基于多因素的邮箱安全检测模型  

Multi-factor based e-mail security detection model

在线阅读下载全文

作  者:李扬[1] 方勇 黄诚 刘亮 Li Yang;Fang Yong;Huang Cheng;Liu Liang(College of Electronics and Information Engineering,Sichuan University,Sichuan Chengdu 610065;College of Cybersecurity,Sichuan University,Sichuan Chengdu 610065)

机构地区:[1]四川大学电子信息学院,四川成都610065 [2]四川大学网络空间安全学院,四川成都610065

出  处:《网络空间安全》2018年第6期59-65,共7页Cyberspace Security

摘  要:针对缺乏中国域名电子邮箱安全检测研究的问题,设计了一种基于多因素电子邮箱安全性检测模型。首先,基于数据采集和域名筛选模块提取真实有效的不同类别域名数据;其次,基于多因素漏洞检测和数据分析模块检测SPF、DMARC、STARTTLS等电子邮箱安全扩展协议的实施情况。实验获取了18140个政府机构域名和2766个教育机构域名,其中25.5%的教育机构和4.50%的政府机构域名发布了有效SPF记录;仅7个教育机构和2个政府机构域名发布了有效DMARC记录;46.8%的教育机构和10.4%的政府机构域名支持STARTTLS扩展。A multi-factor based e-mail security detection model is designed to solve the problem of lack of Chinese domain name e-mail security detection research. Firstly, the real and effective domain datasets are obtained by data acquisition and domain name filtering and extraction. Secondly, based on multi-factor vulne such rab as ility SPF detection and data analysis module to detect the implementation of SMTP security extensions DMARC, STARTTLS. The experiment obtained 18140 government domains and 2766 educational institution domains, which 25.5% educational institutions and 4.50% government domains published valid SPF records. Only 7 educational institutions and 2 government domains published valid DMARC records. In addition, 46.8% of educational institutions and 10.4% of government domains support STARTTLS extensions.

关 键 词:电子邮箱伪造 SPF协议 DMARC协议 STARTTLS协议 电子邮箱安全 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象