[Web4lib] Understanding the Network-Level Behavior of Spammers

Blake Carver lists at lisnews.com
Thu Sep 14 12:22:37 EDT 2006


Speaking of spammers, here's a good read.
http://sigcomm06.stanford.edu/discussion-beta/showpaper.php?paper_id=28
"This paper studies the network-level behavior of spammers, including: IP
address ranges that send the most spam, common spamming modes (e.g., BGP
route hijacking, bots), how persistent across time each spamming host is,
and characteristics of spamming botnets. We try to answer these questions by
analyzing a 17-month trace of over 10 million spam messages collected at an
Internet "spam sinkhole", and by correlating this data with the results of
IP-based blacklist lookups, passive TCP fingerprinting information, routing
information, and botnet "command and control" traces. We find that most spam
is being sent from a few regions of IP address space, and that spammers
appear to be using transient "bots" that send only a few pieces of email
over very short periods of time."
*Anirudh Ramachandran, Georgia Tech
Nick Feamster, Georgia Tech*

 <http://sigcomm06.stanford.edu/discussion-beta/showpaper.php?paper_id=28>
-Blake


More information about the Web4lib mailing list