A security analysis of email communications

The objective of this report is to analyse the security and privacy risks of email communications and identify technical countermeasures capable of mitigating them effectively. In order to do so, the report analyses from a technical point of view the core set of communication protocols and standards that support email communications in order to identify and understand the existing security and privacy vulnerabilities. On the basis of this analysis, the report identifies and analyses technical countermeasures, in the form of newer standards, protocols and tools, aimed at ensuring a better protection of the security and privacy of email communications. The practical implementation of each countermeasure is evaluated in order to understand its limitations and identify potential technical and organisational constrains that could limit its effectiveness in practice. The outcome of the above mentioned analysis is a set of recommendations regarding technical and organisational measures that when combined properly have the potential of more effectively mitigating the privacy and security risks of today's email communications.JRC.G.6-Digital Citizen Securit

A New Approach to Enhance E-mail Performance through POP3 Protocol

E-mail system has become the most popular computer based method used to send and receive E-mail messages between the network clients inside or outside the local network

Collaborative intelligent email ranking system

Email has become one of the most powerful communication tools today. It is has widely proliferated in both business and personal use. It allows for fast communication between multiple parties that can be easily understood by even the most novice user, and allows for advanced transfer of data for power users. Even with that, it is one of the most abused systems on the Internet. Email systems have allowed for widespread distribution of the worst viruses on the Internet, causing billions of dollars in damage. Most of the technologies that have been deployed to prevent these types of attacks have been thwarted; A new email protocol is required to implement accreditation, authentication and reputation to overcome these issues. This new system is a combination of currently accepted systems, along with additions to make them more effective as a whole. This new system is called Collaborative Intelligent Email Ranking System (CIERS)

Harnessing Predictive Models for Assisting Network Forensic Investigations of DNS Tunnels

In recent times, DNS tunneling techniques have been used for malicious purposes, however network security mechanisms struggle to detect them. Network forensic analysis has been proven effective, but is slow and effort intensive as Network Forensics Analysis Tools struggle to deal with undocumented or new network tunneling techniques. In this paper, we present a machine learning approach, based on feature subsets of network traffic evidence, to aid forensic analysis through automating the inference of protocols carried within DNS tunneling techniques. We explore four network protocols, namely, HTTP, HTTPS, FTP, and POP3. Three features are extracted from the DNS tunneled traffic: IP packet length, DNS Query Name Entropy, and DNS Query Name Length. We benchmark the performance of four classification models, i.e., decision trees, support vector machines, k-nearest neighbours, and neural networks, on a data set of DNS tunneled traffic. Classification accuracy of 95% is achieved and the feature set reduces the original evidence data size by a factor of 74%. More importantly, our findings provide strong evidence that predictive modeling machine learning techniques can be used to identify network protocols within DNS tunneled traffic in real-time with high accuracy from a relatively small-sized feature-set, without necessarily infringing on privacy from the outset, nor having to collect complete DNS Tunneling sessions

Generic email connector for mobile devices

With today's technologies focus on mobility and portability, mobile networks suffer more and more from the increasing traffic load. This is due to the fact that millions of email servers are now prompting the network providers to notice their clients when emails are ready to be read using proprietary protocols like MS Exchange. This work improves our existing software connector model by giving the opportunity to use existing protocols such as IMAP, POP3 and so forth. Generic XML-based definition of both the client and the protocol of target system has been introduced. The implementation of a software solution has been done in order to illustrate the work follow of designing a connector based on the model