EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


22957 Evaluating Third-Party Bad Neighborhood Blacklists for Spam Detection
Home Policy Brochure Browse Search User Area Contact Help

Moreira Moura, G.C. and Sperotto, A. and Sadre, R. and Pras, A. (2013) Evaluating Third-Party Bad Neighborhood Blacklists for Spam Detection. In: Proceedings of IFIP/IEEE International Symposium on Integrated Network Management 2013, 27-31 May 2013, Ghent, Belgium. pp. 252-259. IEEE Communications Society. ISBN 978-1-4673-5229-1

Full text available as:

PDF

294 Kb
Open Access



Official URL: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6572993

Exported to Metis

Abstract

The distribution of malicious hosts over the IP address space is far from being uniform. In fact, malicious hosts tend to be concentrate in certain portions of the IP address space, forming the so-called Bad Neighborhoods. This phenomenon has been previously exploited to filter Spam by means of Bad Neighborhood blacklists. In this paper, we evaluate how much a network administrator can rely upon different Bad Neighborhood blacklists generated by third-party sources to fight Spam.

One could expect that Bad Neighborhood blacklists generated from different sources contain, to a varying degree, disjoint sets of entries. Therefore, we investigate (i) how specific a blacklist is to its source, and (ii) whether different blacklists can be interchangeably used to protect a target from Spam. We analyze five Bad Neighborhood blacklists generated from real-world measurements and study their effectiveness in protecting three production mail servers from Spam. Our findings lead to several operational considerations on how a network administrator could best benefit from Bad Neighborhood-based Spam filtering.

Item Type:Conference or Workshop Paper (Full Paper, Talk)
Research Group:EWI-DACS: Design and Analysis of Communication Systems
Research Program:CTIT-DSN: Dependable Systems and Networks
ID Code:22957
Status:Published
Deposited On:06 February 2013
Refereed:Yes
International:Yes
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item