• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

EMICS: E-mail based Malware Infected IP Collection System

Vol. 12, No. 6, June 29, 2018
10.3837/tiis.2018.06.024, Download Paper (Free):

Abstract

Cyber attacks are increasing continuously. On average about one million malicious codes appear every day, and attacks are expanding gradually to IT convergence services (e.g. vehicles and television) and social infrastructure (nuclear energy, power, water, etc.), as well as cyberspace. Analysis of large-scale cyber incidents has revealed that most attacks are started by PCs infected with malicious code. This paper proposes a method of detecting an attack IP automatically by analyzing the characteristics of the e-mail transfer path, which cannot be manipulated by the attacker. In particular, we developed a system based on the proposed model, and operated it for more than four months, and then detected 1,750,000 attack IPs by analyzing 22,570,000 spam e-mails in a commercial environment. A detected attack IP can be used to remove spam e-mails by linking it with the cyber removal system, or to block spam e-mails by linking it with the RBL(Real-time Blocking List) system. In addition, the developed system is expected to play a positive role in preventing cyber attacks, as it can detect a large number of attack IPs when linked with the portal site.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
T. Lee and J. Kwak, "EMICS: E-mail based Malware Infected IP Collection System," KSII Transactions on Internet and Information Systems, vol. 12, no. 6, pp. 2881-2894, 2018. DOI: 10.3837/tiis.2018.06.024.

[ACM Style]
Taejin Lee and Jin Kwak. 2018. EMICS: E-mail based Malware Infected IP Collection System. KSII Transactions on Internet and Information Systems, 12, 6, (2018), 2881-2894. DOI: 10.3837/tiis.2018.06.024.

[BibTeX Style]
@article{tiis:21798, title="EMICS: E-mail based Malware Infected IP Collection System", author="Taejin Lee and Jin Kwak and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2018.06.024}, volume={12}, number={6}, year="2018", month={June}, pages={2881-2894}}