作者: Yinglian Xie , Fang Yu , Kannan Achan
DOI:
关键词: Similarity (network science) 、 Property (programming) 、 Email spam 、 Identification (information) 、 Set (abstract data type) 、 Host (network) 、 Cluster analysis 、 Computer science 、 Computer security 、 Botnet 、 Data mining
摘要: Identification and prevention of email spam that originates from botnets may be performed by finding similarity in their host property behavior patterns using a set labeled data. Clustering models properties pertaining to previously identified appropriately tagged botnet hosts learned. Given data, each examined individually clustering model learned reflect upon selected properties. Once has been for every botnet, used look fit into profile. Such traffic can either discarded or subsequent analysis also profile preventing them launching other attacks. In addition, individual further clustered form superclusters, which help understand detect future