Browse > Article
http://dx.doi.org/10.6109/jkiice.2008.12.10.1808

Studying on Expansion of Realtime Blocking List Conception for Spam E-mail Filtering  

Kim, Jong-Min (㈜모비젠 기술연구소)
Kim, Hion-Gun (㈜모비젠 기술연구소)
Kim, Bong-Gi (진주산업대학교 컴퓨터공학부)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.12, no.10, 2008 , pp. 1808-1814 More about this Journal
Abstract
In addition to RBL function, which is used to applying for spam e-mail filtering, as an effective way to deal with the recently widespread spam types, this paper proposes how to extract URL that was comprised in the original e-mail, apply it to RBL, and expand it. The BotNet, which is used to using for sending spam mails these days, has a problem that it is not able to solve with the distributed addresses of sent mails in spam e-mails. In general, as these spam e-mails are sent from the infected Zombi PC of individual user, the sent address itself is not efficient and is meaningless to use in RBL. As an effective way to filter spam e-mail sent by BotNet, this paper analyzes URLs that contained in the original spam e-mail and proposes how to effectively improve filter rate, based on the distribution data of URL site tempting users. This paper proposes the sending mechanism of spam e-mails from BotNet and the methods to realize those types of spam e-mails. In order to gather analyzable spam e-mails, this paper also carries out an experiment by configuring trap system of spam e-mail. By analyzing spam e-mails, which have been received during the certain period of experiment, this paper shows that the expanded RBL method, using URLs that contained in spam e-mails, is effective way to improve the filter distribution of spam e-mail.
Keywords
Spam; RBL(Real-Time Blocking List); Spam URL; BotNet; Trap system of spam e-mail; Zombi PC.;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M.W. Wong and M. Lentczner. "Sender Policy Framework(SPF): A Convention to Describe Hosts authorized to Send SMTP Traffic," May 2004
2 The Honeypot Project and Research Alliance Know Your Enemy, Tracking Botnets. http://honeynet.org /papers/bots, March 2005
3 SURBL, http://www.surbl.org, March 2008
4 S.Webb, J.Caverlee, C.Pu, Characterizing Web Spam Using Content and HTTP Session Analysis, In Proceedings of the Fourth Conference on Email and Antispam CEAS 2007
5 Cooke E, Jahanian F, Mcpherson D, The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets, Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI) (June 2005.)
6 Realtime URI Blacklist, http://www.uribl. com, March 2008
7 G. S. Mullane, "Spambot Beware", Website, 2003, http://www.turnstep.com/Spambot/inde- x.html