SpamBands: uma Metodologia para Identificação de Fontes de Spam Agindo de Forma Orquestrada (SpamBands: a Methodology to Identify Sources of Spam Acting in Concert)

Elverton Fazzion (edutakeo@gmail.com)1, Osvaldo Fonseca1, Pedro Henrique B. Las Casas1, Dorgival Guedes1, Wagner Meira Jr1, Cristine Hoepers2, Klaus Steding Jessen2, Marcelo H. P. Chaves2


1Universidade Federal de Minas Gerais
2Centro de Estudos para Resposta e Tratamento de Incidentes de Segurança no Brasil

This paper appears in: Revista IEEE América Latina

Publication Date: June 2016
Volume: 14,   Issue: 6 
ISSN: 1548-0992


Abstract:
In 2012, estimates indicated that 68.8% of all e-mail traffic was spam, what suggests this is still a relevant problem. Recently, some works have focused on the analysis of spam's traffic inside the network, analyzing the protocols used and the AS which originate the traffic. However, those works usually do not consider the relationships between the machines used to send spam. Such an analysis could reveal how different machines may be used by a single spammer to spread his messages, helping us to understand their behavior. To that end, this work proposes a methodology to cluster the machines used by spammers based on the concept of spam campaigns. The groups identified were characterized to identify different aspects of the spam dissemination process, which suggest different orchestration strategies being used.

Index Terms:
SpamBands, Spam traffic, Spam orchestration   


Documents that cite this document
This function is not implemented yet.


[PDF Full-Text (1094)]