Look out, McAfee; the next big cybersecurity software could be coming out of Israel. A group of researchers from Ben-Gurion University has published a new method for detecting malicious emails that they say outperforms 60 top-selling anti-virus programs.
Most anti-virus engines examine specific parts of email, such as attached files, as they look for malicious code that could disrupt a user’s computer if it were executed. It’s kind of like checking someone’s carry-on for contraband. While that’s the most logical place for a border guard to look, it’s hardly the only place a smuggler might hide something. Current anti-virus software misses key areas in email that are increasingly likely to carry bad code.
“Existing email analysis solutions only analyze specific email elements using rule-based methods, and don’t analyze other important parts,” Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, said in a press release. For instance, the number and size of attachments is a typical giveaway of a suspicious email, as is the number of recipients, since most email attackers are seeking the largest number of potential victims. But those aren’t the only indicators.
Led by Aviad Cohen, a Ph.D. student and researcher at the BGU Malware Lab, the researchers took 33,142 emails, about one-third of which were malicious, and applied various machine-learning methodologies to find common indicators of bad email that popular virus-detecting software packages such as Kaspersky, McAfee, and BitDefender missed. They dubbed the resulting tool Email-Sec-360°.
Ben-Gurion University researchers compared their detection model to 60 industry-leading antivirus engines as well as previous research, and found their system outperformed the next best antivirus engine by 13 percent — significantly better than such products including Kaspersky, McAfee and Avast. CREDIT: Ben-Gurion U. cyber@bgu.
“The results show that malicious emails can be detected effectively when using our novel features with machine learning algorithms. Moreover, our novel features enhance the detection of malicious emails when used in conjunction with features suggested by related work,” the researchers write in their paper.
@ 2018 By National Journal Group, Inc. All rights reserved.
Distributed by Tribune Content Agency, LLC.