摘要: This paper proposes a stateless open-digest spam fingerprinting at the packet level (layer 3) based on an algorithm Nilsimsa. Spam emails show several characteristics when viewed gateway level, which are suitable for fingerprinting: (a) content invariance and (b) recipient address dispersion. In this paper, Nilsimsa is adapted to support both fast email class estimation, per-packet basis. Email packets incrementally fingerprinted basis, without need reassembly. detection status tagged last of each email. in turn allows estimation (spam detection) receiving servers more effective handling inbound outbound (relayed) emails. The work presented focuses evaluating accuracy with consideration constraints processing byte streams over network, including reordering, fragmentation, overlapped bytes, different sizes, possibilities random addition attacks. Results that proposed packet-level can detect 100% similarity threshold set between 36 59. method gives 0% false positive true negative, equals performance attained full abstraction 7). shows classifying differentiate non-spam from high confidence viable control implementation middleboxes. Copyright © 2011 John Wiley & Sons, Ltd.
sci-hub.se 参考文章(23)
Matthew M. Williamson, Dan Twining, Maher Rahmouni, Miranda J. F. Mowbray, Email prioritization: reducing delays on legitimate mail caused by junk mail usenix annual technical conference. pp. 4- 4 ,(2004)
Richard Clayton, Stopping Spam by Extrusion Detection. conference on email and anti-spam. ,(2004)
Stefano Paraboschi, Sabrina De Capitani di Vimercati, Pierangela Samarati, Ernesto Damiani, An Open Digest-based Technique for Spam Detection. iasted international conference on parallel and distributed computing and systems. pp. 559- 564 ,(2004)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
M. A. Sirbu, Content-type header field for Internet messages RFC. ,vol. 1049, pp. 1- 8 ,(1988)
Steven T. Kirsch, Kenneth P. Kiraly, Electronic mail filtering system and methods ,(2000)
Muhammad N. Marsono, M. Watheq El-Kharashi, Fayez Gebali, Prioritized e-mail servicing to reduce non-spam delay and loss: a performance analysis International Journal of Network Management. ,vol. 18, pp. 323- 342 ,(2008) , 10.1002/NEM.664
M. E. J. Newman, Stephanie Forrest, Justin Balthrop, Email networks and the spread of computer viruses. Physical Review E. ,vol. 66, pp. 035101- ,(2002) , 10.1103/PHYSREVE.66.035101
Muhammad N. Marsono, M. Watheq El-Kharashi, Fayez Gebali, A spam rejection scheme during SMTP sessions based on layer-3 e-mail classification Journal of Network and Computer Applications. ,vol. 32, pp. 236- 257 ,(2009) , 10.1016/J.JNCA.2008.03.005
Muhammad N. Marsono, M. Watheq El-Kharashi, Fayez Gebali, Targeting spam control on middleboxes: Spam detection based on layer-3 e-mail content classification Computer Networks. ,vol. 53, pp. 835- 848 ,(2009) , 10.1016/J.COMNET.2008.11.012