{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T17:53:31Z","timestamp":1754157211533,"version":"3.41.2"},"reference-count":29,"publisher":"Emerald","issue":"7","license":[{"start":{"date-parts":[[2004,9,1]],"date-time":"2004-09-01T00:00:00Z","timestamp":1093996800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2004,9,1]]},"abstract":"New malicious e\u2010mails are created at the rate of thousands a year and pose a serious security threat. Especially, new, unseen Internet worms and virus often are arriving as e\u2010mail attachments. In this paper, Bayesian probabilistic network is examined to detect new malicious e\u2010mail viruses through anomaly detection. Experimental results show a better malicious e\u2010mail detection using Bayesian probabilistic networks. Managerial implications on how companies can protect their e\u2010mails and develop their own e\u2010mail security plan are addressed as well.<\/jats:p>","DOI":"10.1108\/02635570410550278","type":"journal-article","created":{"date-parts":[[2004,9,29]],"date-time":"2004-09-29T15:20:53Z","timestamp":1096471253000},"page":"613-623","source":"Crossref","is-referenced-by-count":27,"title":["Internet security: malicious e\u2010mails detection and protection"],"prefix":"10.1108","volume":"104","author":[{"given":"Shih","family":"Dong\u2010Her","sequence":"first","affiliation":[]},{"given":"Chiang","family":"Hsiu\u2010Sen","sequence":"additional","affiliation":[]},{"given":"Chan","family":"Chun\u2010Yuan","sequence":"additional","affiliation":[]},{"given":"Binshan","family":"Lin","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022021019450963200_b1","unstructured":"Arnold, W. and Tesauro, G. (2000), \u201cAutomatically generated Win32 heuristic virus detection\u201d, Proceedings of the 2000 International Virus Bulletin Conference,."},{"key":"key2022021019450963200_b2","doi-asserted-by":"crossref","unstructured":"Biermann, E., Cloete, E. and Venter, L.M. (2001), \u201cA comparison of intrusion detection systems\u201d, Computers & Security, Vol. 20 No. 8, pp. 676\u201083.","DOI":"10.1016\/S0167-4048(01)00806-9"},{"key":"key2022021019450963200_b3","doi-asserted-by":"crossref","unstructured":"Bishop, M. and Cheung, S. (1997), \u201cThe threat from the net\u201d, IEEE Spectrum, Vol. 38 No. 8, pp. 56\u201063.","DOI":"10.1109\/6.609475"},{"key":"key2022021019450963200_b4","doi-asserted-by":"crossref","unstructured":"Cannon, A.R. and Woszczynski, A.B. (2002), \u201cCrises and revolutions in information technology: lessons learned from Y2K\u201d, Industrial Management & Data Systems, Vol. 102 No. 6, pp. 318\u201024.","DOI":"10.1108\/02635570210432019"},{"key":"key2022021019450963200_b5","doi-asserted-by":"crossref","unstructured":"Chou, D.C., Yen, D.C., Lin, B. and Cheng, P.H\u2010L. (1999), \u201cCyberspace security management\u201d, Industrial Management & Data Systems, Vol. 99 No. 8, pp. 353\u201061.","DOI":"10.1108\/02635579910301793"},{"key":"key2022021019450963200_b6","doi-asserted-by":"crossref","unstructured":"Coulthard, A. and Vuori, T.A. (2002), \u201cComputer viruses: a quantitative analysis\u201d, Logistics Information Management, Vol. 15 Nos 5\/6, pp. 400\u20109.","DOI":"10.1108\/09576050210447091"},{"key":"key2022021019450963200_b7","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S.A. and Somayaji, A. (1997), \u201cComputer immunology\u201d, Communications of the ACM, Vol. 40 No. 10, pp. 88\u201096.","DOI":"10.1145\/262793.262811"},{"key":"key2022021019450963200_b8","doi-asserted-by":"crossref","unstructured":"Garber, L. (1999), \u201cMelissa virus creates a new type of threat\u201d, Computer, Vol. 32 No. 6, pp. 16\u201019.","DOI":"10.1109\/MC.1999.769438"},{"key":"key2022021019450963200_b9","unstructured":"Han, J. and Kamber, M. (2001), Data Mining Concepts and Techniques, Morgan Kaufmann, Los Altos, CA, pp. 284\u20107."},{"key":"key2022021019450963200_b10","doi-asserted-by":"crossref","unstructured":"Hubbard, J.C. and Forcht, K.A. (1998), \u201cComputer viruses: how companies can protect their systems\u201d, Industrial Management and Data Systems, Vol. 98 No. 1, pp. 12\u201016.","DOI":"10.1108\/02635579810199708"},{"key":"key2022021019450963200_b11","doi-asserted-by":"crossref","unstructured":"Hunt, T.V.R. (2002), \u201cIntrusion detection techniques and approaches\u201d, Computer Communications, Vol. 25 No. 15, pp. 1356\u201065.","DOI":"10.1016\/S0140-3664(02)00037-3"},{"key":"key2022021019450963200_b12","doi-asserted-by":"crossref","unstructured":"Ilgun, K., Kemmerer, A.A. and Porras, P.A. (1995), \u201cState transition analysis: a rule\u2010based intrusion detection system\u201d, IEEE Transactions on Software Engineering, Vol. 21 No. 3, pp. 181\u201099.","DOI":"10.1109\/32.372146"},{"key":"key2022021019450963200_b13","doi-asserted-by":"crossref","unstructured":"Lee, J.S., Hsiang, J. and Tsang, P.H. (1997), \u201cA generic virus detection agent on the Internet\u201d, System Sciences, Proceedings of the Thirtieth Hawaii International Conference, Vol. 4, pp. 210\u20109.","DOI":"10.1109\/HICSS.1997.663390"},{"key":"key2022021019450963200_b14","unstructured":"Lee, W., Stolfo, S. and Mok, K. (1999), \u201cA data mining framework for building intrusion detection models\u201d, paper presented at the IEEE Symposium on Security and Privacy, pp. 120\u201032."