Brief Announcement: Trinity A Distributed Defense Against Transient Spam-bots
نویسندگان
چکیده
Transient spam-bots are hijacked computers that are connected to the Internet for short periods of time, during which they send large amounts of spam. These spam-bots have become a principle source of spam; against which, static countermeasures such as DNS Black Lists are largely ineffective, and content-based filters provide only temporary relief without ongoing tuning and upgrading—a neverending cat-and-mouse game. This is a brief overview of Trinity [1], a distributed, content independent, spam classification system that is specifically aimed at transient spam-bots. Trinity uses source identification in combination with a peer-to-peer based distributed database to identify and track transient spam-bots. Trinity’s design load balances the task of tracking the transient spam-bots and provides a robust defense against denial-of-service and malevolent peer attacks.
منابع مشابه
Tsunami: A parasitic, indestructible botnet on Kad
While current botnets rely on a central server or bootstrap nodes for their operations, in this paper we identify and investigate a new type of botnet, called Tsunami, in which no such bottleneck nodes exist. In particular, we study how a Tsunami botnet can build a parasitic relationship with a widely deployed P2P system, Kad, to successfully issue commands to its bots, launch various attacks, ...
متن کاملTsunami : A parasitic , indestructible botnet on
While current botnets rely on a central server or bootstrap nodes for their operations, in this paper we identify and investigate a new type of botnet, called Tsunami, in which no such bottleneck nodes exist. In particular, we study how a Tsunami botnet can build a parasitic relationship with a widely deployed P2P system, Kad, to successfully issue commands to its bots, launch various attacks, ...
متن کاملCharacterizing Botnets from Email Spam Records
We develop new techniques to map botnet membership using traces of spam email. To group bots into botnets we look for multiple bots participating in the same spam email campaign. We have applied our technique against a trace of spam email from Hotmail Web mail services. In this trace, we have successfully identified hundreds of botnets. We present new findings about botnet sizes and behavior wh...
متن کاملBreaking Anti-Spam Systems with Parasitic Spam
The existance of networks of ‘bots’ raises the possibility of a new type of spam that breaks the current paradigm of spam defense, in which the defence acts purely as a filter. This spam, which we call parasitic spam, looks to a filter very much like spam with scraped text, but contains instead legitimate content going from a legitimate sender to a legitimate recipient. In this problem statemen...
متن کاملDefense Strategies Against Modern Botnets
Botnets are networks of compromised computers with malicious code which are remotely controlled and which are used for starting distributed denial of service (DDoS) attacks, sending enormous number of e-mails (SPAM) and other sorts of attacks. Defense against modern Botnets is a real challenge. This paper offers several strategies for defense against Botnets with a list and description of measu...
متن کامل