| Along with the rapid development of computer network, E-mail system has beenwidely used, but at the same time, the emergence of spam is plagued by a lot of mailusers. This article discussed in the email directory harvest attack (DHA) caused by theuser’s legal leaked email address, the user harassed by junk mail, and it also increasedthe burden of mail server, serious consumes network resources, moreover is likely tobe the mail server of denial of service condition.Protocol vulnerabilities mainly by E-mail in this paper, introduced the concept ofE-mail directory harvest attack。Main work is as follows:(1) the analysis for the SMTP protocol security vulnerabilities caused by maildirectory harvest attack, about the detail, the principle and attack methods andintroduces the current defense method based on network traffic and based on theblacklist servers.(2)Proposed based on double threshold to lock and to determine specific corpusas a blacklist of defense strategy, mainly adopted by a simple bayesian algorithmcalculation of key combination attacker email determine joint probability formula, andUSES the IP address and mail user name as a double lock threshold.(3) of double threshold and to determine specific corpus of defense strategy forimplementation, achieve normal mail filtering and forwarding, and achieving theparsing and the mail filtering.(4) defense strategy for simulation test, the accuracy rate and recall rate as astandard of evaluation of test results, got the threshold set in the test and locking timeand comprehensiveness of corpus is the point of defence. |
PDF Full Text Request