Sroufe, Paul; Phithakkitnukoon, Santi; Dantu, Ram and Cangussu, João
Email shape analysis for Spam Botnet detection.
In: IEEE Consumer Communications and Networking Conference (CCNC 2009) , 10-13 January 2009, Las Vegas, Navada, USA.
Full text available as:
Botnets have become the major sources of spamming, which generates massive unwanted traffic on networks. An effective detection mechanism can greatly mitigate the problem. In this paper, we present a novel botnet detection mechanism based on the email "shape" analysis that relies on neither content nor reputation analysis. Shape is our new way of characterizing an email by mimicking human visual inspection. A set of email shapes are derived and then used to generate a botnet signature. Our preliminary results show greater than 80% classification accuracy (without considering email content or reputation analysis). This work investigates the discriminatory power of email shape, for which we believe will be a significant complement to other existing techniques such as a network behavior analysis.
Actions (login may be required)