中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/86571
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41687128      線上人數 : 1662
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/86571


    題名: BEClookup:基於可疑網域分析之商務電子郵件詐騙偵測系統;BEClookup:A business email?compromise detection system based on suspicious domain analysis
    作者: 李烜旭;Lee, Hsuan-Hsu
    貢獻者: 資訊管理學系在職專班
    關鍵詞: 商務電子郵件詐騙;中間人攻擊;網域名稱;電子郵件日誌分析;ELK Stack;Business Email Compromise;Man-in-the-middle attack;Domain Name;Email log analysis;ELK Stack
    日期: 2021-07-27
    上傳時間: 2021-12-07 12:58:59 (UTC+8)
    出版者: 國立中央大學
    摘要: 現今企業之間使用電子郵件進行商業交易資訊的溝通,卻成為網路犯罪份子詐騙公司財務的方法之一。商務電子郵件詐騙(Business Email Compromise, BEC)就是駭客申請了極為相似的郵件網域名稱,利用不意察覺的特性進行中間人攻擊,然後發出電子郵件要求變更帳戶並進行匯款,成為企業財務損失的詐騙手法。為降低BEC詐騙的風險,本研究針對特定高風險財務會計人員的電子郵件日誌,使用ELK Stack(Elasticsearch, Logstashand, Kibana)處理後,比對郵件信任的網域列表,並設計以網域註冊時間與郵件主旨等為過濾條件,來偵測是否為可疑網域的BEC郵件。我們已完成系統雛型BEClookup並以某公司2020年1~12月的郵件日誌為測試,該公司約有3600個郵件帳號,接收4,078,525封外部郵件,檢測出3封假冒郵件網域要進行詐騙的商務電子郵件,其中有一封郵件偽造匯款帳戶預詐騙金額為127,217USD美金。;Corporations exchange commercial information via emails for convenience. However, it is also a channel of cybercriminals. Business Email Compromise (BEC) means hackers apply for a similar email domain name of a corporation and take the advantage of a similar domain name is hard to the identification. Then perform a man-in-the-middle attack to send a request email to change remittance, which becomes a fraud method. In order to mitigate the risk of Business Email Compromise, this study used ELK Stack(Elasticsearch, Logstash and Kibana)to process the email logs, we focus on high-risk financial accountants and use email subjects, registration time of domain name as comparison conditions to detect suspicious domain names in the papers. We have completed the prototype of the system called BEClookup and have made a trial run on one corporation from January to December 2020. There are around 3,600 email accounts and 4,078,525 external emails in the corporation during the period. We detected 3 BEC emails by this methodology. One of the emails fraudulent amounts is up to USD 127,217. The result indicates that this research can help corporations avoid financial loss.
    顯示於類別:[資訊管理學系碩士在職專班 ] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML103檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明