A huge diversity of approaches is in use to deal with network security and spam in particular. In this paper, we focus on a relatively new approach whose foundations rely on the works of A. Kolmogorov. The main idea is to give a formal meaning to “information content” and to use it to measure in some sense the deviation with regard to standard behaviour. We apply this kind of method to detect spam email, which is a well-known disease for mail client. To validate our approach, we have implemented a k-nearest neighbors algorithm which could easily become a plug-in for an open source mail client. Despite its strong theoretical basis, Kolmogorov’s works give rise to very simple practical applications, easy to implement and with surprisingly accurate results.
F. Faure, M. Lopusniac, Gilles Richard, Muhammad F