A. Derhab, A. Bouras, F. B. Muhaya, M. Khan, Yang Xiang
{"title":"垃圾邮件捕获系统:对抗垃圾邮件僵尸网络的新型安全框架","authors":"A. Derhab, A. Bouras, F. B. Muhaya, M. Khan, Yang Xiang","doi":"10.1109/ICT.2014.6845160","DOIUrl":null,"url":null,"abstract":"In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to tackle the issue of spam botnet detection. We add a new line of defense to the defense-in-depth model called the third line. This line is represented by a security framework, named the Spam Trapping System (STS) and adopts the prevent-then-detect approach to fight against spam botnets. The framework exploits the application sandboxing principle to prevent the spam from going out of the host and detect the corresponding malware bot. We show that the proposed framework can ensure better security against malware bots. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and computational cost in comparison to intrusion detection systems based on static and dynamic analysis.","PeriodicalId":154328,"journal":{"name":"2014 21st International Conference on Telecommunications (ICT)","volume":"162 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-05-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Spam Trapping System: Novel security framework to fight against spam botnets\",\"authors\":\"A. Derhab, A. Bouras, F. B. Muhaya, M. Khan, Yang Xiang\",\"doi\":\"10.1109/ICT.2014.6845160\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to tackle the issue of spam botnet detection. We add a new line of defense to the defense-in-depth model called the third line. This line is represented by a security framework, named the Spam Trapping System (STS) and adopts the prevent-then-detect approach to fight against spam botnets. The framework exploits the application sandboxing principle to prevent the spam from going out of the host and detect the corresponding malware bot. We show that the proposed framework can ensure better security against malware bots. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and computational cost in comparison to intrusion detection systems based on static and dynamic analysis.\",\"PeriodicalId\":154328,\"journal\":{\"name\":\"2014 21st International Conference on Telecommunications (ICT)\",\"volume\":\"162 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-05-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 21st International Conference on Telecommunications (ICT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICT.2014.6845160\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 21st International Conference on Telecommunications (ICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICT.2014.6845160","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
摘要
在本文中,我们从两个类比:战争杀伤区和机场值机系统的启发,以解决垃圾邮件僵尸网络的检测问题。我们在深度防御模型中增加了一道新的防线,称为第三道防线。这条线由一个名为Spam Trapping System (STS)的安全框架表示,该框架采用先预防后检测的方法来对抗垃圾邮件僵尸网络。该框架利用应用程序沙盒原理防止垃圾邮件流出主机,并检测相应的恶意软件bot。我们表明,所提出的框架可以确保更好的安全性,以防止恶意软件机器人。此外,分析研究表明,与基于静态和动态分析的入侵检测系统相比,该框架在检测时间和计算成本方面具有最佳性能。
Spam Trapping System: Novel security framework to fight against spam botnets
In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to tackle the issue of spam botnet detection. We add a new line of defense to the defense-in-depth model called the third line. This line is represented by a security framework, named the Spam Trapping System (STS) and adopts the prevent-then-detect approach to fight against spam botnets. The framework exploits the application sandboxing principle to prevent the spam from going out of the host and detect the corresponding malware bot. We show that the proposed framework can ensure better security against malware bots. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and computational cost in comparison to intrusion detection systems based on static and dynamic analysis.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
