Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CEAS
2004
Springer
2004
Springer
Stopping Spam by Extrusion Detection
End users are often unaware that their systems have been compromised and are being used to send bulk unsolicited email (spam). We show how automated processing of the email logs recorded on the “smarthost” provided by an ISP for their customer’s outgoing email can be used to detect this spam. The variability and obfuscation being employed by the spammers to avoid detection at the destination creates distinctive patterns that allow legitimate email traffic to be distinguished from spam at the source. Some relatively simple heuristics result in the detection of low numbers of “false positives” despite tuning to ensure few “false negatives”. The system is deployed at a major ISP and has considerably improved the “time-to-fix” for customers who are inadvertently relaying spam and, as a bonus, has proved very effective at detecting a number of recent email virus epidemics.
Real-time Traffic| Added | 01 Jul 2010 |
| Updated | 01 Jul 2010 |
| Type | Conference |
| Year | 2004 |
| Where | CEAS |
| Authors | Richard Clayton |
Comments (0)
Researcher Info
|
