Efficient Detection of SPAM messages and SPAM zombies in the Internet using Naïve-Bayesian and Sequential Probability Ratio Test (SPRT)

Abstract

The Internet is a global system of interconnected computer networks that provides the communication to serve billions of users worldwide. Compromised machines in the internet allows the attackers to launch various security attacks such as DDoS, spamming, and identity theft. Compromised machines are the one of the major security threat on the internet. In this paper we address this issue by using Naïve-Bayesian and SPRT to automatically identify compromised machines in a network. Spamming allows the attackers to recruit the large number of compromised machines to generate the SPAM messages by hiding the identity, these compromised machines commonly known as spam zombies. We used Naïve-Bayesian and manual methods to detect the SPAM messages and used SPRT technique to identify the spam zombies from the SPAM messages. We proved that the Naïve-Bayesian approach minimizes the error rate, false positives and false negatives compared to the manual approach in the process of detecting SPAM message. Our evaluation studies based on one day email trace collected in our organization network that shows Naïve-Bayesian and SPRT are the effective and efficient systems in automatically detecting SPAM messages and compromised machines in a network.