A novel approach against E-mail attacks derived from user-awareness based techniques

TL;DR

This paper proposes a user-awareness based technique for detecting email attacks like spam and phishing, aiming to improve detection accuracy and reduce server load by leveraging user intelligence and background keyword analysis.

Contribution

It introduces a novel, user-centric approach that complements existing server-side methods to effectively identify various email threats with fewer false positives.

Findings

Effective detection of spam, phishing, and scam emails.

Reduced false positives compared to server-only methods.

Lower processing load on email servers.

Abstract

A large part of modern day communications are carried out through the medium of E-mails, especially corporate communications. More and more people are using E-mail for personal uses too. Companies also send notifications to their customers in E-mail. In fact, in the Multinational business scenario E-mail is the most convenient and sought-after method of communication. Important features of E-mail such as its speed, reliability, efficient storage options and a large number of added facilities make it highly popular among people from all sectors of business and society. But being largely popular has its negative aspects too. E-mails are the preferred medium for a large number of attacks over the internet. Some of the most popular attacks over the internet include spams, and phishing mails. Both spammers and phishers utilize E-mail services quite efficiently in spite of a large number of detection and prevention techniques already in place. Very few methods are actually good in detection/prevention of spam/phishing related mails but they have higher false positives. These techniques are implemented at the server and in addition to giving higher number of false positives, they add to the processing load on the server. This paper outlines a novel approach to detect not only spam, but also scams, phishing and advertisement related mails. In this method, we overcome the limitations of server-side detection techniques by utilizing some intelligence on the part of users. Keywords parsing, token separation and knowledge bases are used in the background to detect almost all E-mail attacks. The proposed methodology, if implemented, can help protect E-mail users from almost all kinds of unwanted mails with enhanced efficiency, reduced number of false positives while not increasing the load on E-mail servers.