A behavior based algorithm to detect Spam bots

Zamil, Mohammed Fadhil; Manasrah, Ahmed M.; Amir, Omar; Ramadass, Sureswaran

doi:10.1109/cts.2010.5478477

Cited by 3 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are different methods used to detect spamming botnets, as presented in [4]. Most of them analyse the content of an email and then classify the messages.…”

Section: Introductionmentioning

confidence: 99%

Detection of Compromised Email Accounts Used by a Spam Botnet with Country Counting and Theoretical Geographical Travelling Speed Extracted from Metadata

Schäfer

2014

2014 IEEE International Symposium on Software Reliability Engineering Workshops

View full text Add to dashboard Cite

Seventy six percent of sent spam and phishing emails have their origins in botnets. They use compromised email accounts to send junk mail through other SMTP servers to their destinations. Commonly, research is focused on the rapid detection of compromised accounts to protect the integrity of other systems. One possible way to do this is to scan the email content or limit the amount of messages that can be sent from an IP address or an account during a specified time period. An anomaly is properly detected if the limit is reached or spam emails are identified. The objective of the presented research is to detect the anomaly with geo location and country counting without the knowledge of the email content. A second method, called Theoretical Geographical Travelling Speed, was developed to raise the detection rate without false negatives. The proposed method is seven times faster than the default rate limited to the detection of a compromised account.

show abstract

“…There are different methods used to detect spamming botnets, as presented in [4]. Most of them analyse the content of an email and then classify the messages.…”

Section: Introductionmentioning

confidence: 99%