TRAP@NCI

Intrusion Detection System for Malicious Email: Technical Report

Kelly, Stephen (2017) Intrusion Detection System for Malicious Email: Technical Report. Undergraduate thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Bachelor of Science)
Download (1MB) | Preview

Abstract

Nowadays, users all around the world use email as their fundamental method to share information over the web. The network providers allow all types of email for the purpose of communication. During this transfer of information some malicious emails are received which can cause problems either at the server side or at the client side. In this project, we propose an intrusion detection system designed to detect these malicious emails.

In recent times, some of the most dangerous security threats against private user data at home and in the workplace is phishing. Phishing has become an extremely common form of cyber attack. It consists of defrauding people by luring them to fake websites where users unknowingly provide personal details such as login information and credit card details. These fraudsters appear as a trusted third party, like a well-known bank. The most common methods of phishing are done by email. Once these details are acquired they can be used in the practice of identity theft or credit card fraud. In the past, efforts have been made to stop these attacks by identifying phishing sites using plug-ins, but these efforts have been made in vain by emerging blocking techniques, which render them useless. There is an abundance of these types of attacks, so much so, that the everyday user will be in danger whether they know it or not. In this project we propose an Intrusion Detection System for identifying these types of malicious emails and root them to their source to evaluate. This will be made possible by using a data capture facility that will categorize a number of incoming emails as potentially malicious actions and an evaluation system that will send crawlers to websites related to these detected emails to determine their true intentions. By detecting malicious emails in incoming traffic, this filters a user’s inbox and removes the requirement of a user being trained in the practice of secure web browsing. As most users are not trained in this manner, this system will prove quite useful. The Intrusion Detection System (IDS) will detect malicious emails and ensure that all of the incoming emails/data is not harmful. When a malicious email is detected, the next step is to send crawlers to these phishing websites that are linked in these emails and also the website that it is trying to impersonate. An algorithm then strips both sites down and compares them using a scoring system for the difference between the two – ultimately deciding whether or not it is a phishing website. This Intrusion Detection System will be implemented into a photo sharing web application with email functionality.

Item Type: Thesis (Undergraduate)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software
Divisions: School of Computing > Bachelor of Science (Honours) in Computing
Depositing User: CAOIMHE NI MHAICIN
Date Deposited: 02 Nov 2017 15:45
Last Modified: 02 Nov 2017 15:45
URI: http://trap.ncirl.ie/id/eprint/2734

Actions (login required)

View Item View Item