E-mail bombs and countermeasures: cyber attacks on availability and brand integrity

Bass, T.; Freyre, A.; Gruber, Dave; Watt, G.

doi:10.1109/65.681925

Cited by 24 publications

(12 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the researches of e-mail bombs detection, Base et al [2,3] pointed out that to capture and minimize delivery of e-mail bombs by a rules-based filter and then block bombs in routers is the right method to use. Bass et al presented an e-mail bombs filter [3] that used a mathematical process of collecting e-mail statistics on the daily volume.…”

Section: E-mail Bombsmentioning

confidence: 99%

“…For example, a "bomber" sent over 24,000 messages to a university computer in one day [5] and the other hacker sent approximately 25,000 messages to a military unit within 8 h [2]. Preventing e-mail bombs are difficult [2,3], because there are many email bomb techniques employed by hackers, such as direct email spam, indirect e-mail spam, rejected e-mail spam, chain relay e-mail spam, mailing list spam [2], chain bombs, error message bombs, covert distribution channels, exploiting mail exploders and list servers, and automated attack tools [3].…”

Section: E-mail Bombsmentioning

confidence: 99%

See 1 more Smart Citation

An intelligent method to block e-mail bombs

Chang

2007

Appl Intell

View full text Add to dashboard Cite

It is hard to block e-mail bombs because they are usually sent by normal SMTP (Simple Mail Transfer Protocol) applications with fake mail sender addresses and IP addresses. Fortunately, original network packets contain real IP address information anyway. Collecting and analyzing these packet contents can help an administrator to realize where the e-mail bombs are coming from and block them. This article presents a simple method that uses a bandwidth manager device to collect and analyze packets to get e-mail bombs information as well as to block e-mail bomb source IP addresses in routers. In practical application experiences at the computer center in a university, this method blocked e-mail bombs simply and effectively. Furthermore, a fuzzy inference system was also designed to help identify e-mail bombs. Its fuzzy membership functions could be adapted using the fuzzy neural network learning method. In brief, the proposed method affords an automatic and adaptable alarm to find e-mail bombs.

show abstract

Section: E-mail Bombsmentioning

confidence: 99%

Section: E-mail Bombsmentioning

confidence: 99%

An intelligent method to block e-mail bombs

Chang

2007

Appl Intell

View full text Add to dashboard Cite

show abstract

“…Email "bombing" indicates to very mail sending over and over by an offender to a specific user [3,4] and to overcome Email Bombing, filtering Queued Email can be utilized dependent on the developed rule sets [11].…”

Section: Email Bombingmentioning

confidence: 99%

A Survey of Email Service; Attacks, Security Methods and Protocols

Al-Mashhadi¹,

Alabiech²

2017

IJCA

View full text Add to dashboard Cite

Email security becomes a sensitive case to study in the field of information security. From the most important security issues of network is how to secure Email from the threats that can be exposed of the security of massages by attackers. In addition, what are the techniques that can be using to secure the Email? Different solutions and several standards levels have been fashioned according to the last security requirements that enhance the Email security. Some of the current enhancements concentrate on keeping the exchange of data through Email in an integral and confident way. While the others concentrate on authenticating the sender and confirm that, client will not repudiate from his message. This paper will explain Email works and discuss different threats in Email Communication and several Email security solutions. This paper introduces several models and techniques utilized to fix and enhance the safety of Email systems.

show abstract

“…Some various attacks on SMTP protocol and characteristics of spam flow [10] are as following: Buffer Overrun, Partial Message Attack, Probing Behaviors, Email Bombs, and HELO commands DoS attacks.…”

Section: Introductionmentioning

confidence: 99%

SIPS: A Stateful and Flow-Based Intrusion Prevention System for Email Applications

Cheng

Chen

Chu

et al. 2007

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. In the fast-growing internet applications, email becomes more and more important in communication. SMTP attacks and spam have become one of the most serious problems. Particularly, the SMTP attacks and spam varies on email, for example spoofing address, illegal characters, sending in bulk, too many SMTP commands and so on. A single security technique is not enough to protect the system from these attacks and spam. In this paper, we propose a SMTP Intrusion Prevention System (SIPS) which bases on the concept of Stateful Protocol Anomaly Detection and Flow-based Inspection. SIPS is implemented by a finite state machine to inspect all coming email flows. It is according to the media type of email flow and their characteristics. On the test of a real email environment, our approach can prevent attacks on SMTP attack (mail bomb) average about 95.4% and spam average about 91.1%.

show abstract

E-mail bombs and countermeasures: cyber attacks on availability and brand integrity

Cited by 24 publications

References 10 publications

An intelligent method to block e-mail bombs

An intelligent method to block e-mail bombs

A Survey of Email Service; Attacks, Security Methods and Protocols

SIPS: A Stateful and Flow-Based Intrusion Prevention System for Email Applications

Contact Info

Product

Resources

About