A behavior based algorithm to detect spam bots

Loading...
Thumbnail Image
Date
2009-06
Authors
Zamil, Mohammed Fadhil
Journal Title
Journal ISSN
Volume Title
Publisher
Universiti Sains Malaysia
Abstract
One of the major and recent serious problems on the networks is Spam. Spam refers to the abuse of electronic messaging system by sending unrequested bulk messages randomly. According to the previous researches Botnets are the main sources of spams. Botnet refers to a group of software called bots. The function of these bots is to run on several compromised computers autonomously and automatically. Spamming causes illegal consuming of network resources in general and mail system in particular. The objective of this research is to detect the source of spam on the network by detecting the abnormal behaviors that reflect spamming activities. This is performed by using a suitable algorithm that can identify the abnormal behaviors that related to the spam activity. Behavioralbased Spamming Detector (BSD) combines several behaviors of the spam bots at different stages including the behavior of spam resources preparing which is before the spam session when the spammers search for an open relay SMTP service to send e-mails through, and the behavior of spammers while connecting to the mail server. The proposed research method monitors the network traffic to detect malicious activities which are performed in groups and each group does the same activity. The relationship between the host behaviors that trigger suspicion is used to find out if there are any Spam bots or Botnet members on the network. The results due to experiments showed that the proposed method had 83.3% as detection rate with two false positive and negative cases.
Description
Keywords
Spam
Citation