Popis: |
Despite the large variety and wide adoption of different techniques to detect and filter unsolicited messages (spams), the total amount of such messages over the Internet remains very large. Some reports point out that around 80% of all emails are spams. As a consequence, significant amounts of network resources are still wasted as filtering strategies are usually performed only at the email destination server. Moreover, a considerable part of these unsolicited messages is sent by users who are unaware of their spamming activity and may thus inadvertently be classified as spammers. In this case, these oblivious users act as spambots, i.e., members of a spamming botnet. This paper proposes a new method for detecting spammers at the source network, whether they are individual malicious users or oblivious members of a spamming botnet. Our method, called SpaDeS, is based on a supervised classification technique and relies only on network-level metrics, thus not requiring inspection of message content. We evaluate SpaDeS using real datasets collected from a Brazilian broadband ISP. Our results show that our method is quite effective, correctly classifying the vast majority (87%) of the spammers while misclassifying only around 2% of the legitimate users. |