论文信息 - Forensic Value of Backscatter from Email Spam

Forensic Value of Backscatter from Email Spam

Email backscatter is a side effect of email spam, viruses or worms. When a spam or malware-laden email is sent, it nearly always has a forged sender address. If this email fails to reach its recipient, e.g., because the recipientpsilas mailbox is full or the recipient has set up an out-of-the-office auto-responder, the recipientpsilas mail system may attempt to generate and send an automated message replying to the forged sender. This unsolicited message sent to the forged sender is an email backscatter. On massive email spam runs where the same address (or domain) is forged as the sender, there can be significant amounts of backscatter email to the forged address. We consider potential forensic value in the analysis of email backscatter, for example, the times when certain compromised machines were used to send spams. We present results of an analysis performed with our Backscatter Email Analysis Tool (BEAT) of a massive backscatter incident that occurred in mid April, 2008.

C.P. Fuhrman

[1] C. P. Fuhrman. Analysis of massive backscatter of email spam , 2008 .

[2] Mads Haahr,et al. A Case-Based Approach to Spam Filtering that Can Track Concept Drift , 2003 .

[3] Joon S. Park,et al. Spam Detection: Increasing Accuracy with A Hybrid Solution , 2005, Inf. Syst. Manag..

[4] Nick Feamster,et al. Can DNS-Based Blacklists Keep Up with Bots? , 2006, CEAS.

[5] Aaron Hackworth,et al. Botnets as a Vehicle for Online Crimes , 2006 .

[6] M.W. El-Kharashi,et al. Rejecting Spam during SMTP Sessions , 2007, 2007 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing.

[7] Keith Moore,et al. An Extensible Message Format for Delivery Status Notifications , 1994 .

[8] Karen Heyman. New Attack Tricks Antivirus Software , 2007, Computer.

[9] Gordon V. Cormack,et al. Online supervised spam filter evaluation , 2007, TOIS.

[10] Neal Leavitt. Vendors Fight Spam's Sudden Rise , 2007, Computer.

[11] Nicolas Ianelli,et al. Botnets as a Vehicle for Online Crime , 2007 .

[12] D. H. Crocker,et al. Standard for the format of arpa intemet text messages , 1982 .