NSF: Network-based spam filtering based on on-line blacklisting against spamming botnets

Byungseung Kim, Hyogon Kim, Saewoong Bahk

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Although many anti-spam techniques have been developed, they have difficulty in detecting spams whose contents are altered to evade detection and in tracking spammers that are comprised of botnets. There have been a few works to resolve these limitations, but most of them are not appropriate to be deployed at a gateway for online detection. In this paper, we find network-based characteristics that spammers cannot easily distort. Based on the characteristics, we develop an algorithm applying the metrics to a large volume of traffic in real time. The scheme is efficient enough to run at the ingress point as it only needs to inspect the transport information contained in TCP/IP headers of SMTP connections.

Original languageEnglish
Title of host publicationGLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference
DOIs
Publication statusPublished - 2009
Event2009 IEEE Global Telecommunications Conference, GLOBECOM 2009 - Honolulu, HI, United States
Duration: 2009 Nov 302009 Dec 4

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference

Other

Other2009 IEEE Global Telecommunications Conference, GLOBECOM 2009
CountryUnited States
CityHonolulu, HI
Period09/11/3009/12/4

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'NSF: Network-based spam filtering based on on-line blacklisting against spamming botnets'. Together they form a unique fingerprint.

Cite this