Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
USENIX
2001
2001
MEF: Malicious Email Filter - A UNIX Mail Filter That Detects Malicious Windows Executables
We present Malicious Email Filter, MEF, a freely distributed malicious binary filter incorporated into Procmail that can detect malicious Windows attachments by integrating with a UNIX mail server. The system has three capabilities: detection of known and unknown malicious attachments, automatic propagation of detection models, and the ability to monitor the spread of malicious attachments. The system filters malicious attachments from emails by using detection models obtained from data-mining over known malicious attachments. It leverages research in data mining applied to malicious executables which allows the detection of previously unseen, malicious attachments. These new malicious attachments are programs that are most likely undetectable by current virus scanners because detection signatures for them have not yet been generated. The system also allows for the automatic propagation of detection models from a central server. Finally, the system allows for monitoring and measuremen...
Real-time TrafficMalicious Attachments | Malicious Windows Attachments | Operating System | Unknown Malicious Attachments | USENIX 2001 |
| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2001 |
| Where | USENIX |
| Authors | Matthew G. Schultz, Eleazar Eskin, Erez Zadok, Manasi Bhattacharyya, Salvatore J. Stolfo |
Comments (0)
Researcher Info
|
