loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Lukáš Zobal 1 ; Dušan Kolář 2 and Jakub Křoustek 3

Affiliations: 1 Faculty of Information Technology, Brno University of Technology, Božetěchova 1/2, 612 00 Brno, Czech Republic ; 2 Faculty of Information Technology, IT4Innovations Centre of Excellence, Brno University of Technology, Božetěchova 1/2, 612 00 Brno, Czech Republic ; 3 Avast Software s.r.o., Pikrtova 1737/1A, 140 00 Prague, Czech Republic

Keyword(s): Spam, Honeypot, SMTP, E-mail, Malware, Cyber Threat Intelligence.

Abstract: Today, spam is a major attack vector hackers use to cause harm. Let it be through phishing or direct malicious attachments, e-mail can be used to steal credentials, distribute malware, or cause other illegal activities. Even nowadays, most users are unaware of such danger, and it is the responsibility of the cybersecurity community to protect them. To do that, we need tools to gain proper threat intelligence in the e-mail cyber landscape. In this work, we show how an e-mail honeypot requiring authentication can be used to monitor current e-mail threats. We study how such honeypot performs in place of an open relay server. The results show this kind of solution provides a powerful tool to collect fresh malicious samples spreading in the wild. We present a framework we built around this solution and show how its users are automatically notified about unknown threats. Further, we perform analysis of the data collected and present a view on the threats spreading in the recent months as c aptured by this authentication-requiring e-mail honeypot. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.141

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Zobal, L., Kolář, D. and Křoustek, J. (2020). Exploring Current E-mail Cyber Threats using Authenticated SMTP Honeypot. In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-446-6; ISSN 2184-7711, SciTePress, pages 253-262. DOI: 10.5220/0009591002530262

@conference{secrypt20,
author={Lukáš Zobal and Dušan Kolá\v{r} and Jakub K\v{r}oustek},
title={Exploring Current E-mail Cyber Threats using Authenticated SMTP Honeypot},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2020},
pages={253-262},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009591002530262},
isbn={978-989-758-446-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Exploring Current E-mail Cyber Threats using Authenticated SMTP Honeypot
SN - 978-989-758-446-6
IS - 2184-7711
AU - Zobal, L.
AU - Kolář, D.
AU - Křoustek, J.
PY - 2020
SP - 253
EP - 262
DO - 10.5220/0009591002530262
PB - SciTePress