Characterization and Analysis of Networks of SPAM Senders and Recipients
Abstract
The interaction between senders and receivers of electronic messages (emails) can be studied as a complex network of information exchange that represents the process of communication between people involved. This article characterizes the networks formed from this exchange of emails recorded in a log generated by the real filter spam from an email provider. The results show that typical metrics of complex networks, such as popularity and connectivity can be used to assist the identification of malicious users (spammers). We observed that few spammers have high popularity and high connectivity in the network. This characterizes users that can affect the performance of electronic mail service, disseminating large quantities of unwanted messages that are probably to be processed and discarded at their destination.References
C.E Shannon (1948). A Mathematical Theory of Communication. 27:379–423.
Dan Twining, Matthew M. Williamson, M. J. F. M. M. R. (2004). Email prioritization: reducing delays on legitimate mail caused by junk mail. In Distributed Computing Systems 2009 ICDCS ’09 29th IEEE International Conference on.
Easley, D. and Jon, K. (2009). Networks, Crowds, and Markets: Reasoning about a Highly Connected World. Cambridge University Press, 1nd edition.
Gomes, L. H., Almeida, R. B., Bettencourt, L. M. A., Almeida, V., and Almeida, J. M. (2005). Comparative Graph Theoretical Characterization of Networks of Spam and Legitimate Email. In Proceedings of the Second Conference on Email and Anti-Spam - CEAS 2005, Stanford, CA, USA. CEAS.
Gomes, L. H., Almeida, V. A. F., Almeida, J. M., Castro, F. D. O., , and Bettencourt, L. M. A. (2009). Quantifying Social And Opportunistic Behavior In Email Networks. Advances in Complex Systems, 12(1):99–112.
Gomes, L. H., Cazita, C., Almeida, J. M., Almeida, V., and Meira, J.W. (2007). Workload models of spam and legitimate e-mails. Perform. Eval., 64(7-8):690–714.
Gomes, L. H., Cazita, C., Almeida, J. M., Almeida, V., and Meira, Jr., W. (2004). Characterizing a Spam Traffic. In IMC ’04: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pages 356–369, New York, NY, USA. ACM.
Guerra, P. H. C., Guedes, D., Wagner Meira, J., Hoepers, C., Chaves, M. H. P. C., and Steding-Jessen, K. (2010). Exploring the spam arms race to characterize spam evolution.
In Proceedings of the 7th Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEAS), Redmond, WA.
IronPort Email and Web Security (2011). Cisco 2010 annual security report.
Li, F. and Hsieh, M.-H. (2006). An empirical study of clustering behavior of spammers and group-based anti-spam strategies. In CEAS’06.
M. E. J. Newman (2006). Power laws, Pareto distributions and Zipfs law. page 28. Department of Physics and Center for the Study of Complex Systems.
Message Labs (2011). Message labs intelligence.
NSS Labs (2010). Consumer anti-malware products group test report.
Nucleus Research (2007). Spam, the repeat offender.
Pathak, A., Jafri, S., and Hu, Y. (2009). The case for spam-aware high performance mail server architecture. In Distributed Computing Systems, 2009. ICDCS ’09. 29th IEEE International Conference on, pages 155 –164.
Project, T. A. S. (2010). Spamassassin.
Pu, C. and Webb, S. (2006). Observed trends in spam construction techniques: A case study of spam evolution. In CEAS.
Ramachandran, A. and Feamster, N. (2006). Understanding the network-level behavior of spammers. SIGCOMM Comput. Commun. Rev., 36:291–302.
Symantec (2011). State of spam e phishing-a monthly report. Technical report. Trend Micro (2007). InterScan Messaging Security Suite.
Dan Twining, Matthew M. Williamson, M. J. F. M. M. R. (2004). Email prioritization: reducing delays on legitimate mail caused by junk mail. In Distributed Computing Systems 2009 ICDCS ’09 29th IEEE International Conference on.
Easley, D. and Jon, K. (2009). Networks, Crowds, and Markets: Reasoning about a Highly Connected World. Cambridge University Press, 1nd edition.
Gomes, L. H., Almeida, R. B., Bettencourt, L. M. A., Almeida, V., and Almeida, J. M. (2005). Comparative Graph Theoretical Characterization of Networks of Spam and Legitimate Email. In Proceedings of the Second Conference on Email and Anti-Spam - CEAS 2005, Stanford, CA, USA. CEAS.
Gomes, L. H., Almeida, V. A. F., Almeida, J. M., Castro, F. D. O., , and Bettencourt, L. M. A. (2009). Quantifying Social And Opportunistic Behavior In Email Networks. Advances in Complex Systems, 12(1):99–112.
Gomes, L. H., Cazita, C., Almeida, J. M., Almeida, V., and Meira, J.W. (2007). Workload models of spam and legitimate e-mails. Perform. Eval., 64(7-8):690–714.
Gomes, L. H., Cazita, C., Almeida, J. M., Almeida, V., and Meira, Jr., W. (2004). Characterizing a Spam Traffic. In IMC ’04: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pages 356–369, New York, NY, USA. ACM.
Guerra, P. H. C., Guedes, D., Wagner Meira, J., Hoepers, C., Chaves, M. H. P. C., and Steding-Jessen, K. (2010). Exploring the spam arms race to characterize spam evolution.
In Proceedings of the 7th Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEAS), Redmond, WA.
IronPort Email and Web Security (2011). Cisco 2010 annual security report.
Li, F. and Hsieh, M.-H. (2006). An empirical study of clustering behavior of spammers and group-based anti-spam strategies. In CEAS’06.
M. E. J. Newman (2006). Power laws, Pareto distributions and Zipfs law. page 28. Department of Physics and Center for the Study of Complex Systems.
Message Labs (2011). Message labs intelligence.
NSS Labs (2010). Consumer anti-malware products group test report.
Nucleus Research (2007). Spam, the repeat offender.
Pathak, A., Jafri, S., and Hu, Y. (2009). The case for spam-aware high performance mail server architecture. In Distributed Computing Systems, 2009. ICDCS ’09. 29th IEEE International Conference on, pages 155 –164.
Project, T. A. S. (2010). Spamassassin.
Pu, C. and Webb, S. (2006). Observed trends in spam construction techniques: A case study of spam evolution. In CEAS.
Ramachandran, A. and Feamster, N. (2006). Understanding the network-level behavior of spammers. SIGCOMM Comput. Commun. Rev., 36:291–302.
Symantec (2011). State of spam e phishing-a monthly report. Technical report. Trend Micro (2007). InterScan Messaging Security Suite.
Published
2011-07-19
How to Cite
ALVES, Thaína Amélia de Oliveira; MARQUES-NETO, Humberto T..
Characterization and Analysis of Networks of SPAM Senders and Recipients. In: WORKSHOP ON PERFORMANCE OF COMPUTER AND COMMUNICATION SYSTEMS (WPERFORMANCE), 10. , 2011, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2011
.
p. 1939-1952.
ISSN 2595-6167.
