Team for Research in
Ubiquitous Secure Technology

Characterizing Botnets from Email Spam Records.

Citation
"Characterizing Botnets from Email Spam Records.". L. Zhuang, J. Dunagan, D. Simon, H. Wang, I. Osipkov, G. Hulten and J. D. Tygar (eds.), Proceedings of First USENIX Workshop on Large Scale Exploits and Emergent Threats, April, 2008.

Abstract
We develop new techniques to map botnet membership using traces of spam email. To group bots into botnets we look for multiple bots participating in the same spam email campaign. We have applied our technique against a trace of spam email from Hotmail Web mail services. In this trace, we have successfully identied hundreds of botnets. We present new ndings about botnet sizes and behavior while also conrming other researcher's observations derived by different methods [1, 15].

Electronic downloads

Citation formats  
  • HTML 
     <a
href="http://www.truststc.org/pubs/746.html"
><i>Characterizing Botnets from Email Spam
Records.</i></a>,  L. Zhuang, J. Dunagan, D.
Simon, H. Wang, I. Osipkov, G. Hulten and J. D. Tygar
(eds.), Proceedings of First USENIX Workshop on Large Scale
Exploits and Emergent Threats, April, 2008.
  • Plain text 
     "Characterizing Botnets from Email Spam
Records.".  L. Zhuang, J. Dunagan, D. Simon, H. Wang,
I. Osipkov, G. Hulten and J. D. Tygar (eds.), Proceedings of
First USENIX Workshop on Large Scale Exploits and Emergent
Threats, April, 2008.
  • BibTeX 
    @proceedings{ZhuangDunaganSimonWangOsipkovHultenTygar08_CharacterizingBotnetsFromEmailSpamRecords,
    title = {Characterizing Botnets from Email Spam Records.},
    editor = { L. Zhuang, J. Dunagan, D. Simon, H. Wang, I.
              Osipkov, G. Hulten and J. D. Tygar},
    organization = {Proceedings of First USENIX Workshop on Large
              Scale Exploits and Emergent Threats},
    month = {April},
    year = {2008},
    abstract = {We develop new techniques to map botnet membership
              using traces of spam email. To group bots into
              botnets we look for multiple bots participating in
              the same spam email campaign. We have applied our
              technique against a trace of spam email from
              Hotmail Web mail services. In this trace, we have
              successfully identied hundreds of botnets. We
              present new ndings about botnet sizes and
              behavior while also conrming other researcher's
              observations derived by different methods [1, 15].},
    URL = {http://www.truststc.org/pubs/746.html}
}

Posted by Jessica Gamble on 4 May 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.