IEICE Transactions on Communications
Online ISSN : 1745-1345
Print ISSN : 0916-8516
Regular Section
Identifying IP Blocks with Spamming Bots by Spatial Distribution
Sangki YUNByungseung KIMSaewoong BAHKHyogon KIM
Author information
Keywords: botnet, spamming, identification, detection, false positive
JOURNAL RESTRICTED ACCESS

2010 Volume E93.B Issue 8 Pages 2188-2190

Details
Download PDF (144K)
Download citation RIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Abstract

In this letter, we develop a behavioral metric with which spamming botnets can be quickly identified with respect to their residing IP blocks. Our method aims at line-speed operation without deep inspection, so only TCP/IP header fields of the passing packets are examined. However, the proposed metric yields a high-quality receiver operating characteristics (ROC), with high detection rates and low false positive rates.

Content from these authors
© 2010 The Institute of Electronics, Information and Communication Engineers
Previous article Next article
Favorites & Alerts

Recently viewed articles
Announcements from publisher
Share this page
feedback
 Top