{"title":"Restoration and audit of Internet e-mail based on TCP stream reassembling","authors":"W. Zhimin, J. Xiaolin","doi":"10.1109/ICCT.2003.1209100","DOIUrl":null,"url":null,"abstract":"With the ceaseless development of Internet/intranet application, Internet e-mail has become one of the most important ways for people and enterprises to communicate with each other. However, in enterprises, a great deal of sensitive data, such as product reports, statistic data, may be divulged through the mail system by the provocateur. So, checking the outgoing e-mail is an effective means to protect sensitive data in the enterprises. As a network application service, the e-mail is based on simple mail transfer protocol (SMTP). According to some defects exists in mail checking system nowadays, the technology of TCP stream reassembling is proposed to restore the whole e-mail text and attachment in this paper, and audit the completed e-mail file using MIME standard and improved pattern match algorithm. Finally, the framework of implementation is illustrated using Win Pcap library.","PeriodicalId":237858,"journal":{"name":"International Conference on Communication Technology Proceedings, 2003. ICCT 2003.","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Communication Technology Proceedings, 2003. ICCT 2003.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCT.2003.1209100","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
With the ceaseless development of Internet/intranet application, Internet e-mail has become one of the most important ways for people and enterprises to communicate with each other. However, in enterprises, a great deal of sensitive data, such as product reports, statistic data, may be divulged through the mail system by the provocateur. So, checking the outgoing e-mail is an effective means to protect sensitive data in the enterprises. As a network application service, the e-mail is based on simple mail transfer protocol (SMTP). According to some defects exists in mail checking system nowadays, the technology of TCP stream reassembling is proposed to restore the whole e-mail text and attachment in this paper, and audit the completed e-mail file using MIME standard and improved pattern match algorithm. Finally, the framework of implementation is illustrated using Win Pcap library.
随着Internet/intranet应用的不断发展,Internet电子邮件已成为人们与企业之间最重要的沟通方式之一。然而,在企业中,大量的敏感数据,如产品报告、统计数据等,可能会被不法分子通过邮件系统泄露出去。因此,检查外发邮件是保护企业敏感数据的有效手段。电子邮件作为一种网络应用服务,基于简单邮件传输协议SMTP (simple mail transfer protocol)。针对目前邮件检测系统存在的一些缺陷,本文提出了利用TCP流重组技术恢复邮件全文和附件,并采用MIME标准和改进的模式匹配算法对完整的邮件文件进行审计。最后,利用winpcap库对实现框架进行了说明。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
