Spam mitigation using spatio-temporal reputations from blacklist history

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2010, Pages 161-170

  West, Andrew G ^a   Aviv, Adam J ^a   Chang, Jian ^a   Lee, Insup ^a  

^a UNIVERSITY OF PENNSYLVANIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CONTENT BASED FILTERING; FILTERING TOOLS; HISTORICAL INFORMATION; PERFORMANCE; REPUTATION MODELING; SPAM CLASSIFICATION; SPAM FILTERING; SPAMMERS; SPATIAL REASONING; SPATIO-TEMPORAL;

ELECTRONIC MAIL;

EID: 78751503389     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1920261.1920287     Document Type: Conference Paper

References (31)

1. Apache SpamAssassin. http://spamassassin.apache.org/.
2. CAIDA. http://www.caida.org/.
3. DNSBL.info: Blacklists. http://www.dnsbl.info/dnsbl-list.php.
4. Internet Assigned Numbers Authority. http://www.iana.org/.
5. MessageLabs Intelligence. http://www.messagelabs.com/.
6. Proofpoint, Inc. http://www.proofpoint.com/.
7. Spamhaus Project. http://www.spamhaus.org/.
8. Univ. of Oregon Route Views. http://www.routeviews.org/.
9. M. Blaze, S. Kannan, A. D. Keromytis, I. Lee, W. Lee, O. Sokolsky, and J. M. Smith. Dynamic trust management. IEEE Computer (Special Issue on Trust Mangement), 2009.
10. J. Douceur. The Sybil attack. In 1st IPTPS, March 2002.
11. S. Hao, N. A. Syed, N. Feamster, A. G. Gray, and S. Krasser. Detecting spammers with SNARE: Spatio-temporal network-level automated reputation engine. In USENIX Security Sym., 2009.
12. IronPort Systems Inc. Reputation-basedmail flow control. White Paper, 2002. (SenderBase).
13. T. Joachims. Advances in Kernel Methods - Support Vector Learning, chapter Making Large-scale SVM Learning Practical, pages 169-184. MIT Press, Cambridge, MA, 1999.
14. A. Jøsang, R. Hayward, and S. Pope. Trust network analysis with subjective logic. In Proceedings of the 29th Australasian Computer Science Conference, 2006.
15. J. Jung and E. Sit. An empirical study of spam traffic and the use of DNS black lists. In Proc. of the 4th ACM SIGCOMM Conference on Internet Measurement, pages 370-375, 2004.
16. S. D. Kamvar, M. T. Schlosser, and H. Garcia-molina. The Eigen-Trust algorithm for reputation management in P2P networks. In Proc. of the Twelfth WWW Conference, May 2003.
17. B. Krebs. Host of Internet spam groups is cut off. http://www. washingtonpost.com/wp-dyn/content/article/2008/11/12/AR2008111200658.html, November 2008. (McColo).
18. B. Krebs. FTC sues, shuts down N. Calif. web hosting firm. http://voices.washingtonpost.com/securityfix/2009/06/ftc-sues-shuts-down-n- calif-we.html, June 2009. (3FN).
19. Z. Qian, Z. Mao, Y. Xie, and F. Yu. On network-level clusters for spam detection. In Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS), 2010.
20. A. Ramachandran, D. Dagon, and N. Feamster. Can DNSBLs keep up with bots? In Proc. of the 3rd CEAS, 2006.
21. A. Ramachandran and N. Feamster. Understanding the network-level behavior of spammers. In Proc. of SIGCOMM 2006, 2006.
22. A. Ramachandran, N. Feamster, and D. Dagon. Revealing botnet membership using DNSBL counter-intelligence. In USENIX: Steps to Reducing Unwanted Traffic on the Internet, 2006.
23. A. Ramachandran, N. Feamster, and S. Vempala. Filtering spam with behavioral blacklisting. In Proc. of Computer and Communications Security (CCS '07), pages 342-351, 2007.
24. M. Sahami, S. Dumais, D. Heckerman, and E.Horvitz. A Bayesian approach to filtering junk e-mail. In AAAI-98 Workshop on Learning for Text Categorization, 1998.
25. S. Sinha, M. Bailey, and F. Jahanian. Improving spam blacklisting through dynamic thresholding and speculative aggregation. In Proceedings of the 17th NDSS, 2010.
26. Symantec Corportation. IP reputation investigation. http://ipremoval.sms. symantec.com/.
27. S. Venkataraman, A. Blum, D. Song, S. Sen, and O. Spatscheck. Tracking dynamic sources of malicious activity at internet scale. In Neural Information Processing Systems '09, 2009.
28. S. Venkataraman, S. Sen, O. Spatscheck, P. Haffner, and D. Song. Exploiting network structure for proactive spam mitigation. In 16th USENIX Security Symposium, pages 149-166, 2007.
29. A. G. West, A. J. Aviv, J. Chang, V. S. Prabhu, M. Blaze, S. Kannan, I. Lee, J. M. Smith, and O. Sokolsky. QuanTM: A quantitative trust management system. In EUROSEC 2009, pages 28-35, March 2009.
30. A. G. West, S. Kannan, and I. Lee. Detecting Wikipedia vandalism via spatio-temporal analysis of revision metadata. In EUROSEC '10, pages 22-28, Paris, France, 2010.
31. Y. Xie, F. Yu, K. Achan, E. Gillum, M. Goldszmidt, and T.Wobber. How dynamic are IP addresses? In SIGCOMM '07, 2007.