|
Massive outbreaks which distribute spam,
phishing, and email-borne viruses or worms, consist of many
millions of messages intentionally composed differently in
order to evade commonly-used filters. Nonetheless, all messages
within the same outbreak share at least one and often more
than one unique, identifiable value which can be used to distinguish
the outbreak.
Recurrent Pattern Detection (RPD) technology
detects and classifies all types of email-borne threat patterns
in real-time. RPD, extracts and then analyzes relevant message
patterns, which are used to identify massive emailborne outbreaks.
RPD classifies both distribution patterns and structure patterns
and the analysis results are stored in a vast warehouse of
classifications. In addition to identifying new threat patterns,
RPD is also used to modify or enhance classifications of already
identified message patterns.
RPD is designed to distinguish between the
distribution patterns of solicited bulk emails which represent
legitimate business correspondence, from those of unsolicited
bulk emails by applying a reverse analysis. The results of
this analysis are "bleached" message patterns belonging
to "good" messages such as popular newsletters,
mailing lists, etc.
The RPD technology is operated in a highly
scalable environment to deliver extremely high performance
rates by analyzing many millions of new patterns each day,
(24x7x365).
More information can be found in the
pdf (see right).
|
