Abstract
Various approaches are presented to solve the growing spam problem. However, most of these approaches are inflexible to adapt to spam dynamically. This paper proposes a novel approach to counter spam based on spam behavior recognition using Decision Tree learned from data maintained during transfer sessions. A classification is set up according to email transfer patterns enabling normal servers to detect malicious connections before mail body delivered, which contributes much to save network bandwidth wasted by spams. An integrated Anti-Spam framework is founded combining the Behavior Classification with a Bayesian classification. Experiments show that the Behavior Classification has high precision rate with acceptable recall rate considering its bandwidth saving feature. The integrated filter has a higher recall rate than either of the sub-modules, and the precision rate remains quite close to the Bayesian Classification.
This work was supported by the National Natural Science Foundation of China under the Grant No. 60575034.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Katakis, I., Grigorios Tsoumakas, I.V.: Email Mining: Emerging Techniques for Email Management. In: Web Data Management Practices: Emerging Techniques and Technologies, vol. 32, Idea Group Publishing, USA (2006)
Garcia, F.D., Hoepman, J.-H., van Nieuwenhuizen, J.: Spam Filter Analysis. In: Proc. 19th IFIP International Information Security Conference, WCC2004-SEC, Toulouse, France, Kluwer Academic Publishers, Dordrecht (2004)
Lueg, C.: Spam and anti-spam measures: A look at potential impacts. In: Proc. Informing Science and IT Education Conference, Pori, Finland, pp. 24–27 (2003)
Anti-Spam Technologies: Anti-Spam Technology Overview, http://e-com.ic.gc.ca/epic/Internet/inecic-ceac.nsf/en/gv00297e.html#3.4.3
Stolfo, S.J., Shlomo Hershkop, K.W., Nimeskern, O.: Emt/met: Systems for modeling and detecting errant email. In: Proc. DARPA Information Survivability Conference and Exposition, vol. 2, pp. 290–295 (2003)
Prasanna Desikan, J.S.: Analyzing network traffic to detect e-mail spamming. In: Proc. ICDM Workshop on Privacy and Security Aspects of Data Mining, Brighton, UK, pp. 67–76 (2004)
Qiu Xiaofeng, H.J., Ming, C.: Flow-based anti-spam. In: Proc. IEEE Workshop on IP Operations and Management, pp. 99–103 (2004)
Agrawal, B., Nitin Kumar, M.M.: Controlling spam emails at the routers. In: Proc. International Conference on Communications, Seoul, South Korea, vol. 3, pp. 1588–1592 (2005)
Tran, M.: Freebsd server anti-spam software using automated tcp connection control. Technical report, CAIA Technical Report 040326A (2004)
Forouzan, B.A., Gegan, S.C.: TCP/IP Protocol Suite. McGraw-Hill, New York (2000)
Liu, J., Yixin Zhong, Y.G., Wang, C.: Intelligent spam mail filtering system based on comprehensive information. In: Proc. 16th International Conference on Computer Communication, pp. 1237–1242 (2004)
Abbes, T., Adel Bouhoula, M.R.: Protocol analysis in intrusion detection using decision tree. In: Proc. International Conference on Information Technology: Coding and Computing, Las Vegas, Nevada, vol. 1, pp. 404–408 (2004)
Glossary:Open Rlay, http://www.viruslist.com/en/glossary?glossid=153949388
Mitchell, T.: Machine Learning. McGraw-Hill, New York (1997)
Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann, San Mateo (1993)
James P. Early, C.E.B., Rosenberg, C.: Behavioral authentication of server flows. In: Proc. 19th Annual Computer Security Applications Conference, Las Vegas, Nevada, pp. 46–55 (2003)
Zhang, Y.: Research and application of behavior recognition technology in anti-spam system. In: Master thesis of Beijing University of Posts and Telecommunications (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, X., Liu, J., Zhang, Y., Wang, C. (2006). Spam Behavior Recognition Based on Session Layer Data Mining. In: Wang, L., Jiao, L., Shi, G., Li, X., Liu, J. (eds) Fuzzy Systems and Knowledge Discovery. FSKD 2006. Lecture Notes in Computer Science(), vol 4223. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11881599_160
Download citation
DOI: https://doi.org/10.1007/11881599_160
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-45916-3
Online ISBN: 978-3-540-45917-0
eBook Packages: Computer ScienceComputer Science (R0)