Email shape analysis for Spam Botnet detection

Sroufe, Paul; Phithakkitnukoon, Santi; Dantu, Ram and Cangussu, João (2009). Email shape analysis for Spam Botnet detection. In: IEEE Consumer Communications and Networking Conference (CCNC 2009), 10-13 Jan 2009, Las Vegas, Navada, USA.



Botnets have become the major sources of spamming, which generates massive unwanted traffic on networks. An effective detection mechanism can greatly mitigate the problem. In this paper, we present a novel botnet detection mechanism based on the email "shape" analysis that relies on neither content nor reputation analysis. Shape is our new way of characterizing an email by mimicking human visual inspection. A set of email shapes are derived and then used to generate a botnet signature. Our preliminary results show greater than 80% classification accuracy (without considering email content or reputation analysis). This work investigates the discriminatory power of email shape, for which we believe will be a significant complement to other existing techniques such as a network behavior analysis.

Viewing alternatives


Public Attention

Altmetrics from Altmetric

Number of Citations

Citations from Dimensions

Item Actions