| 4/2021 - 13 |
Multi-Recipient E-mail Messages: Privacy Issues and Possible SolutionsSHEIKH, S. A.   , BANDAY, M. T. |
Extra paper information in    |
| Click to see author's profile in SCOPUS, IEEE Xplore, Web of Science |
Download PDF  (2,072 KB) | Citation | Downloads: 893 | Views: 1,764 |
Author keywords
electronic mail, information security, privacy, unified messaging, unsolicited electronic mail
References keywords
email(11), link(8), spam(6), smtp(6), mail(6), protocol(5), security(4), network(4), detection(4), approach(4)
Blue keywords are present in both the references section and the paper title.
About this article
Date of Publication: 2021-11-30
Volume 21, Issue 4, Year 2021, On page(s): 115 - 126
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2021.04013
Web of Science Accession Number: 000725107100013
SCOPUS ID: 85122251585
Abstract
Chain and multi-recipient e-mails pose significant security and privacy threats such as phishing and the spread of Trojan horses. They also increase the chances of receiving spam e-mails. E-mails sent to multiple recipients at a time result in unwanted exposure of e-mail address to multiple recipients. The recipients of chain e-mails may include spammers or e-mail addresses of users whose e-mail account or device may have been compromised, thereby, exposing all e-mail addresses to spammers. Forwarding or sending a multi-recipient e-mail in a chain further increases the exposure of e-mail addresses to spammers. This paper discusses chain e-mails, multi-recipient e-mails and crucial security and privacy threats they pose to legitimate e-mail user. It also discusses various possible mechanisms to mitigate these threats and investigates their effectiveness. This study proposes a novel technique to counter these security risks by enhancing the default behaviour of e-mail client, SMPT server and SMTP protocol. The proposed technique has been implemented in the Java programming language which showed promising results against unnecessary exposure of multiple e-mail addresses while sending an e-mail to multiple recipients. |
| References | | | Cited By «-- Click to see who has cited this paper |
| [1] F. A. Mir, M. T. Banday, "Control of spam: A comparative approach with special reference to India," Journal of Information Technology Law, vol. 19, no. 1, pp. 22-59, 2010. [CrossRef] [Web of Science Times Cited 2] [SCOPUS Times Cited 7] [2] R. Kaur, S. Singh, H. Kumar, "Rise of spam and compromised accounts in online social networks: A state-of-the-art review of different combating approaches," Journal of Network and Computer Applications, vol. 112, pp. 53-88, 2018. [CrossRef] [Web of Science Times Cited 34] [SCOPUS Times Cited 51] [3] D. Wang, D. Irani, and C. Pu., "Study on evolution of email spam over fifteen years," 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, Austin, TX, USA, 20-23 Oct. 2013. [CrossRef] [SCOPUS Times Cited 33] [4] Y. Y. Chen, S. Yong, A. Ishak. "Email hoax detection system using levenshtein distance method," Journal of Computers, vol. 9, no. 2, pp. 441-446, 2014. [CrossRef] [Web of Science Times Cited 6] [5] E. P. Sanz, J. M. G. Hidalgo, J. C. C. Perez, "Chapter 3 email spam filtering," Advances in Computers, Elsevier, vol 74, pp. 45-114, pp. 45-114, [CrossRef] [Web of Science Times Cited 17] [SCOPUS Times Cited 32] [6] E. J. Williams, J. Hinds, A. N. Joinson, "Exploring susceptibility to phishing in the workplace," International Journal of Human-Computer Studies, vol. 120, pp. 1-13, 2018. [CrossRef] [SCOPUS Times Cited 137] [7] I. AbdulNabi, Q. Yaseen, "Spam email detection using deep learning techniques," Procedia Computer Science, vol. 184, 2021. pp. 853-858, 2021. [CrossRef] [Web of Science Times Cited 41] [SCOPUS Times Cited 92] [8] Y. Kwaka, S. Leeb, A. Damianoc, A. Vishwanathd, "Why do users not report spear phishing emails?," Telematics and Informatics, Elsevier, vol. 48, 2020. [CrossRef] [Web of Science Times Cited 26] [SCOPUS Times Cited 43] [9] B. B. Gupta, K. Yadav, I. Razzak, K. Psannis, A. Castiglione, X. Chang, "A novel approach for phishing URLs detection using lexical based machine learning in a real-time environment," Computer Communications, vol. 175, pp. 47-57, 2021. [CrossRef] [Web of Science Times Cited 61] [SCOPUS Times Cited 120] [10] P. Voigt, A. Bussche, "The EU general data protection regulation (GDPR)- A practical guide," Springer International Publishing AG, pp. 201-217, 