Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
DNS performance and the effectiveness of caching
IEEE/ACM Transactions on Networking (TON)
Catching spam before it arrives: domain specific dynamic blacklists
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
binpac: a yacc for writing application protocol parsers
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
An effective defense against email spam laundering
Proceedings of the 13th ACM conference on Computer and communications security
Workload models of spam and legitimate e-mails
Performance Evaluation
Revealing botnet membership using DNSBL counter-intelligence
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Trinitya: distributed defense against transient spam-bots
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
Proceedings of the ninth international conference on Electronic commerce
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Using uncleanliness to predict future botnet addresses
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
A distributed content independent method for spam detection
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Exploiting network structure for proactive spam mitigation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
A pull-based e-mail architecture
Proceedings of the 2008 ACM symposium on Applied computing
Mining spam email to identify common origins for forensic application
Proceedings of the 2008 ACM symposium on Applied computing
Collaborative spam filtering with heterogeneous agents
Expert Systems with Applications: An International Journal
Thwarting E-mail Spam Laundering
ACM Transactions on Information and System Security (TISSEC)
Incorporating accountability into internet email
Proceedings of the 2009 ACM symposium on Applied Computing
Dynamics of Online Scam Hosting Infrastructure
PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Towards Proactive Spam Filtering (Extended Abstract)
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A survey of learning-based techniques of email spam filtering
Artificial Intelligence Review
A simple yet effective spam blocking method
Proceedings of the 2nd international conference on Security of information and networks
Botnet: classification, attacks, detection, tracing, and preventive measures
ICICIC '09 Proceedings of the 2009 Fourth International Conference on Innovative Computing, Information and Control
NSF: network-based spam filtering based on on-line blacklisting against spamming botnets
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
On the effectiveness of IP reputation for spam filtering
COMSNETS'10 Proceedings of the 2nd international conference on COMmunication systems and NETworks
On the potential of proactive domain blacklisting
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Detection of spam hosts and spam bots using network flow traffic modeling
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
StrobeLight: lightweight availability mapping and anomaly detection
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Using GMDH-based networks for improved spam detection and email feature analysis
Applied Soft Computing
Filtering spam from bad neighborhoods
International Journal of Network Management
Spam mitigation using spatio-temporal reputations from blacklist history
Proceedings of the 26th Annual Computer Security Applications Conference
Towards the effective temporal association mining of spam blacklists
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Enhanced Topic-based Vector Space Model for semantics-aware spam filtering
Expert Systems with Applications: An International Journal
Measurement and evaluation of a real world deployment of a challenge-response spam filter
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
A survey of emerging approaches to spam filtering
ACM Computing Surveys (CSUR)
Multilateral decisions for collaborative defense against unsolicited bulk e-mail
iTrust'06 Proceedings of the 4th international conference on Trust Management
Word sense disambiguation for spam filtering
Electronic Commerce Research and Applications
Populated IP addresses: classification and applications
Proceedings of the 2012 ACM conference on Computer and communications security
Crime scene investigation: SMS spam data analysis
Proceedings of the 2012 ACM conference on Internet measurement conference
Characterization of blacklists and tainted network traffic
PAM'13 Proceedings of the 14th international conference on Passive and Active Measurement
An empirical reexamination of global DNS behavior
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Reversing the effects of tokenisation attacks against content-based spam filters
International Journal of Security and Networks
SEC'13 Proceedings of the 22nd USENIX conference on Security
Journal of Network and Computer Applications
Hi-index | 0.00 |
This paper presents quantitative data about SMTP traffic to MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) based on packet traces taken in December 2000 and February 2004. These traces show that the volume of email has increased by 866% between 2000 and 2004. Local mail hosts utilizing black lists generated over 470,000 DNS lookups, which accounts for 14% of all DNS lookups that were observed on the border gateway of CSAIL on a given day in 2004. In comparison, DNS black list lookups accounted for merely 0.4% of lookups in December 2000. The distribution of the number of connections per remote spam source is Zipf-like in 2004, but not so in 2000. This suggests that black lists may be ineffective at fully stemming the tide of spam. We examined seven popular black lists and found that 80% of spam sources we identified are listed in some DNS black list. Some DNS black lists appear to be well-correlated with others, which should be considered when estimating the likelihood that a host is a spam source.