An empirical study of behavioral characteristics of spammers: Findings and implications

  • Authors:
  • Zhenhai Duan;Kartik Gopalan;Xin Yuan

  • Affiliations:
  • Department of Computer Science, Florida State University, Tallahassee, FL 32306, USA;Department of Computer Science, State University of New York at Binghamton, Binghamton, NY 13850, USA;Department of Computer Science, Florida State University, Tallahassee, FL 32306, USA

  • Venue:
  • Computer Communications
  • Year:
  • 2011

Quantified Score

Hi-index 0.25

Visualization

Abstract

In this paper we present a detailed study of the behavioral characteristics of spammers based on a two-month email trace collected at a large US university campus network. We analyze the behavioral characteristics of spammers that are critical to spam control, including the distributions of message senders, spam and non-spam messages by spam ratios; the statistics of spam messages from different spammers; the spam arrival patterns across the IP address space; and the active duration of spammers, among others. In addition, we also formally confirm an informal observation that spammers may hijack network prefixes in sending spam messages, by correlating the arrivals of spam messages with the BGP route updates of the corresponding networks. In this paper we present the detailed results of the measurement study; in addition, we also discuss the implications of the findings for the (content-independent) anti-spam efforts.