Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Early detection of outgoing spammers in large-scale service provider networks
Cohen Y., Gordon D., Hendler D.  DIMVA 2013 (Proceedings of the 10th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Berlin, Germany, Jul 18-19, 2013)83-101.2013.Type:Proceedings
Date Reviewed: Dec 16 2013

Cohen et al. propose a system for the early detection of outgoing spammers, or ErDOS, that uses machine learning techniques and an approach mostly based on the social interaction of email accounts, or inter-account communication patterns. They use a set of features that characterize users and their behavior, including ratios of incoming and outgoing messages, intra- and inter-service provider communications, and per-account features based on these measures.

Their model was generated using WEKA’s implementation of the rotation forest classification technique. In the experimental evaluation, the authors use different time intervals for training and evaluation, and compare the results to existing models, in terms of true positives, percentage of suspicious accounts, and the early detection measure.

The paper is well written and quite easy to read. However, I found some of the assumptions quite unsuitable and have a concern that those assumptions affected the accuracy of this model. For instance, the authors rate any account as “spammy” if it sends even a single message tagged as spam by the content-based filter. These filters are prone to errors. We have all had at least a few legitimate messages end up in the spam folder on occasion. Increasing this lower limit would probably help in this case. Another probable limitation is that messages coming from blacklisted Internet protocol (IP) addresses are filtered out before the analysis, which means a significant number of spammy accounts that might have been very useful in this analysis are left out.

Reviewer:  Lamine Aouad Review #: CR141811 (1402-0133)
Bookmark and Share
 
Security and Protection (C.2.0 ... )
 
 
Abuse And Crime Involving Computers (K.4.1 ... )
 
 
Electronic Mail (H.4.3 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Introduction to data security and controls (2nd ed.)
Edward R. I., QED Information Sciences, Inc., Wellesley, MA, 1991. Type: Book (9780894353864)
Aug 1 1992
Security for computer networks: an introduction to data security in teleprocessing and electronic funds transfer
Davies D., Price W., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471900634)
Oct 1 1985
The development and proof of a formal specification for a multilevel secure system
Glasgow J., Macewen G. ACM Transactions on Computer Systems 5(2): 151-184, 1987. Type: Article
Oct 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy