SpamBands: uma Metodologia para Identificação de Fontes de Spam Agindo de Forma Orquestrada
(SpamBands: a Methodology to Identify Sources of Spam Acting in Concert)
Elverton Fazzion (email@example.com)1, Osvaldo Fonseca1, Pedro Henrique B. Las Casas1, Dorgival Guedes1, Wagner Meira Jr1, Cristine Hoepers2, Klaus Steding Jessen2, Marcelo H. P. Chaves2
1Universidade Federal de Minas Gerais2Centro de Estudos para Resposta e Tratamento de Incidentes de Segurança no Brasil
This paper appears in: Revista IEEE América Latina
Publication Date: June 2016
Volume: 14, Issue: 6
In 2012, estimates indicated that 68.8% of all e-mail traffic was spam, what suggests this is still a relevant problem. Recently, some works have focused on the analysis of spam's traffic inside the network, analyzing the protocols used and the AS which originate the traffic. However, those works usually do not consider the relationships between the machines used to send spam. Such an analysis could reveal how different machines may be used by a single spammer to spread his messages, helping us to understand their behavior. To that end, this work proposes a methodology to cluster the machines used by spammers based on the concept of spam campaigns. The groups identified were characterized to identify different aspects of the spam dissemination process, which suggest different orchestration strategies being used.
SpamBands, Spam traffic, Spam orchestration
Documents that cite this
This function is not implemented yet.
[PDF Full-Text (1094)]