×

You are using an outdated browser Internet Explorer. It does not support some functions of the site.

Recommend that you install one of the following browsers: Firefox, Opera or Chrome.

Contacts:

+7 961 270-60-01
ivdon3@bk.ru

Analysis of corporate network traffic using SMTP protocol to detect malicious traffic

Abstract

Analysis of corporate network traffic using SMTP protocol to detect malicious traffic

Turaev S.E., Zakoldaev D.A.

Incoming article date: 16.02.2025

This article presents an analysis of corporate network traffic over the SMTP protocol to identify malicious traffic. The relevance of the study is driven by the increasing number of email-based attacks, such as the distribution of viruses, spam, and phishing messages. The objective of the work is to develop an algorithm for detecting malicious traffic that combines traditional analysis methods with modern machine learning approaches. The article describes the research stages: data collection, preprocessing, model training, algorithm testing, and effectiveness analysis. The data used were collected with the Wireshark tool and include SMTP logs, message headers, and attachments. The experimental results demonstrated high accuracy in detecting malicious traffic, confirming the potential of the proposed approach.

Keywords: SMTP, malicious traffic, network traffic analysis, email, machine learning, Wireshark, spam, phishing, classification algorithms