Detecting Spam Zombies by Monitoring Outgoing Messages

Duan, Zhenhai; Chen, P.; Sanchez, Fernando; Yang, Dong; Stephenson, Mark W.

doi:10.1109/infcom.2009.5062096

Cited by 21 publications

(16 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work by Duan [3] clarifies another strategy called SPOT that is gotten from an effective numerical factual instrument called SPRT. It gives a viable spam zombie recognition framework by analyzing active messages from a system.…”

Section: IImentioning

confidence: 99%

A Survey on Intrusion Finding Systems

Prachi¹

2017

International Journal of Recent Advancement in Engineering &Amp; Research

View full text Add to dashboard Cite

Abstract--In rapid systems interruptions are rising step by step utilizing diverse procedures. Interruption location techniques are likewise accessible in different ways. Interruptions can be identified utilizing diagrams, utilizing programs and so on. This paper clarifies a portion of the interruption recognition techniques Keywords-Spam zombies; Intrusion detection; attack graphs; cloud computing; DDoS I. INTRODUCTION Interruptions are those exercises that damage the security arrangements of a framework and interruption discovery frameworks are utilized to distinguish those interruptions. As the systems and new advancements are developing quick new interruptions are likewise presented step by step. In this way supervision of correspondence frameworks get more entangled. Interruptions are identified utilizing alarms. Connection of cautions is by utilizing their comparable traits, earlier information and relating vulnerabilities. Vulnerabilities are shortcoming in which an assailant can abuse that shortcoming and hence cause interruptions.Bargained machines are those machines which are influenced by vulnerabilities and these are one of the key security dangers on the web. A few disseminated Denial of Service assaults have demonstrated the need of better ensuring PCs and systems associated with the web. These systems comprise of defenseless PCs and these are the purpose behind an aggressor to assault a system. Fascinating data for the aggressor in these systems cause dissent of administrations.Appropriated Denial of Services has demonstrated the need of better securing PCs and systems associated with the system. These days numerous assault devices are accessible on the planet, so any individual with no profundity information of assault can be effectively assault a PC or a system. Whatever remains of the paper is composed as takes after: Section 2 displays the related work. Segment 3 portrays a portion of the location strategies, area 4 speaks to affirmation and last segment, segment 5 speaks to the finish of this paper by investigating the clarified techniques in segment 3. II.RELATED WORKS This segment gives a portion of the papers that are alluded for location techniques.The region of identifying noxious conduct has been investigated. The work by Duan [3] clarifies another strategy called SPOT that is gotten from an effective numerical factual instrument called SPRT. It gives a viable spam zombie recognition framework by analyzing active messages from a system.BotHunter [4] and BotSniffer [5] are other two strategy for identifying botnets in a system. Botnets are malwares that are set up utilizing a charge and control through channels that they are overhauled and coordinated.Ou et al. proposed MuLVAL [6], an assault chart device, which receives a rationale programming methodology and utilizations datalog dialect to display and break down the system. Utilizing this it is conceivable to get all the multihost, multistage assault ways.

show abstract

Section: IImentioning

confidence: 99%

A Survey on Intrusion Finding Systems

Prachi¹

2017

International Journal of Recent Advancement in Engineering &Amp; Research

View full text Add to dashboard Cite

show abstract

“…SPOT system developed by Duan et al detects compromised machine by sequentially scanning outgoing messages. SPOT use sequential probability ratio test (SPRT) [4], it minimizes the expected number of observation to reach decision. SPRT is a statistical method; both the false positive and false negative probabilities can be bounded by user defined threshold.…”

Section: Related Workmentioning

confidence: 99%

Secure Intrusion Detection and Countermeasure Selection in Virtual System Using Idm

Sinju¹

2014

IJRET

View full text Add to dashboard Cite

In a virtual networked system where infrastructure is shared by more than one user security is a serious concern. Good network security protects a network in a manner that is consistent with its purpose and precautions must be taken when choosing a network provider for an organization. An attacker can enter into the system and compromise virtual machines and then exploit vulnerabilities. During the packet flow through the network experiences some delay. The existing intrusion detection processes incorrectly identify this delay as intruder's attack. This work is intended to efficiently identify the intruders in the case of congestion and find possible countermeasure using Intrusion detection manager (IDM) in virtual networked system. The Intruder Detector and Manager (IDM) algorithm detects and prevents the intruder entering into the network by maintaining tables and reconfigurable virtual network-based countermeasures in order to avoid the masquerading DDoS attacks. When this procedure is followed, IDM increases the throughput by preventing intruders and maintains the history of intruders.

show abstract

“…Accordingly, the resulting value of the statistical analysis operation is sent to the VS by the RMTA in the sender's domain. In our study, an effective spam zombie detection system named SPOT [27] is employed for the user rating. The SO that rates the mail users with the returning feedback information may resort to informing these users by blocking the hijacked or maliciously used accounts.…”

Section: Message Id Ip Address Of Authorized Last Validity Time Questmentioning

confidence: 99%

Stopping spam with sending session verification

Baran¹

2013

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Spam has become one of the most significant problems for Internet communication and users today. The traditional filtering methods and signature-based spam blocking systems that have come into prominence recently fall short, as statistics demonstrate that spam further mounts up day after day. In this study, a new method is recommended to block spam mails. In this recommended method, a mail sending session is verified during mail envelope communication by adding small attachments to the simple mail transfer protocol, so spam mails can be blocked before leaving the sender domain or relay machine. Additionally, hijacked user accounts are able to be detected by statistical filtering software support, and spam mails coming from these users can be blocked and the account owners can be informed. According to the test results, 99.4% of the spam mails were able to be stopped by the proposed method, and the false positive problem was able to be solved and a significant decrease in the false negative percentages was ensured.

show abstract

Detecting Spam Zombies by Monitoring Outgoing Messages

Cited by 21 publications

References 7 publications

A Survey on Intrusion Finding Systems

A Survey on Intrusion Finding Systems

Secure Intrusion Detection and Countermeasure Selection in Virtual System Using Idm

Stopping spam with sending session verification

Contact Info

Product

Resources

About