One small step for a man
One Giant leap for the mankind

There is no wealth like Knowledge
                            No Poverty like Ignorance
Journal of Emerging Trends in Computing and Information Sciences Logo

Journal of Emerging Trends in Computing and Information Sciences >> Call for Papers Vol. 8 No. 3, March 2017

Journal of Emerging Trends in Computing and Information Sciences

Addressing Advanced Persistent Threats using Domainkeys Identified Mail (DKIM) and Sender Policy Framework (SPF)

Full Text Pdf Pdf
Author Yusuf Simon Enoch, Adebayo Kolawole John, Zirra B. Peter
ISSN 2079-8407
On Pages 60-67
Volume No. 6
Issue No. 1
Issue Date February 1, 2015
Publishing Date February 1, 2015
Keywords APTs, Attack, DKIM, Security, Phishing, SPF, Reconnaissance


Abstract

Securing an organization is an increasingly difficult challenge. Attacks are growing in complexity, and the rise of Advanced Persistent Threats (APTs), a type of targeted attack, has made organizations more aware of their vulnerability to attack. Companies have found themselves the target of APTs. APTs persistently collect information and data on a specific target using diverse techniques, examine the vulnerabilities of the target, and then carry out hacking using the data and examination result. An APT is very intelligent, as it selects a clear target and carries out specific attacks, this is unlike the traditional hacking attempts typified by experiences in the previous cyber-attacks which predominantly look to sniff for and steal credit card and other personal identify information. In this paper, we propose a tool that acts like an email gateway that monitors both inbound and outbound traffic for content, context and data integrity for both email and web communications. The proposed tool among other capabilities have the following abilities; inspect malicious web links and attachments in order to prevent initial infection, real time threat analysis capability, strong outbound web detection capabilities for detecting malicious behavior, ability to see inside encrypted traffic and attachment, strong endpoint data loss prevention capabilities to be able to see when most valuable data is leaving an organization. In developing the framework for the design of the proposed tool, the following approaches have been duly incorporated: (i) DKIM- an approach that uses a digital signature to authenticate domain names and the entire content of a message to demonstrate the sender’s legitimacy (ii) SPF - An approach that defines which machines are allowed to send mail on a network. The results revealed from exhaustive experiments conducted indicate that the proposed system is able to filter approximately 73% targeted attack.
Back

Seperator
    Journal of Computing | Call for Papers (CFP) | Journal Blog | Journal of Systems and Software | ARPN Journal of Science and Technology | International Journal of Health and Medical Sciences | International Journal of Economics, Finance and Management     
Copyrights
© 2015 Journal of Computing