Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification
This paper proposes a spam detection technique, at the packet level (layer 3), based on classification of e-mail contents. Our proposal targets spam control implementations on middleboxes. E-mails are first pre-classified (pre-detected) for spam on a per-packet basis. without the need for reassembly...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Published: |
Elsevier BV
2009
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/13128/ http://dx.doi.org/10.1016/j.comnet.2008.11.012 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.13128 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.131282017-09-14T07:15:44Z http://eprints.utm.my/id/eprint/13128/ Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification Marsono, Muhammad N. El-Kharashi, M. Watheq Gebali, Fayez TK Electrical engineering. Electronics Nuclear engineering This paper proposes a spam detection technique, at the packet level (layer 3), based on classification of e-mail contents. Our proposal targets spam control implementations on middleboxes. E-mails are first pre-classified (pre-detected) for spam on a per-packet basis. without the need for reassembly. This, in turn, allows fast e-mail class estimation (spam detection) at receiving e-mail servers to support more effective spam handling on both inbound and outbound (relayed) e-mails. In this paper, the naive Bayes classification technique is adapted to support both pre-classification and fast e-mail class estimation, on a per-packet basis. We focus on evaluating the accuracy of spam detection at layer 3, considering the constraints on processing byte-streams over the network, including packet reordering, fragmentation, overlapped bytes, and different packet sizes. Results show that the proposed layer-3 classification technique gives less than 0.5% false positive, which approximately equals the performance attained at layer 7. This shows that classifying e-mails at the packet level could differentiate non-spam from spam with high confidence for a viable spam control implementation on middleboxes. Elsevier BV 2009-04-23 Article PeerReviewed Marsono, Muhammad N. and El-Kharashi, M. Watheq and Gebali, Fayez (2009) Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification. Computer Networks, 53 (6). 835 -848. ISSN 1389-1286 http://dx.doi.org/10.1016/j.comnet.2008.11.012 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
TK Electrical engineering. Electronics Nuclear engineering |
| spellingShingle |
TK Electrical engineering. Electronics Nuclear engineering Marsono, Muhammad N. El-Kharashi, M. Watheq Gebali, Fayez Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| description |
This paper proposes a spam detection technique, at the packet level (layer 3), based on classification of e-mail contents. Our proposal targets spam control implementations on middleboxes. E-mails are first pre-classified (pre-detected) for spam on a per-packet basis. without the need for reassembly. This, in turn, allows fast e-mail class estimation (spam detection) at receiving e-mail servers to support more effective spam handling on both inbound and outbound (relayed) e-mails. In this paper, the naive Bayes classification technique is adapted to support both pre-classification and fast e-mail class estimation, on a per-packet basis. We focus on evaluating the accuracy of spam detection at layer 3, considering the constraints on processing byte-streams over the network, including packet reordering, fragmentation, overlapped bytes, and different packet sizes. Results show that the proposed layer-3 classification technique gives less than 0.5% false positive, which approximately equals the performance attained at layer 7. This shows that classifying e-mails at the packet level could differentiate non-spam from spam with high confidence for a viable spam control implementation on middleboxes. |
| format |
Article |
| author |
Marsono, Muhammad N. El-Kharashi, M. Watheq Gebali, Fayez |
| author_facet |
Marsono, Muhammad N. El-Kharashi, M. Watheq Gebali, Fayez |
| author_sort |
Marsono, Muhammad N. |
| title |
Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| title_short |
Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| title_full |
Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| title_fullStr |
Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| title_full_unstemmed |
Targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| title_sort |
targeting spam control on middleboxes: spam detection based on layer-3 e-mail content classification |
| publisher |
Elsevier BV |
| publishDate |
2009 |
| url |
http://eprints.utm.my/id/eprint/13128/ http://dx.doi.org/10.1016/j.comnet.2008.11.012 |
| _version_ |
1643646124460867584 |