Title :
A Behavior-Based Detection Approach to Mass-Mailing Host
Author :
Zhang, Jian ; Du, Zhen-Hua ; Liu, Wei
Author_Institution :
Nankai Univ., Tianjin
Abstract :
Mass-mailing threats have made a serious impact on the Internet. These junk mails consume valuable network resources and possibly are used as carriers for virus/worms, trojans, phishing and DDoS attacks. Through an analysis of a number of mass-mailing spams collected from ISPs (Internet Service Provider), this paper is focused on fundamental mailing behaviors and mail header of mass-mailing spam, it also puts forward a new approach to detecting abnormal host by mining mailing traffic data using the theory of decision trees. The approach can suppress and stop distribution of mass-mailing threats on the Internet. The experiment to apply it to mailing traffic data captured at ISPs indicates that the accuracy rate can be 99% with this approach.
Keywords :
Bayes methods; Internet; data mining; decision trees; invasive software; probability; unsolicited e-mail; Bayesian inference method; Internet Service Provider; abnormal host detection; behavior-based detection approach; decision trees; junk mails; mailing traffic data mining; mass-mailing spams; mass-mailing threats; mass-mailing worm infection probability; Computer worms; Cybernetics; Data mining; Decision trees; Educational institutions; Electronic mail; Internet; Machine learning; Postal services; Unsolicited electronic mail; Behavior-based; Decision trees; Mass-mailing threats; SMTP; Spam; Worm;
Conference_Titel :
Machine Learning and Cybernetics, 2007 International Conference on
Conference_Location :
Hong Kong
Print_ISBN :
978-1-4244-0973-0
Electronic_ISBN :
978-1-4244-0973-0
DOI :
10.1109/ICMLC.2007.4370498
