Neighborhoods or Condominiums: An Analysis of the Origin of Spam Based on the Organization of Autonomous Systems

Despite the continuous efforts to mitigate spam, the volume of messages is huge and identifying spammers is still a challenge. Spam traffic analysis has been performed to determine the behavior of spammers, who are employing techniques more and more sophisticated to disseminate messages. This work analyzes the sources of spam towards understanding to what extent they explain the traffic. Our results show that, beyond a similar behavior among machines from the same autonomous system (AS), it is possible to separate them according to their sending characteristics. Further, the results also show that we may apply the concept of Internet BadNeighborhoods to ASes, once the machines from a given AS behave similarly.

[1]  N. Vijaykumar,et al.  Using Low-Interaction Honeypots to Study the Abuse of Open Proxies to Send Spam , 2007 .

[2]  Michalis Faloutsos,et al.  Spamming Botnets : Are we losing the war ? , 2009 .

[3]  Stephanie Forrest,et al.  Email networks and the spread of computer viruses. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[4]  Virgílio A. F. Almeida,et al.  Comparative Graph Theoretical Characterization of Networks of Spam , 2005, CEAS.

[5]  Zhuoqing Morley Mao,et al.  Peeking into Spammer Behavior from a Unique Vantage Point , 2008, LEET.

[6]  Janice C. Sipior,et al.  Should spam be on the menu? , 2004, CACM.

[7]  Hilarie Orman,et al.  The Compleat Story of Phish , 2013, IEEE Internet Computing.

[8]  M. H. P. Chaves,et al.  Exploring the Spam Arms Race to Characterize Spam Evolution , 2010 .

[10]  Aiko Pras,et al.  Filtering spam from bad neighborhoods , 2010, Int. J. Netw. Manag..

[11]  Aiko Pras,et al.  Internet Bad Neighborhoods: The spam case , 2011, 2011 7th International Conference on Network and Service Management.