Visual analytics for intrusion detection in spam emails

Spam email attacks are increasing at an alarming rate and have become more and more cunning in nature. This has necessitated the need for visual spam email analysis within an intrusion detection system to identify these attacks. The challenges are how to increase the accuracy of detection and how to visualise large volumes of spam email to better understand the analysis results and identify email attacks. This paper proposes a Density-Weight model that is to strengthen and extend the system capacity for analysis of network attacks in spam emails, including DDoS attacks. An interactive visual clustering method DA-TU is introduced to classify and display spam emails. The experimental results have shown that the proposed new model has improved the accuracy of intrusion detection and provides a better understanding of the nature of spam email attacks on though the network.

[1]  Guillaume Urvoy-Keller,et al.  A study of email usage and performance over Cellular technology , 2010, The Second International Conference on Communications and Networking.

[2]  Zhenhai Duan,et al.  Detecting Spam Zombies by Monitoring Outgoing Messages , 2009, IEEE INFOCOM 2009.

[3]  Yang Peng,et al.  NetViewer: A Visualization Tool for Network Security Events , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[4]  Jae-Kwang Lee,et al.  An Empirical Study of Spam and Spam Vulnerable email Accounts , 2007, Future Generation Communication and Networking (FGCN 2007).

[5]  Peter Eades,et al.  A Fully Animated Interactive System for Clustering and Navigating Huge Graphs , 1998, GD.

[6]  Ciprian Dobre,et al.  A dependability layer for large-scale distributed systems , 2011, Int. J. Grid Util. Comput..

[7]  Kwan-Liu Ma,et al.  Visualization of sanitized email logs for spam analysis , 2007, 2007 6th International Asia-Pacific Symposium on Visualization.

[8]  Shunzheng Yu,et al.  A Novel Model for Detecting Application Layer DDoS Attacks , 2006, First International Multi-Symposiums on Computer and Computational Sciences (IMSCCS'06).

[9]  Donald F. Towsley,et al.  Email worm modeling and defense , 2004, Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969).

[10]  Y. Charlie Hu,et al.  The Case for Spam-Aware High Performance Mail Server Architecture , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[11]  Jae-Kwang Lee,et al.  Multi Layer Approach to Defend DDoS Attacks Caused by Spam , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[12]  Valentin Cristea,et al.  A visualisation technique for network topology transformation within MonALISA monitoring framework , 2011, Int. J. Grid Util. Comput..

[13]  Fulu Li,et al.  An Empirical Study of Clustering Behavior of Spammers and Group-based Anti-Spam Strategies , 2006, CEAS.

[14]  Kwang-Ting Cheng,et al.  Using visual features for anti-spam filtering , 2005, IEEE International Conference on Image Processing 2005.

[15]  Peter Eades,et al.  Journal of Graph Algorithms and Applications Navigating Clustered Graphs Using Force-directed Methods , 2022 .

[16]  Antonio Nucci,et al.  You can SPIT, but you can't hide: Spammer identification in telephony networks , 2011, 2011 Proceedings IEEE INFOCOM.

[17]  Seok-Hee Hong,et al.  Visualization and analysis of email networks , 2007, 2007 6th International Asia-Pacific Symposium on Visualization.

[18]  Hideki Koike,et al.  IPMatrix: an effective visualization framework for cyber threat monitoring , 2005, Ninth International Conference on Information Visualisation (IV'05).

[19]  Jun Liu,et al.  Email virus spreading model in the scale-free network , 2010, 2010 IEEE International Conference on Intelligent Computing and Intelligent Systems.

[20]  Sami J. Habib,et al.  Redesign of grid-based enterprise information network through servers consolidation , 2010, 5th International Conference on Computer Sciences and Convergence Information Technology.

[21]  Alexander L. Wijesinha,et al.  The Performance of a Bare Machine Email Server , 2009, 2009 21st International Symposium on Computer Architecture and High Performance Computing.

[22]  Junhu Wang,et al.  Visual Clustering of Spam Emails for DDoS Analysis , 2011, 2011 15th International Conference on Information Visualisation.

[23]  Shyue-Kung Lu,et al.  A multi-faceted approach towards spam-resistible mail , 2005, 11th Pacific Rim International Symposium on Dependable Computing (PRDC'05).

[24]  Lee Garber Melissa Virus Creates a New Type of Threat , 1999, Computer.