and Security Conference).
Garber L.(1999).Melissa Virus Creates a New Type of Threat.Computer.32(6),16-19.

延伸閱讀

全文下載