Clustering Malware-Generated Spam Emails With a Novel Fuzzy String Matching Algorithm

Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
In this paper, a fuzzy-matching clustering algorithm is introduced to group subjects found in spam emails which are generated by malware. A modified scoring strategy is applied in dynamic programming to find subjects that are similar to each other. A recursive seed selection strategy allows the algorithm to detect similar patterns even when the spammer creates a variation of the original pattern. A sliding threshold based on string length helps to minimize false-positives. The algorithm proves to be effective in detecting and grouping spam emails using templates.

Find By Topic