• DocumentCode
    3398317
  • Title

    EMT/MET: systems for modeling and detecting errant email

  • Author

    Stolfo, Salvatore J. ; Hershkop, Shlomo ; Wang, Ke ; Nimeskern, Olivier

  • Volume
    2
  • fYear
    2003
  • fDate
    22-24 April 2003
  • Firstpage
    290
  • Abstract
    The Malicious Email Tracking (MET) system is an online "behavior-based" security system employing anomaly detection techniques to detect deviations from a system\´s or user\´s normal email behavior, rather than solely by attempting to identify known attacks against a system via signature-based methods. The Email Mining Toolkit (EMT) is an offline data analysis system designed to assist a security analyst compute, visualize and test models of email behavior for use in MET. In this paper, we enumerate the features implemented in the EMT system.
  • Keywords
    authorisation; data analysis; invasive software; military computing; unsolicited e-mail; DARPA; EMT; Email Mining Toolkit; MET; Malicious Email Tracking; anomaly detection techniques; behavior-based security system; model visualization; offline data analysis system; signature-based methods; Aggregates; Data analysis; Data security; Data visualization; Electronic mail; Information security; Network servers; Protection; Statistical distributions; System testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    DARPA Information Survivability Conference and Exposition, 2003. Proceedings
  • Print_ISBN
    0-7695-1897-4
  • Type

    conf

  • DOI
    10.1109/DISCEX.2003.1194980
  • Filename
    1194980
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3398317