},{"key":"key2022021019450963200_b15","doi-asserted-by":"crossref","unstructured":"Luke, J. and Harris, C.J. (1999), \u201cThe application of CMAC based intelligent agents in the detection of previously unseen computer viruses\u201d, Proceedings 1999 International Conference on Information Intelligence and Systems, pp. 662\u20106.","DOI":"10.1109\/ICIIS.1999.810362"},{"key":"key2022021019450963200_b16","doi-asserted-by":"crossref","unstructured":"McGraw, G. and Morrisett, G. (2000), \u201cAttacking malicious code: report to the infosec research council\u201d, IEEE Software, Vol. 17 No. 5, pp. 33\u201041.","DOI":"10.1109\/52.877857"},{"key":"key2022021019450963200_b17","unstructured":"Mendenhall, W. and Beaver, R. (1994), Introduction to Probability and Statistics, Duxbury Press, North Scituate, MA."},{"key":"key2022021019450963200_b18","doi-asserted-by":"crossref","unstructured":"Mills, A. (1995), \u201cInadequate security encourages the thief\u201d, Industrial Management & Data Systems, Vol. 95 No. 2, pp. 3\u20105.","DOI":"10.1108\/02635579510082494"},{"key":"key2022021019450963200_b19","doi-asserted-by":"crossref","unstructured":"Okamoto, T. and Ishida, Y. (2002), \u201cAn analysis of a model of computer viruses spreading via electronic mail\u201d, Systems and Computers in Japan, Vol. 33 No. 14, pp. 81\u201090.","DOI":"10.1002\/scj.1178"},{"key":"key2022021019450963200_b20","unstructured":"Puttini, R., Marrakchi, Z. and Me, L. (2002), \u201cBayesian classification model for real\u2010time intrusion detection\u201d, paper presented at the 22nd International Workshop on Bayesian Inference and Maximum Entropy Methods in Science and Engineering (MAXENT'2002)."},{"key":"key2022021019450963200_b21","doi-asserted-by":"crossref","unstructured":"Salisbury, W.D., Pearson, R.A., Pearson, A.W. and Miller, D.W. (2001), \u201cPerceived security and World Wide Web purchase intention\u201d, Industrial Management & Data Systems, Vol. 101 No. 4, pp. 165\u201077.","DOI":"10.1108\/02635570110390071"},{"key":"key2022021019450963200_b22","unstructured":"Schultz, M.G., Eskin, E., Hershkop, S. and Stolfo, S.J. (2002), \u201cMET: an experimental system for malicious e\u2010mail tracking\u201d, Proceedings of the 2002 New Security Paradigms Workshop (NSPW\u20102002), Virginia Beach, pp. 1\u201012."},{"key":"key2022021019450963200_b23","unstructured":"Sebyala, A.A., Olukemi, T. and Sacks, L. (2002), \u201cActive platform security through intrusion detection using naive Bayesian network for anomaly detection\u201d, London Communications Symposium."},{"key":"key2022021019450963200_b24","unstructured":"Spafford, E.H. (1988), \u201cThe Internet worm program: an analysis\u201d, Tech. Report CSD\u2010TR\u2010823, Department of Computer Science, Purdue University."},{"key":"key2022021019450963200_b25","unstructured":"Symantec (1997), \u201cUnderstanding heuristics: symantec's bloodhound technology\u201d, Symantec White Paper Series, Vol. XXXIV."},{"key":"key2022021019450963200_b26","doi-asserted-by":"crossref","unstructured":"Tesauro, G., Kephart, J.O. and Sorkin, G.B. (1996), \u201cNeural networks for computer virus recognition\u201d, IEEE Expert, Vol. 11 No. 4, pp. 5\u20106.","DOI":"10.1109\/64.511768"},{"key":"key2022021019450963200_b27","unstructured":"White, S.R., Swimmer, M., Pring, E.J., Arnold, W.C., Chess, D.M. and Morar, J.F. (1999), \u201cAnatomy of a commercial\u2010grade immune system\u201d, IBM Research White Paper, available at: www.av.ibm.com\/ScientificPapers\/White\/Anatomy\/anatomy.html."},{"key":"key2022021019450963200_b28","unstructured":"Ye, N., Xu, M. and Emran, S.M. (2000), \u201cProbabilistic networks with undirected links for anomaly detection\u201d, Proc. of the 2000 IEEE, Workshop on Information Assurance and Security, NY, pp. 175\u20109."},{"key":"key2022021019450963200_b29","doi-asserted-by":"crossref","unstructured":"Zenkin, D. (2001), \u201cFighting against the invisible enemy\u201d, Computers & Security, Vol. 20 No. 1, pp. 316\u201021.","DOI":"10.1016\/S0167-4048(01)00407-2"}],"container-title":["Industrial Management & Data Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/02635570410550278","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/02635570410550278\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/02635570410550278\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T23:37:25Z","timestamp":1753400245000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/imds\/article\/104\/7\/613-623\/179798"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004,9,1]]},"references-count":29,"journal-issue":{"issue":"7","published-print":{"date-parts":[[2004,9,1]]}},"alternative-id":["10.1108\/02635570410550278"],"URL":"https:\/\/doi.org\/10.1108\/02635570410550278","relation":{},"ISSN":["0263-5577"],"issn-type":[{"type":"print","value":"0263-5577"}],"subject":[],"published":{"date-parts":[[2004,9,1]]}}}