An Automated Framework for Command and Control Server Connection and Malicious Mail Detection

摘要

In recent Internet development, the amount of malware has increased significantly. There are more and more methods that hackers can use to infect personal computers to send spam mails, steal personal information, and launch Distributed Denial of Service (DDoS) attacks. This paper proposes a framework to strengthen security for users by integrating several online resources. The proposed framework can automatically prevent users from visiting malicious websites on the Internet Explorer browser. In addition, it can automatically detect the mail's source and attached files. Finally, if malware is connected to any Command and Control (C&C) servers, our framework is able to detect it by using an Application Programming Interface (API) hooking technique, and automatically kill it. By these methods, it will effectively restrain the scale of botnets and significantly reduce the risk of personal computers infection.