期刊名称:Journal of Emerging Trends in Computing and Information Sciences
电子版ISSN:2079-8407
出版年度:2015
卷号:6
期号:1
页码:60-67
出版社:ARPN Publishers
摘要:Securing an organization is an increasingly difficult challenge. Attacks are growing in complexity, and the rise of Advanced Persistent Threats (APTs), a type of targeted attack, has made organizations more aware of their vulnerability to attack. Companies have found themselves the target of APTs. APTs persistently collect information and data on a specific target using diverse techniques, examine the vulnerabilities of the target, and then carry out hacking using the data and examination result. An APT is very intelligent, as it selects a clear target and carries out specific attacks, this is unlike the traditional hacking attempts typified by experiences in the previous cyber-attacks which predominantly look to sniff for and steal credit card and other personal identify information. In this paper, we propose a tool that acts like an email gateway that monitors both inbound and outbound traffic for content, context and data integrity for both email and web communications. The proposed tool among other capabilities have the following abilities; inspect malicious web links and attachments in order to prevent initial infection, real time threat analysis capability, strong outbound web detection capabilities for detecting malicious behavior, ability to see inside encrypted traffic and attachment, strong endpoint data loss prevention capabilities to be able to see when most valuable data is leaving an organization. In developing the framework for the design of the proposed tool, the following approaches have been duly incorporated: (i) DKIM- an approach that uses a digital signature to authenticate domain names and the entire content of a message to demonstrate the sender’s legitimacy (ii) SPF - An approach that defines which machines are allowed to send mail on a network. The results revealed from exhaustive experiments conducted indicate that the proposed system is able to filter approximately 73% targeted attack.
