Detecting Compromised Email Accounts from the Perspective of Graph Topology

Proceedings of the 11th International Conference on Future Internet Technologies Pub Date : 2016-06-15 DOI:10.1145/2935663.2935672

Xuan Hu, Banghuai Li, Yang Zhang, Changling Zhou, Hao Ma

{"title":"Detecting Compromised Email Accounts from the Perspective of Graph Topology","authors":"Xuan Hu, Banghuai Li, Yang Zhang, Changling Zhou, Hao Ma","doi":"10.1145/2935663.2935672","DOIUrl":null,"url":null,"abstract":"While email plays a growingly important role on the Internet, we are faced with more severe challenges brought by compromised email accounts, especially for the administrators of institutional email service providers. Inspired by the previous experience on spam filtering and compromised accounts detection, we propose several criteria, like Success Outdegree Proportion, Reverse Pagerank, Recipient Clustering Coefficient and Legitimate Recipient Proportion, for compromised email accounts detection from the perspective of graph topology in this paper. Specifically, several widely used social network analysis metrics are used and adapted according to the characteristics of mail log analysis. We evaluate our methods on a dataset constructed by mining the one month (30 days) mail log from an university with 118,617 local users and 11,460,399 mail log entries. The experimental results demonstrate that our methods achieve very positive performance, and we also prove that these methods can be efficiently applied on even larger datasets.","PeriodicalId":305382,"journal":{"name":"Proceedings of the 11th International Conference on Future Internet Technologies","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 11th International Conference on Future Internet Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2935663.2935672","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

Abstract

While email plays a growingly important role on the Internet, we are faced with more severe challenges brought by compromised email accounts, especially for the administrators of institutional email service providers. Inspired by the previous experience on spam filtering and compromised accounts detection, we propose several criteria, like Success Outdegree Proportion, Reverse Pagerank, Recipient Clustering Coefficient and Legitimate Recipient Proportion, for compromised email accounts detection from the perspective of graph topology in this paper. Specifically, several widely used social network analysis metrics are used and adapted according to the characteristics of mail log analysis. We evaluate our methods on a dataset constructed by mining the one month (30 days) mail log from an university with 118,617 local users and 11,460,399 mail log entries. The experimental results demonstrate that our methods achieve very positive performance, and we also prove that these methods can be efficiently applied on even larger datasets.

查看原文本刊更多论文

从图拓扑的角度检测被入侵的电子邮件帐户

当电子邮件在互联网上扮演着越来越重要的角色时，我们也面临着电子邮件账户泄露带来的更加严峻的挑战，特别是对于机构电子邮件服务提供商的管理员来说。受以往垃圾邮件过滤和入侵账户检测经验的启发，本文从图拓扑的角度提出了成功度比例、反向Pagerank、收件人聚类系数和合法收件人比例等几个检测入侵邮件账户的标准。具体来说，根据邮件日志分析的特点，使用和调整了几个广泛使用的社会网络分析指标。我们在一个数据集上评估了我们的方法，该数据集是通过挖掘一所大学一个月(30天)的邮件日志构建的，该大学有118,617个本地用户和11,460,399个邮件日志条目。实验结果表明，我们的方法取得了非常好的性能，并且我们也证明了这些方法可以有效地应用于更大的数据集。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 11th International Conference on Future Internet Technologies

自引率

0.00%

发文量