2017. [CrossRef] [11] C. M. Ryan, M. R. Obrien, "Method and system for forcing e-mail addresses into blind carbon copy ("BCC") to enforce privacy," US Patent no. US9015252B2, 2015 [12] P. Resnick., "Internet message format," RFC 2822, 2001. [Online] Available: Temporary on-line reference link removed - see the PDF document [13] A. Barth, D. Boneh, "Correcting privacy violations in blind-carbon-copy (BCC) encrypted email," 2005. [Online] Available: Temporary on-line reference link removed - see the PDF document [14] T. Haesevoets, D. D. Cremer, J. McGuire, "How the use of Cc, Bcc, forward, and rewrite in email communication impacts team dynamics," Computers in Human Behavior, vol. 112, 2020. [CrossRef] [Web of Science Times Cited 5] [SCOPUS Times Cited 4] [15] J. Schwenk, M. Brinkmann, D. Poddebniak, J. Muller, J. Somorovsky, S. Schinzel, "Mitigation of attacks on email end-to-end encryption," Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications, CCS '20, pp. 1647-1664, 2020. [CrossRef] [Web of Science Times Cited 7] [SCOPUS Times Cited 11] [16] J. Postel, "Simple mail transfer protocol," RFC 821, 1982. [Online] Available: Temporary on-line reference link removed - see the PDF document [17] J. Klensin, "Simple mail transfer protocol," RFC 5321, 2008. [Online] Available: Temporary on-line reference link removed - see the PDF document [18] R. Siemborski, A. Melnikov, "SMTP service extension for authentication," RFC 4954, 2007. [Online] Available: Temporary on-line reference link removed - see the PDF document [19] P. Hoffman, "SMTP Service Extension for Secure SMTP over Transport Layer Security," RFC 3207, 2002. [Online] Available: Temporary on-line reference link removed - see the PDF document [20] S. Kaushik, P. Ammann, D. Wijesekera, W. Winsborough, R. Ritchey, "A policy driven approach to email services," 5th IEEE International Workshop on Policies for Distributed Systems and Networks. Yorktown Heights. NY. USA, 2004. [CrossRef] [Web of Science Times Cited 3] [SCOPUS Times Cited 7] [21] M. H. Haggag, "Enhanced delivery through a smart SMTP client," The International Journal on Intelligent Cooperative Information, vol. 4, no. 1, pp. 112-124, 2004 [22] R. Braden, "T/TCP - TCP extensions for transactions functional specification," RFC 1644, 1994. [Online] Available: Temporary on-line reference link removed - see the PDF document [23] H. A. A. Bazar, S. Ramadass, O. Abuabdalla, "A new approach to enhance e-mail performance through SMTP protocol," IJCSNS International Journal of Computer Science and Network Security, vol. 8, no. 4, pp. 299-303, 2008 [24] A. Nand, T. L. Yu, "Mail servers with embedded data compression mechanisms," IEEE Computer Society, Proceedings of the Conference on Data Compression, vol. 1, pp. 566, 1998. [CrossRef] [Web of Science Times Cited 1] [25] R. Siemborski, A. Menon-Sen, "The post office protocol (POP3)," RFC 5034, 2007,[Online] Available: Temporary on-line reference link removed - see the PDF document [26] R. Sureswaran, H. A. Bazar, O. Abouabdalla, A. M. Manasrah, H. El-Taj, "Active e-mail system SMTP protocol monitoring algorithm," 2nd IEEE International Conference on Broadband Network & Multimedia Technology, 2009. [CrossRef] [SCOPUS Times Cited 22] [27] M. Karamollahi, C. Williamson, "Characterization of IMAPS email traffic," IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems, Rennes, France, 2019. [CrossRef] [Web of Science Times Cited 2] [SCOPUS Times Cited 3] [28] R. Nayak, S. A. Jiwani, B. Rajitham, "Spam email detection using machine learning algorithm," Materials Today: Proceedings, April 2021. [CrossRef] [29] A. Bhardwaj S. Goundar, "Security challenges for cloud-based email infrastructure," Network Security, vol. 2017, no.11, pp. 8-15, 2017. [CrossRef] [SCOPUS Times Cited 7] Web of Science® Citations for all references: 205 TCR SCOPUS® Citations for all references: 569 TCR Web of Science® Average Citations per reference: 7 ACR SCOPUS® Average Citations per reference: 19 ACR TCR = Total Citations for References / ACR = Average Citations per Reference We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more Citations for references updated on 2024-11-14 19:05 in 125 seconds. Note1: Web of Science® is a registered trademark of Clarivate Analytics. Note2: SCOPUS® is a registered trademark of Elsevier B.V. Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site. |
Copyright ©2001-2024
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.
