A behavior based algorithm to detect spam bots
Loading...
Date
2009-06
Authors
Zamil, Mohammed Fadhil
Journal Title
Journal ISSN
Volume Title
Publisher
Universiti Sains Malaysia
Abstract
One of the major and recent serious problems on the networks is Spam. Spam
refers to the abuse of electronic messaging system by sending unrequested bulk
messages randomly. According to the previous researches Botnets are the main
sources of spams. Botnet refers to a group of software called bots. The function
of these bots is to run on several compromised computers autonomously and
automatically. Spamming causes illegal consuming of network resources in
general and mail system in particular. The objective of this research is to detect
the source of spam on the network by detecting the abnormal behaviors that
reflect spamming activities. This is performed by using a suitable algorithm that
can identify the abnormal behaviors that related to the spam activity. Behavioralbased
Spamming Detector (BSD) combines several behaviors of the spam bots at
different stages including the behavior of spam resources preparing which is
before the spam session when the spammers search for an open relay SMTP
service to send e-mails through, and the behavior of spammers while connecting
to the mail server. The proposed research method monitors the network traffic to
detect malicious activities which are performed in groups and each group does
the same activity. The relationship between the host behaviors that trigger
suspicion is used to find out if there are any Spam bots or Botnet members on the
network. The results due to experiments showed that the proposed method had
83.3% as detection rate with two false positive and negative cases.
Description
Keywords
Spam