Security Monitoring Technological Approach for Spear Phishing Detection

摘要

Recently, security accidents due to intelligent attacks such as (APT, Advanced Persistent Threat) attacks have been widely occurring in various industries. Spear-phishing using e-mail is mainly used because it is necessary to enter an internal system or a network in order for such a targeted APT attack to be successful. Most organizations build and operate e-mail exclusive use security systems, but since they rely on dynamic analysis of attachments or blacklist-based detection, normal link-style spear phishing attacks in various texts may be bypassed. Therefore, as we cannot say that the existing security control system based on e-mail security solution is effective, this study is going to examine the problem current e-mail security solution and present an improved proposal model based on security control.