A New Approach for Detecting SMTPFA Based on Entropy Measurement

  • Hsing-Chung Chen
  • Jai-Zong Sun
  • Shian-Shyong Tseng
  • Chien-Erh Weng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7513)


In this paper, we propose a new approach of detecting a kind of Simple Mail Transfer Protocol Flooding Attack (SMTPFA for short) based on entropy measurement. We will calculate the entropy values from the received packets flow. Further checking its entropy value compared with the values of abnormal entropy, we then use it to detect this server whether is suffered some attacks from hacker. The scheme can easily detect SMTPFA, and monitor the real-time status of SMTP server.


SMTP Entropy Attack detecting SMTP flooding attack 


  1. 1.
    O’Donnell, A.J.: The Evolutionary Microcosm of Stock Spam. IEEE Security & Privacy, 70–75 (2007)Google Scholar
  2. 2.
    Bass, T., Watt, G.: A simple framework for filtering queued SMTP e-mail. In: MILCOM 1997 Proceedings, vol. 3, pp. 1140–1144 (1997)Google Scholar
  3. 3.
    Shannon, C.E.: A mathematical theory of communication. Bell System Technical Journal 27, 379–423, 623–656 (1948)Google Scholar
  4. 4.
  5. 5.
    Postel, J.B.: A Simple Mail Transfer Protocol. RFC821 (1982)Google Scholar
  6. 6.
    Klensin, J.: Simple Mail Transport Protocol. RFC2821 (2001)Google Scholar
  7. 7.
    Myers, J., Rose, M.: Post Office Protocol - Version 3. RFC 1939 (1996)Google Scholar
  8. 8.
    Moore, K.: Simple Mail Transfer Protocol (SMTP) Service Extension for Delivery Status Notifications (DSNs). RFC 3461 (2003)Google Scholar
  9. 9.
    Russell, S., Norvig, P.: Artificial Intelligence - A Modern Approach 3/E (2011)Google Scholar
  10. 10.
    Bass, T., Freyre, A., Gruber, D., Watt, G.: E-Mail Bombs and Countermeasure: Cyber Attack on Availability and Brand Integrity. IEEE Network 12(2), 10–17 (1998)CrossRefGoogle Scholar
  11. 11.
    Weaver, W., Shannon, C.E.: The Mathematical Theory of Communication (1949); republished in paperback (1963)Google Scholar
  12. 12.
    Wang, X., Chellappan, S., Boyer, P., Xuan, D.: On the effectiveness of secure overlay forwarding systems under intelligent distributed DoS attacks. IEEE Transactions on Parallel and Distributed Systems, 619–632 (2006)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Hsing-Chung Chen
    • 1
  • Jai-Zong Sun
    • 2
  • Shian-Shyong Tseng
    • 1
  • Chien-Erh Weng
    • 3
  1. 1.Department of Computer Science and Information EngineeringAsia UniversityTaiwan
  2. 2.Institute of Computer Science and Information EngineeringAsia UniversityTaiwan
  3. 3.Department of Electronic Communication EngineeringNational Kaohsiung Marine UniversityKaohsiungTaiwan

Personalised recommendations