IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Analysis, Development and Deployment of Statistical Anomaly Detection Techniques for Real E-Mail Traffic

Analysis, Development and Deployment of Statistical Anomaly Detection Techniques for Real E-Mail Traffic
View Sample PDF
Author(s): Gianluca Papaleo (Istituto di Elettronica e di Ingegneria dell’Informazione e delle Telecomunicazioni, Italy & Consiglio Nazionale delle Ricerche, Italy), Davide Chiarella (Istituto di Elettronica e di Ingegneria dell’Informazione e delle Telecomunicazioni, Italy & Consiglio Nazionale delle Ricerche, Italy), Maurizio Aiello (Istituto di Elettronica e di Ingegneria dell’Informazione e delle Telecomunicazioni, Italy & Consiglio Nazionale delle Ricerche, Italy)and Luca Caviglione (Istituto di Studi sui Sistemi Intelligenti per l’Automazione, Italy &Consiglio Nazionale delle Ricerche, Italy)
 Copyright: 2012
 Pages: 25
 Source title: Information Assurance and Security Technologies for Risk Assessment and Threat Management: Advances
Source Author(s)/Editor(s): Te-Shun Chou (East Carolina University, USA)
 DOI: 10.4018/978-1-61350-507-6.ch003

Purchase

View Analysis, Development and Deployment of Statistical Anomaly Detection Techniques for Real E-Mail Traffic on the publisher's website for pricing and purchasing information.

Abstract

Even if new interaction paradigms, such as the Voice over IP (VoIP), are becoming popular and widely adopted, the e-mail is still one of the most utilized ways to communicate across the Internet. However, many malicious threats are conveyed via e-mails. Usually, the authors can exploit two different approaches: i) analyzing the logs produced by e-mail servers or ii) reconstruct the e-mail flows by capturing data directly from the network by placing ad-hoc probes. In this vein, this Chapter discusses the analysis, development and deployment of statistical detection techniques aimed at the detection of Internet worms. For what concerns i), they introduce a tool called Log Mail Analyzer (LMA), which allows to overcome the complexity of inspecting multiple logs created from a heterogeneous population of mail servers. In the perspective of ii) they briefly discuss an alternative solution, based on ad-hoc network probes, to be properly placed to collect traffic and then reconstruct the e-mail flow to be monitored. Lastly, the authors introduce a threshold mechanism, based on a simple statistical framework, to automatically detect and identify different worm activities.

Related Content

Chirag Sharma, Amanpreet Kaur, Priyanka Datta, Yonis Gulzar. © 2025. 30 pages.
M. Johnpaul, Raam Sai Bharadwaj Miryala, Marica Mazurek, G. Jayaprakashnarayana, Ramesh Kumar Miryala. © 2025. 28 pages.
Jatin Arora, Gaganpreet Kaur, Monika Sethi, Saravjeet Singh. © 2025. 20 pages.
L. A. Anto Gracious, L. Sudha, B. Chitra, Gaganpreet Kaur, V. Sathya, P. Kabitha, R. Siva Subramanian. © 2025. 28 pages.
Bhavik Singla, Anuj Kumar Jain, Gaganpreet Kaur, Nitin Jain, Vishal Jain. © 2025. 28 pages.
P. Vijayalakshmi, K. Subashini, B. Selvalakshmi, G. Sudhakar, Anand Anbalagan, N. Bharathiraja, Gaganpreet Kaur. © 2025. 22 pages.
Djamel Saba, Abdelkader Hadidi. © 2025. 28 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2025, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.