Spam Trapping System: Novel security framework to fight against spam botnets

Author

Derhab, Abdelouahid ; Bouras, Abdelaziz ; Bin Muhaya, Fahad ; Khan, Muhammad Khurram ; Yang Xiang

Author_Institution

Center of Excellence in Inf. Assurance (CoEIA), King Saud Univ., Riyadh, Saudi Arabia

fYear

2014

fDate

4-7 May 2014

Firstpage

467

Lastpage

471

Abstract

In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to tackle the issue of spam botnet detection. We add a new line of defense to the defense-in-depth model called the third line. This line is represented by a security framework, named the Spam Trapping System (STS) and adopts the prevent-then-detect approach to fight against spam botnets. The framework exploits the application sandboxing principle to prevent the spam from going out of the host and detect the corresponding malware bot. We show that the proposed framework can ensure better security against malware bots. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and computational cost in comparison to intrusion detection systems based on static and dynamic analysis.

Keywords

invasive software; program diagnostics; unsolicited e-mail; STS; airport check-in system; computational cost; defense-in-depth model; dynamic analysis; intrusion detection system; malware bot; prevent-then-detect approach; sandboxing principle; security framework; spam botnet detection; spam botnets; spam trapping system; static an analysis; warfare kill zone; Airports; Charge carrier processes; Cryptography; Malware; Unsolicited electronic mail;

fLanguage

English

Publisher

ieee

Conference_Titel

Telecommunications (ICT), 2014 21st International Conference on

Conference_Location

Lisbon

Print_ISBN

978-1-4799-5139-0

Type

conf

DOI

10.1109/ICT.2014.6845160

Filename

6845160