Title :
Traffic Shaping of Spam Botnets
Author :
Husna, H. ; Phithakkitnukoon, S. ; Dantu, R.
Author_Institution :
North Texas Univ., Denton
Abstract :
Compromised computers, known as bots, are the major source of spamming. Detecting them can help greatly improve control of unwanted traffic. In this paper, we develop a traffic control mechanism to detect and delay the traffic of suspicious senders and bots. By delaying spammer´s traffic, it has been reported that 90% of spam emails can be eliminated. In our proposed mechanism, we group spammers based on their behavior and transmission patterns. These patterns of spammers show high correlation between group members irrespective of geographic location, network ID, content, and kind of receivers. After identification of these botnet groups we applied traffic shaping techniques a pre-filtering analysis to avoid use of automated machines(bots) to spam a particular domain. Thus the source for majority of spam is blocked before reaching email servers. We also identify how randomly the botnets behave and how easy it is to capture a botnet behavior, based on Information theory. To our knowledge, there is no work reported on detecting and mitigating botnets based on their behavior and in particular transmission patterns.
Keywords :
Internet; telecommunication network management; telecommunication traffic; unsolicited e-mail; E-mail server; automated machine; compromised computer; prefiltering analysis; spam botnets; spammer traffic; spamming; suspicious senders; traffic control mechanism; traffic shaping; Communication system traffic control; Computer science; Delay; Filtering; Information theory; Postal services; Principal component analysis; Telecommunication traffic; Traffic control; Unsolicited electronic mail;
Conference_Titel :
Consumer Communications and Networking Conference, 2008. CCNC 2008. 5th IEEE
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-1456-7
Electronic_ISBN :
978-1-4244-1457-4
DOI :
10.1109/ccnc08.2007.181
