Towards Proactive Spam Filtering (Extended Abstract)

Göbel, Jan; Holz, Thorsten; Trinius, Philipp

doi:10.1007/978-3-642-02918-9_3

Cited by 5 publications

(5 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An attacker would install a tool on compromised machines that can open chosen ports, port 8975 for SOCKS, turning it into a SOCKS proxy (Kaspersky Lab, 2016a). A network of such compromised machines can be used for spam distribution (Göbel, Holz, & Trinius, 2009). In this way, spam server blacklists can be circumvented (Ianelli & Hackworth, 2007), as the IP addresses of the compromised machines most likely do not appear on blacklists yet.…”

Section: Socksmentioning

confidence: 99%

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Hardeveld

Webber

O’Hara

2017

American Behavioral Scientist

View full text Add to dashboard Cite

This work presents an overview of some of the tools that cybercriminals employ in order to trade securely. It will look at the weaknesses of these tools and how the behaviour of cybercriminals will sometimes lead them to use tools in a non--optimal manner, creating opportunities for law enforcement to identify and apprehend them. The criminal domain this article focuses on is carding, the online trade in stolen payment card details and the consequent criminal misuse of such data. However, these findings could be applied more broadly, as many of the analysed tools are used across (cyber)criminal domains. This paper is a continuation of earlier work (van Hardeveld, Webber & O'Hara, 2016), in which a crime script analysis of 25 carding tutorials presented the tools that cybercriminals use to cash--out stolen payment card details while remaining anonymous. We use these tutorials and an analysis of the literature to identify how they can be used incorrectly and create a typology of potential behavioural and technological pitfalls in these tools. Finally, we conclude that finding pitfalls in the usage of tools by cybercriminals has the potential to increase the efficiency of disruption, interception and prevention approaches. However, in future work, interviews with law enforcement experts and convicted cybercriminals or still active users should be used to analyse the operational security of cybercriminals in more depth.

show abstract

Section: Socksmentioning

confidence: 99%

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Hardeveld

Webber

O’Hara

2017

American Behavioral Scientist

View full text Add to dashboard Cite

show abstract

“…Jan Gobal et al [98] have introduced a proactive approach for directly and efficiently collecting spam messages after the interaction with the controllers of spam botnets. The authors have executed spambots (malicious software responsible to send Email spam) in a controlled environment and collected all the Emails sent by those bots.…”

Section: Ieee Communications Surveys and Tutorials Accepted For Publicmentioning

confidence: 99%

A Comprehensive Study of Email Spam Botnet Detection

Khan

Muhaya

et al. 2015

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

The problem of Email spam has grown significantly over the past few years. It is not just a nuisance for users but also it is damaging for those who fall for scams and other attacks. This is due to the complexity intensification of Email spamming techniques which are advancing from traditional spamming (direct spamming) techniques to a more scalable, elusive and indirect approach of botnets for distributing Email spam messages. In this paper we first discuss the sources and architectures used by the spamming botnets for sending massive amount of email spam. Then we present detailed chronicles of spamming botnets which systematically describes the timeline of events and notable occurrences in the advancement of these spamming botnets. This paper also aims to represent a comprehensive analysis of particular Email spamming botnet detection techniques proposed in the literature. We attempt to categorize them according to both their nature of defense and method of detection, also revealing and comparing their advantages and disadvantages extensively. We also present a qualitative analysis of these techniques. Finally we summarize the future trends and challenges in detecting email spamming botnets.

show abstract

“…If the sender's Internet Protocol address is on a blacklist, the email is classified as spam; otherwise, it is known as ham and is sent straight to the recipient. When many domains are hosted on the same IP address, domain-based blacklists are implemented [26]. Domain-based blacklists are very uncommon and are also referred to as right-hand blacklists [25].…”

Section: B the Meaning Of The Term "Spam"mentioning

confidence: 99%

Advanced Spam Filtering in Electronic Mail Using Hybrid the Mini Batch K-Means Normalized Mutual Information Feature Elimination with Elephant Herding Optimization Technique

AL-Hawamleh

2023

IJCDS

View full text Add to dashboard Cite

The danger posed by spam is quickly becoming more widespread in today's online environment. It results in a loss of money for both the companies and the users. There have been a lot of clever ideas made to filter out spam. In the first section of this study, the topic of spam is discussed, along with its features, several categories of spam, Spam strategies, various forms of spam, the drawbacks of spam, spam filtering technologies, and the effects of spam letters. When a person is enrolled with social networking sites like Twitter, Facebook, and social job networking sites, spam is more likely to have a negative impact on their online experience. There are four different sorts of spam that may be sent. Usenet spam, instant messaging spam, mobile phone spam, and email spam are the four main types. The term "USENET spam" refers to the practice in which spammers distribute advertising over a large number of newsgroups simultaneously. Spammers make use of instant messaging platforms such as AIM, Windows Live Messenger, and MySpace chat rooms to get user information and then send unwanted messages to those users. The practice of sending unsolicited text messages to those who use mobile devices is known as mobile spam. Because of spam's noisy properties and the time constraints placed on its categorization, determining the optimal spam classification algorithm has become a laborious undertaking in and of itself. The selection of features is a very important part of the classification process since using the most accurate features possible produces the highest accuracy. Optimization techniques such as modified GA, improved RBNN, s-cuckoo search, and enhanced harmony search are introduced with linear, polynomial, and quadratic kernels of SVM for spam classification. This is done in order to achieve a high level of accuracy in spam classification. The Mini batch K-Means Normalized Mutual Information Feature Extraction (KNFE) with Elephant Herding Optimization is used in the first step of the process, which is referred to as feature selection, for the purpose of selecting the pertinent features (EHO). Following the selection of features, a Radial Bias Neural Network classifier will sort the emails into those that are spam and those that are valid. When it comes to the categorization of emails, modified optimization-based feature selection produces superior outcomes than the conventional genetic algorithm. The reproduction process comes after the crossing and the mutation, which is the reason why the improvement is possible. Therefore, there is no possibility of the issue of degradation occurring since the best answer developed by the present generation will be better than those developed in the past. However, genetic algorithms employ a random method to pick parameters. Because of this, they do not perform well in situations when the population size is low, the pace of change is fast, and the fitness function must be selected with great care. It is evident from the findings that the suggested approach to spam categorizatio...

show abstract

Towards Proactive Spam Filtering (Extended Abstract)

Cited by 5 publications

References 6 publications

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

Deviating From the Cybercriminal Script: Exploring Tools of Anonymity (Mis)Used by Carders on Cryptomarkets

A Comprehensive Study of Email Spam Botnet Detection

Advanced Spam Filtering in Electronic Mail Using Hybrid the Mini Batch K-Means Normalized Mutual Information Feature Elimination with Elephant Herding Optimization Technique

Contact Info

Product

Resources

About