{"title":"一种利用通信数据对DKIM签名可靠性打分的欺骗电子邮件对抗方法","authors":"Kanako Konno, Kenya Dan, Naoya Kitagawa","doi":"10.1109/COMPSAC.2017.37","DOIUrl":null,"url":null,"abstract":"Recently, spoofed e-mails become sophisticated and the messages that cannot be identified by visual confirmation have been increasing. DKIM is one of the most famous methods as countermeasure of spoofed e-mail. However, since DKIM allows a signature by third party domains, a recipient server can be unable to determine whether the attached signature is the legitimate. To solve the problem, although a method using data of DKIM signature domain passed DKIM verification is proposed, this method only verifies the existence of the past deliveries, therefore it has an issue in reliability. To overcome the issue, in this paper, we propose a method to score the reliability of combinations of sender's Header-From domain and DKIM signature domain by analyzing fluctuation of the existence of e-mail delivery obtained from the past communication data. By utilizing this method, the recipients can obtain the reliability score for each message including spoofed e-mail which was uniformly verified successfully in the ordinary DKIM verification, and can utilize our mechanism to spoofed e-mails countermeasure system.","PeriodicalId":6556,"journal":{"name":"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)","volume":"7 1","pages":"43-48"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Spoofed E-Mail Countermeasure Method by Scoring the Reliability of DKIM Signature Using Communication Data\",\"authors\":\"Kanako Konno, Kenya Dan, Naoya Kitagawa\",\"doi\":\"10.1109/COMPSAC.2017.37\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, spoofed e-mails become sophisticated and the messages that cannot be identified by visual confirmation have been increasing. DKIM is one of the most famous methods as countermeasure of spoofed e-mail. However, since DKIM allows a signature by third party domains, a recipient server can be unable to determine whether the attached signature is the legitimate. To solve the problem, although a method using data of DKIM signature domain passed DKIM verification is proposed, this method only verifies the existence of the past deliveries, therefore it has an issue in reliability. To overcome the issue, in this paper, we propose a method to score the reliability of combinations of sender's Header-From domain and DKIM signature domain by analyzing fluctuation of the existence of e-mail delivery obtained from the past communication data. By utilizing this method, the recipients can obtain the reliability score for each message including spoofed e-mail which was uniformly verified successfully in the ordinary DKIM verification, and can utilize our mechanism to spoofed e-mails countermeasure system.\",\"PeriodicalId\":6556,\"journal\":{\"name\":\"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)\",\"volume\":\"7 1\",\"pages\":\"43-48\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COMPSAC.2017.37\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPSAC.2017.37","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Spoofed E-Mail Countermeasure Method by Scoring the Reliability of DKIM Signature Using Communication Data
Recently, spoofed e-mails become sophisticated and the messages that cannot be identified by visual confirmation have been increasing. DKIM is one of the most famous methods as countermeasure of spoofed e-mail. However, since DKIM allows a signature by third party domains, a recipient server can be unable to determine whether the attached signature is the legitimate. To solve the problem, although a method using data of DKIM signature domain passed DKIM verification is proposed, this method only verifies the existence of the past deliveries, therefore it has an issue in reliability. To overcome the issue, in this paper, we propose a method to score the reliability of combinations of sender's Header-From domain and DKIM signature domain by analyzing fluctuation of the existence of e-mail delivery obtained from the past communication data. By utilizing this method, the recipients can obtain the reliability score for each message including spoofed e-mail which was uniformly verified successfully in the ordinary DKIM verification, and can utilize our mechanism to spoofed e-mails countermeasure system.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
