Botnet Judo: Fighting Spam With Itself

The authors have traditionally viewed spam from the receiver's point of view: mail servers assaulted by a barrage of spam from which they must pick out a handful of legitimate messages. In this paper they describe a system for better filtering spam by exploiting the vantage point of the spammer. By instantiating and monitoring botnet hosts in a controlled environment, they are able to monitor new spam as it is created, and consequently infer the underlying template used to generate polymorphic e-mail messages. They demonstrate this approach on mail traces from a range of modern botnets and show that they can automatically filter such spam precisely and with virtually no false positives.

Provided by: University of California, San Diego Topic: Security Date Added: Jan 2010 Format: PDF

Download Now

Find By Topic