SIPS: a stateful and flow-based intrusion prevention system for email applications

Authors:
Bo-Chao Cheng;Ming-Jen Chen;Yuan-Sun Chu;Andrew Chen;Sujadi Yap;Kuo-Pao Fan
Affiliations:
Dept. of Electronic Engineering, National Chung-Cheng University, Taiwan;Dept. of Electronic Engineering, National Chung-Cheng University, Taiwan;Dept. of Electronic Engineering, National Chung-Cheng University, Taiwan;Dept. of Electronic Engineering, National Chung-Cheng University, Taiwan;Dept. of Electronic Engineering, National Chung-Cheng University, Taiwan;Industrial Technology Research Institute of Taiwan
Venue:
NPC'07 Proceedings of the 2007 IFIP international conference on Network and parallel computing
Year:
2007

Citing 1
Cited 2

E-mail bombs and countermeasures: cyber attacks on availability and brand integrity

IEEE Network: The Magazine of Global Internetworking

Detecting Spam at the Network Level

EUNICE '09 Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop on The Internet of the Future
Filtering spam from bad neighborhoods

International Journal of Network Management

Quantified Score

Hi-index	0.01

Visualization

Abstract

In the fast-growing internet applications, email becomes more and more important in communication. SMTP attacks and spam have become one of the most serious problems. Particularly, the SMTP attacks and spam varies on email, for example spoofing address, illegal characters, sending in bulk, too many SMTP commands and so on. A single security technique is not enough to protect the system from these attacks and spam. In this paper, we propose a SMTP Intrusion Prevention System (SIPS) which bases on the concept of Stateful Protocol Anomaly Detection and Flow-based Inspection. SIPS is implemented by a finite state machine to inspect all coming email flows. It is according to the media type of email flow and their characteristics. On the test of a real email environment, our approach can prevent attacks on SMTP attack (mail bomb) average about 95.4% and spam average about 91.1%.