Análise de fatores que afetam o comportamento de spammers na rede
AUTOR(ES)
Gabriel Caires Silva
FONTE
IBICT - Instituto Brasileiro de Informação em Ciência e Tecnologia
DATA DE PUBLICAÇÃO
04/08/2011
RESUMO
The transmission of unwanted messages through the Internet, or spam, is a serious problem, still unsolved, and which leads to million-dollar losses all over the world, be it for the resources consumed by that message trafic or for the impact of scams. The goal of this work is to better understand the behavior of spammers (those responsible for sending spam messages) in the network. For that we used a metodology of factorial experiments as a structural basis that allowed us to evaluate the influence of multiple factors (connection limitations, vulnerabilities available to be exploited, among others) on relevant metrics (such as number of messages sent, origins identified, and types of attacks used). The analysis of those metrics make it possible to draw a profile of the attacks issued by spammers to disseminate their messages, revealing some important details about their practices, preferences and tecnology. To do that, a special data gathering system was designed and implemented, where a virtualized structure served as a substrate for the execution of multiple mail collecting honeypots, created to deceive spammers and store the messages they tried to send as they abused the system. Each honeypot ran as an complete, independent, virtualized machine that represented a specific scenario among the multiple available combinations of possible factors, enabling a comparative analysis of the data collected in each of the diferent scenarios. The results show that variations in configuration may drastically afect the volume of spam received, as well as its internal characteristics (type of messages, sources, etc.). In particula, this work identifed two very diverse kinds of spammers: large scale senders, which use a few machines with ample resources to send larger spam messages, with attached documents, through open proxies, and botnets, which manifest themselves as a large number of machines which abuse open mail relays and rely on test messages to identify the systems to attack, each bot sending a limited number of messages, often short, with some text and links to advertisement and sales servers, in most of the cases.
ASSUNTO(S)
computação teses. redes de computadores teses. redes de computadores medidas de segurança. teses. spam (mensagens eletrônicas) teses.
ACESSO AO ARTIGO
http://hdl.handle.net/1843/SLSS-8LBP8TDocumentos Relacionados
- Análise dos fatores que afetam o clima organizacional na linha de produção de montadoras de veículos
- Fatores que afetam o consumo de cachaça
- Fatores que afetam o tratamento para preservação de madeiras
- Fatores que afetam o ataque de Bemisia tabaci em pepino
- [Análise de modelagem linear usado para determinar os fatores que afetam o rendimento leiteiro de 305 dias]
