Skip to main content
SpringerLink
Log in
Book cover

International Conference on Fuzzy Systems and Knowledge Discovery

FSKD 2006: Fuzzy Systems and Knowledge Discovery pp 1289–1298Cite as

Spam Behavior Recognition Based on Session Layer Data Mining

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4223))

Abstract

Various approaches are presented to solve the growing spam problem. However, most of these approaches are inflexible to adapt to spam dynamically. This paper proposes a novel approach to counter spam based on spam behavior recognition using Decision Tree learned from data maintained during transfer sessions. A classification is set up according to email transfer patterns enabling normal servers to detect malicious connections before mail body delivered, which contributes much to save network bandwidth wasted by spams. An integrated Anti-Spam framework is founded combining the Behavior Classification with a Bayesian classification. Experiments show that the Behavior Classification has high precision rate with acceptable recall rate considering its bandwidth saving feature. The integrated filter has a higher recall rate than either of the sub-modules, and the precision rate remains quite close to the Bayesian Classification.

This work was supported by the National Natural Science Foundation of China under the Grant No. 60575034.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Katakis, I., Grigorios Tsoumakas, I.V.: Email Mining: Emerging Techniques for Email Management. In: Web Data Management Practices: Emerging Techniques and Technologies, vol. 32, Idea Group Publishing, USA (2006)

    Google Scholar 

  2. Garcia, F.D., Hoepman, J.-H., van Nieuwenhuizen, J.: Spam Filter Analysis. In: Proc. 19th IFIP International Information Security Conference, WCC2004-SEC, Toulouse, France, Kluwer Academic Publishers, Dordrecht (2004)

    Google Scholar 

  3. Lueg, C.: Spam and anti-spam measures: A look at potential impacts. In: Proc. Informing Science and IT Education Conference, Pori, Finland, pp. 24–27 (2003)

    Google Scholar 

  4. Anti-Spam Technologies: Anti-Spam Technology Overview, http://e-com.ic.gc.ca/epic/Internet/inecic-ceac.nsf/en/gv00297e.html#3.4.3

  5. Stolfo, S.J., Shlomo Hershkop, K.W., Nimeskern, O.: Emt/met: Systems for modeling and detecting errant email. In: Proc. DARPA Information Survivability Conference and Exposition, vol. 2, pp. 290–295 (2003)

    Google Scholar 

  6. Prasanna Desikan, J.S.: Analyzing network traffic to detect e-mail spamming. In: Proc. ICDM Workshop on Privacy and Security Aspects of Data Mining, Brighton, UK, pp. 67–76 (2004)

    Google Scholar 

  7. Qiu Xiaofeng, H.J., Ming, C.: Flow-based anti-spam. In: Proc. IEEE Workshop on IP Operations and Management, pp. 99–103 (2004)

    Google Scholar 

  8. Agrawal, B., Nitin Kumar, M.M.: Controlling spam emails at the routers. In: Proc. International Conference on Communications, Seoul, South Korea, vol. 3, pp. 1588–1592 (2005)

    Google Scholar 

  9. Tran, M.: Freebsd server anti-spam software using automated tcp connection control. Technical report, CAIA Technical Report 040326A (2004)

    Google Scholar 

  10. Forouzan, B.A., Gegan, S.C.: TCP/IP Protocol Suite. McGraw-Hill, New York (2000)

    Google Scholar 

  11. Liu, J., Yixin Zhong, Y.G., Wang, C.: Intelligent spam mail filtering system based on comprehensive information. In: Proc. 16th International Conference on Computer Communication, pp. 1237–1242 (2004)

    Google Scholar 

  12. Abbes, T., Adel Bouhoula, M.R.: Protocol analysis in intrusion detection using decision tree. In: Proc. International Conference on Information Technology: Coding and Computing, Las Vegas, Nevada, vol. 1, pp. 404–408 (2004)

    Google Scholar 

  13. Glossary:Open Rlay, http://www.viruslist.com/en/glossary?glossid=153949388

  14. Mitchell, T.: Machine Learning. McGraw-Hill, New York (1997)

    MATH  Google Scholar 

  15. Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann, San Mateo (1993)

    Google Scholar 

  16. James P. Early, C.E.B., Rosenberg, C.: Behavioral authentication of server flows. In: Proc. 19th Annual Computer Security Applications Conference, Las Vegas, Nevada, pp. 46–55 (2003)

    Google Scholar 

  17. Zhang, Y.: Research and application of behavior recognition technology in anti-spam system. In: Master thesis of Beijing University of Posts and Telecommunications (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Engineering, Beijing University of Posts and Telecommunications, Beijing, 100876, China

    Xuan Zhang, Jianyi Liu, Yaolong Zhang & Cong Wang

Authors
  1. Xuan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianyi Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yaolong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Electrical and Electronic Engineering, Nanyang Technological University,, Block S1, Nanyang Avenue, 639798, Singapore

    Lipo Wang

  2. Life Science Research Center, School of Electronic Engineering, Xidian University,, 710071, Xi’an, Shaanxi, China

    Licheng Jiao

  3. School of Electrical and Electronic Engineering, Xidian University, 710071, Xi’an, China

    Guanming Shi

  4. School of Information Technology and Electrical Engineering, The University of Queensland, 4072, Brisbane, Queensland, Australia

    Xue Li

  5. College of Mathematics and Information Science, Hebei Normal University, 050016, Shijiazhuang, Hebei, P.R. China

    Jing Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhang, X., Liu, J., Zhang, Y., Wang, C. (2006). Spam Behavior Recognition Based on Session Layer Data Mining. In: Wang, L., Jiao, L., Shi, G., Li, X., Liu, J. (eds) Fuzzy Systems and Knowledge Discovery. FSKD 2006. Lecture Notes in Computer Science(), vol 4223. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11881599_160

Download citation

  • DOI: https://doi.org/10.1007/11881599_160

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-45916-3

  • Online ISBN: 978-3-540-45917-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation