Spam, defined as the transmission of bulk unsolicited messages, has plagued Internet email. Unfortunately, spam is not limited to email. It can affect any system that enables user to user communications. The Session Initiation Protocol (SIP) defines a system for user to user multimedia communications. Therefore, it is susceptible to spam, just as email is. In this document, we analyze the probl...

It is well known that spammers can forge the header of an email, in particular, the trace information carried in the Received: fields, as an attempt to hide the true origin of the email. Despite its critical importance for spam control and holding accountable the true originators of spam, there has been no systematic study on the forgery behavior of spammers. In this paper, we provide the first...

Processing server logs for the email arriving at an ISP can be used to detect remote sites where machines are infected by email viruses or have been hijacked and used for sending spam. Simple heuristics distinguish the patterns of such traffic from those of legitimate email. Stopping this material being sent is matter for the remote site. Nevertheless, this paper shows that processing can also ...

Unsolicited commercial email is a significant problem for users and providers of email services. While statistical spam filters have proven useful, senders of spam are learning to bypass these filters by systematically modifying their email messages. In a good word attack, one of the most common techniques, a spammer modifies a spam message by inserting or appending words indicative of legitima...

Spam, defined as the transmission of bulk unsolicited messages, has plagued Internet email. Unfortunately, spam is not limited to email. It can affect any system that enables user to user communications. The Session Initiation Protocol (SIP) defines a system for user to user multimedia communications. Therefore, it is susceptible to spam, just as email is. In this document, we analyze the probl...

Spam, defined as the transmission of bulk unsolicited messages, has plagued Internet email. Unfortunately, spam is not limited to email. It can affect any system that enables user-to-user communications. The Session Initiation Protocol (SIP) defines a system for user-touser multimedia communications. Therefore, it is susceptible to spam, just as email is. In this document, we analyze the proble...

Email spam has become costly and difficult to manage in recent years. Many of the mechanisms used for controlling spam are located at local SMTP servers and end-host machines. These mechanisms can place a significant burden on mail servers and end-host machines as the number spam messages received continues to increase. We propose a preliminary architecture that applies spam detection filtering...

The threat of voice spam, commonly known as Spam over Internet Telephony (SPIT) is a real and contemporary problem. If the problem remains unchecked then it may become as potent as email spam today. In this paper, we present two approaches to detect and prevent SPITting over the Internet. Both of our approaches are based on the anomaly detection of the distributions of selected call features (i...

We present a novel spam detection technique that relies on neither content nor reputation analysis. This work investigates the discriminatory power of email transport-layer characteristics, i.e. the TCP packet stream. From a corpus of messages and corresponding packets, we extract per-email TCP features. While legitimate mail flows are wellbehaved, we observe small congestion windows, frequent ...