Identifying IP Blocks with Spamming Bots by Spatial Distribution
- Authors
- Yun, Sangki; Kim, Byungseung; Bahk, Saewoong; Kim, Hyogon
- Issue Date
- 8월-2010
- Publisher
- IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG
- Keywords
- botnet; spamming; identification; detection; false positive
- Citation
- IEICE TRANSACTIONS ON COMMUNICATIONS, v.E93B, no.8, pp.2188 - 2190
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEICE TRANSACTIONS ON COMMUNICATIONS
- Volume
- E93B
- Number
- 8
- Start Page
- 2188
- End Page
- 2190
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/116032
- DOI
- 10.1587/transcom.E93.B.2188
- ISSN
- 0916-8516
- Abstract
- In this letter, we develop a behavioral metric with which spamming botnets can be quickly identified with respect to their residing IP blocks. Our method aims at line-speed operation without deep inspection, so only TCP/IP header fields of the passing packets are examined. However, the proposed metric yields a high-quality receiver operating characteristics (ROC), with high detection rates and low false positive rates.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - Graduate School > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.