Preliminary Architecture and a Pilot Implementation for a Malicious Emails Detection Solution.

Cyber-attacks are one of the most common and dangerous actions that can affect the activity of a small business, when personal data or any other type of sensitive information are stolen. The aim of this paper is to present a preliminary architecture and a pilot implementation, created around a plug-in, that detects malicious emails. The main idea is to collect a series of emails with suspected malicious content, to use text mining techniques to identify the essential words in the emails, and to create classification models that the plug-in could use to detect malicious emails. The pilot implementation was tested on several emails both malicious and clean, the include plug-in being able to distinguish the emails that are a source of infection with a high degree of accuracy. The novelty of our work consists in the resulting efficient and easy to use tool, based on Machine Learning algorithms, appropriate in the environment of small enterprises.