Illegal outgoing mailbox identification system, method, device and storage medium

An identification method and identification system technology, applied in the field of data mining, can solve problems such as increasing investigation time, reducing investigation accuracy, internal data leakage, etc., and achieve the effect of shortening investigation time and improving investigation accuracy

Active Publication Date: 2019-01-04
SF TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] It is common for enterprises to have internal data leakage incidents caused by outgoing emails; when investigating leakage incidents, the mailboxes of external legal senders such as customer mailboxes and supplier mailboxes will be confused The focus of the investigation, increasing the length of the investigation and reducing the accuracy of the investigation; currently there is no perfect private mailbox identification technology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Illegal outgoing mailbox identification system, method, device and storage medium
  • Illegal outgoing mailbox identification system, method, device and storage medium
  • Illegal outgoing mailbox identification system, method, device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] This embodiment provides a method for identifying an illegal outgoing mailbox, including the following steps:

[0045] S1, input the first feature information extracted according to at least one item of historical mail data between the internal mailbox and the outgoing mailbox, the post information of the corresponding user of the internal mailbox, and the attribute label information of the outgoing mailbox into the preset time period. The initial outgoing mailbox identification model is trained to obtain an outgoing mailbox identification model;

[0046] S2, extracting the second feature information according to at least one item of the mail data to be tested between the internal mailbox and the outgoing mailbox to be identified during the preset period, the position information of the user corresponding to the internal mailbox, and the attribute label information of the outgoing mailbox to be identified, The second feature information is input into the outgoing mailbo...

Embodiment 2

[0095] The same features of this embodiment and the first embodiment will not be repeated, and the different features of this embodiment and the first embodiment are:

[0096] This embodiment provides a method for identifying an illegal outgoing mailbox, including the following steps:

[0097] S1, input the first feature information extracted according to the historical mail data between the internal mailbox and the outgoing mailbox in a preset period and the attribute label information of the outgoing mailbox into a preset initial outgoing mailbox identification model to train an outgoing mailbox identification model ;

[0098] S2. Extract the second characteristic information according to the mail data to be tested between the internal mailbox and the outgoing mailbox to be identified during the preset period, and the attribute label information of the outgoing mailbox to be identified, and input the second characteristic information to the outgoing mailbox The identificati...

Embodiment 3

[0144] The same features of this embodiment and the first embodiment will not be repeated, and the different features of this embodiment and the first embodiment are:

[0145] In the specific steps of the identification method of this embodiment,

[0146] 2. According to the training data constructed by the features, establish a classifier for training and prediction.

[0147] (1) Case 1: If the positive and negative samples are unbalanced, and the legal outgoing mailboxes (customer mailboxes, supplier mailboxes, etc.) / private mailboxes are known to be greater than or equal to 0.7, the single-class (for example, oneclass svm) learning method is used to learn The logic of legal outgoing mailboxes (customer mailboxes, supplier mailboxes, etc.);

[0148] (2) Case 2: If the positive and negative samples are relatively balanced, and the legal outgoing mailboxes (customer mailboxes, supplier mailboxes, etc.) / private mailboxes are known to be less than 0.7, the classification model ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an identification system, a method, a device and a storage medium of an illegally outgoing mailbox. According to at least one of the mail data to be tested between the internal mailbox and the outgoing mailbox to be identify in the preset period, the position information of the user corresponding to the internal mailbox, attribute tag information of the outgoing mailbox tobe identified, second characteristic information is extracted, and the second characteristic information is input to the outgoing mailbox identification model to generate an identification result ofwhether the outgoing mailbox to be identified is legal or not. As the illegal outbound mailbox is identified by the method to effectively identify and supervise the illegal outgoing e-mail such as outgoing e-mails to private e-mail boxes of employees of enterprises, when investigating the data leakage event, the method of the invention can distinguish the mailboxes of the customers' mailboxes, thesuppliers' mailboxes and other external legal sending objects, and only the mailboxes which are not legally outsourced are pertinently investigated, the investigation emphasis is not confused, the investigation time is greatly shortened, and the investigation precision is improved.

Description

technical field [0001] The invention relates to the field of data mining, in particular to a system, method, device and storage medium for identifying illegal outgoing mailboxes. Background technique [0002] Enterprises commonly have internal data leakage incidents caused by outgoing emails; when investigating leakage incidents, the mailboxes of legitimate external recipients such as customer mailboxes and supplier mailboxes will confuse the focus of the investigation, increase the length of the investigation, and reduce the accuracy of the investigation; there is no perfect solution yet. private mailbox identification technology. SUMMARY OF THE INVENTION [0003] In order to solve the above technical problems, the purpose of the present invention is to provide a method, system and device for detecting abnormal user behavior. [0004] According to one aspect of the present invention, a method for identifying an illegal outgoing mailbox is provided, comprising the followi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/27G06F16/35G06Q10/10
CPCG06Q10/107G06F40/258G06F40/20
Inventor 马敏黄丽诗胡泽柱
Owner SF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap