Cited By
View all- Deng LWei JLiang SWen YLiao X(2020)Review Spam Detection Based on Multi-dimensional FeaturesArtificial Intelligence and Mobile Services – AIMS 202010.1007/978-3-030-59605-7_9(106-123)Online publication date: 18-Sep-2020
Understanding the time-series behavioral characteristics of evolutionally advanced email spammers
Pages 71 - 80
Abstract
There are many anti-spam techniques available today. However, spammers evolve mass mailing techniques in order to circumvent these countermeasures. One example of such evolutionally advanced spammers is observed in email services offered by Japanese mobile phone service providers. Because they have been enforcing very strict anti-spam filters, commonly used mass mailing techniques such as spam botnets are becoming less effective, and spammers thus have to evolve their technologies. In order to understand such evolutionally advanced spam-sending hosts' behaviors, we collected and analyzed their traffic flow data retrieved at a backbone network in the real commercial network of one of the largest mobile phone service providers in Japan, which has over 30 million customers. In this paper, we first show that many of the existing anti-spam techniques are not effective against advanced spammers, and then reveal that such advanced spammers have distinctive time-series behavioral characteristics that have the potential to be exploited in developing new mitigation techniques and predicting their behavior in the future.
References
[1]
Google Inc. Google Gmail - Top 10 reasons to use Gmail - About Gmail - Google. http://mail.google.com/mail/help/intl/en/about.html.
[2]
Microsoft Corporation. Get started with Hotmail - All your email and contacts in one place. http://windows.microsoft.com/en-us/Hotmail/get-started
[3]
Telecommunications Consumer Policy Division, Telecommunications Bureau, Ministry of Internal Affairs and Communications. Important Legal Matters concerning the Introduction of Outbound Port 25 Blocking by an ISP. http://www.soumu.go.jp/main_sosiki/joho_tsusin/d_syohi/pdf/op25b-e.pdf.
[4]
Pelleg, D. and Moore, A. W. 2000. X-means: Extending K-means with Efficient Estimation of the Number of Clusters. Seventeenth International Conference on Machine Learning, pp. 727--734, 2000
[5]
SpamAssassin. The Apache SpamAssassin Project. http://spamassassin.apache.org/index.html.
[6]
Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1. http://www.ietf.org/rfc/rfc4408.txt.
[7]
Sender ID: Authenticating E-Mail. http://www.ietf.org/rfc/rfc4406.txt.
[8]
The Spamhaus Project Ltd. The Spamhaus Project. http://www.spamhaus.org/dnsbl_function.html.
[9]
Barracuda Networks Inc. BarracudaCentral.org - Technical Insight for Security Pros. http://www.barracudacentral.org/.
[10]
Asami, H. Study Report of an Anti-spam System with a 99% Block Rate - The Selective SMTP Rejection (S25R) System. http://www.gabacho-net.jp/en/anti-spam/paper.html.
[11]
Husna, H., Phithakkitnukoon, S., Palla, S., and Dantu, R. 2008. Behavior Analysis of Spam Botnets. 3rd International Conference on Communication Systems Software and Middleware and Workshops. COMSWARE 2008, pp. 246--253, Jan. 6-10, 2008.
[12]
Tang, Y., Krasser, S., He, Y., Yang. W., and Alperovitch, D. 2008. Support Vector Machines and Random Forests. Modeling for Spam Senders Behavior Analysis. Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE, pp. 1--5, Nov. 30, 2008-Dec. 4, 2008.
[13]
Zhang, C.M. and Paxson, V. 2012. Detecting and Analyzing Automated Activity on Twitter. Proceedings of the 12th International Conference on Passive and Active Measurement, pp. 102--111, March 20-22, 2011.
[14]
MaxMind, Inc. IP Geolocation and Online Fraud Prevention | MaxMind. http://www.maxmind.com/
[15]
Internet Initiative Japan Inc. Statistics of Spam Messages. http://www.iij.ad.jp/en/company/development/iir/pdf/iir_vol15_EN.pdf.
[16]
The Spamhaus Project Ltd. The Spamhaus Project - Effective Spam Filtering. http://www.spamhaus.org/whitepapers/effective_filtering/.
[17]
RFC3954: Cisco Systems NetFlow Services Export Version 9. http://tools.ietf.org/html/rfc3954.
[18]
RFC3176: InMon Corporation's sFlow: A Method for Monitoring Traffic in Switched and Routed Networks. http://tools.ietf.org/html/rfc3176.
[19]
Yamada, Y., Yamagishi, A., and Katsumi, T. B. A Comparative Study of the Information Security Policies of Japan and the United States. http://infosecmgmt.pro/sites/default/files/us-japan_information_security_comparison_4_yamada.pdf.
[20]
KDDI Corporation.au. http://www.au.kddi.com.
Index Terms
- Understanding the time-series behavioral characteristics of evolutionally advanced email spammers
Recommendations
An empirical study of behavioral characteristics of spammers: Findings and implications
In this paper we present a detailed study of the behavioral characteristics of spammers based on a two-month email trace collected at a large US university campus network. We analyze the behavioral characteristics of spammers that are critical to spam ...
Understanding the network-level behavior of spammers
SIGCOMM '06: Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communicationsThis paper studies the network-level behavior of spammers, including: IP address ranges that send the most spam, common spamming modes (e.g., BGP route hijacking, bots), how persistent across time each spamming host is, and characteristics of spamming ...
Toward understanding the cliques of opinion spammers with social network analysis
ASONAM '16: Proceedings of the 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and MiningConsumer generated product reviews are considered as more persuasive than commercial advertising, and are now an important message source to make purchase decision. Nevertheless, firms may purposely hire spammers to create fake reviews to promote their ...
Comments
Information & Contributors
Information
Published In
October 2012
116 pages
ISBN:9781450316644
DOI:10.1145/2381896
- General Chair:
- Ting Yu,
- Program Chairs:
- V. N. Venkatakrishan,
- Apu Kapadia
Copyright © 2012 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 19 October 2012
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
CCS'12
Sponsor:
CCS'12: the ACM Conference on Computer and Communications Security
October 19, 2012
North Carolina, Raleigh, USA
Acceptance Rates
AISec '12 Paper Acceptance Rate 10 of 24 submissions, 42%;
Overall Acceptance Rate 94 of 231 submissions, 41%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 223Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 28 Jan 2025
Other Metrics
Citations
Cited By
View all- Deng LWei JLiang SWen YLiao X(2020)Review Spam Detection Based on Multi-dimensional FeaturesArtificial Intelligence and Mobile Services – AIMS 202010.1007/978-3-030-59605-7_9(106-123)Online publication date: 18-Sep-2020
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in