Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10]

@

Journal of Information Science and Engineering, Vol. 21 No. 3, pp. 571-578 (May 2005)

Detect and Notify Abnormal SMTP Traffice and Email Spam over Aggregate Network

Su-Chiu Yang and Li-Ming Tseng
Department of Computer Science and Information Engineering
National Central University
Chungli, 320 Taiwan
E-mail: center7@cc.ncu.edu.tw

As all the traffic between the public Internet and the customer's desktop must be interconnected through ISP's access network, this work thus makes use of the transportation traffic log gathered from backbone router to develop SMTP flooding detection system (SFDS), so that the most spam could be detected and stopped at the original fan-out network. The system has been deployed over a TANet (Taiwan Academic Network) backbone node for assisting network users grasping the abnormal SMTP sources with suddenly increase email requests. The result indicates that there is a high proportion of the notified spam could be detected in advance.

Keywords: SMTP flooding detection, spam, anomaly notification, Rwhois, IP route MIB

Full Text () Retrieve PDF document (200505_05.pdf)

Received February 3, 2004; revised August 23 & November 23, 2004; accepted December 27, 2004.
Communicated by Chu-Sing Yang.