Internet Routing Architectures, Second Edition
Internet Routing Architectures, Second Edition
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
DMTP: Controlling spam through message delivery differentiation
Computer Networks: The International Journal of Computer and Telecommunications Networking
Exploiting network structure for proactive spam mitigation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Region-based BGP announcement filtering for improved BGP security
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
A collaboration-based autonomous reputation system for email services
INFOCOM'10 Proceedings of the 29th conference on Information communications
Detecting spammers with SNARE: spatio-temporal network-level automatic reputation engine
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
SpaDeS: Detecting spammers at the source network
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.25 |
In this paper we present a detailed study of the behavioral characteristics of spammers based on a two-month email trace collected at a large US university campus network. We analyze the behavioral characteristics of spammers that are critical to spam control, including the distributions of message senders, spam and non-spam messages by spam ratios; the statistics of spam messages from different spammers; the spam arrival patterns across the IP address space; and the active duration of spammers, among others. In addition, we also formally confirm an informal observation that spammers may hijack network prefixes in sending spam messages, by correlating the arrivals of spam messages with the BGP route updates of the corresponding networks. In this paper we present the detailed results of the measurement study; in addition, we also discuss the implications of the findings for the (content-independent) anti-spam efforts.