Message Analysis
Definition
Analyzing email or instant message content to detect unauthorized activity.
Synonyms: Electronic Message Analysis , and Email Or Messaging Analysis .Technique Overview
Email and messaging are frequently used to deliver malicious content to targets. These enterprise capabilities are used to deliver software exploits or social engineering tricks. If the recipient of a message trusts the sender, attackers can avoid escalating suspicion.
Emails and messages are also complex data structures. They contain files and links, and complex data encodings which vary region to region. Thus the defensive techniques used to analyze emails and messages are highly varied ranging from deep content analysis and execution to social network graph-style analytics to analyze trust or risk.
Technique Subclasses
There are 3 techniques in this category, Message Analysis.
| Name | ID | Definition | Synonyms |
|---|---|---|---|
| Message Analysis | D3-MA | Analyzing email or instant message content to detect unauthorized activity. | Electronic Message Analysis , and Email Or Messaging Analysis |
| - Sender MTA Reputation Analysis | D3-SMRA | Characterizing the reputation of mail transfer agents (MTA) to determine the security risk in emails. | |
| - Sender Reputation Analysis | D3-SRA | Ascertaining sender reputation based on information associated with a message (e.g. email/instant messaging). |