乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,10,6]],"date-time":"2023-10-06T05:11:02Z","timestamp":1696569062127},"reference-count":26,"publisher":"Wiley","issue":"4","license":[{"start":{"date-parts":[[2012,6,27]],"date-time":"2012-06-27T00:00:00Z","timestamp":1340755200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/onlinelibrary.wiley.com\/termsAndConditions#vor"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security Comm Networks"],"published-print":{"date-parts":[[2016,3,10]]},"abstract":"Abstract<\/jats:title>Spamming botnets present a critical challenge in the control of spam messages because of the sheer volume and wide spread of the botnet members. In this paper, we advocate the approach for recipient mail servers to filter messages directly delivered from remote end\u2010user (EU) machines, given that the majority of spamming bots are EU machines. We develop a support vector machine (SVM)\u2010based classifier to separate EU machines from legitimate mail server (LMS) machines, using a set of machine features that cannot be easily manipulated by spammers. We investigate the efficacy and performance of the SVM\u2010based classifier using a number of real\u2010world data sets. Our performance studies show that the SVM\u2010based classifier is indeed a feasible and effective approach in distinguishing EU machines from LMS machines. For example, training and testing on an aggregated data set containing both EU machines and LMS machines, on average, we found that the SVM\u2010based classifier can achieve a 99.25\u2009% detection accuracy, with very small false positive rate (0.35%) and false negative rate (1.27%), significantly outperforming eight Domain Name System\u2010based blacklists widely used today. Copyright \u00a9 2012 John Wiley & Sons, Ltd.<\/jats:p>","DOI":"10.1002\/sec.587","type":"journal-article","created":{"date-parts":[[2012,6,27]],"date-time":"2012-06-27T18:20:18Z","timestamp":1340821218000},"page":"316-326","source":"Crossref","is-referenced-by-count":4,"title":["Blocking spam by separating end\u2010user machines from legitimate mail server machines"],"prefix":"10.1002","volume":"9","author":[{"given":"Fernando","family":"Sanchez","sequence":"first","affiliation":[{"name":"Department of Computer Science Florida State University Tallahassee FL 32306 U.S.A."}]},{"given":"Zhenhai","family":"Duan","sequence":"additional","affiliation":[{"name":"Department of Computer Science Florida State University Tallahassee FL 32306 U.S.A."}]},{"given":"Yingfei","family":"Dong","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering University of Hawaii Honolulu HI 96822 U.S.A."}]}],"member":"311","published-online":{"date-parts":[[2012,6,27]]},"reference":[{"key":"e_1_2_8_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-009-9109-6"},{"key":"e_1_2_8_3_1","unstructured":"HaoS SyedNA FeamsterN GrayEG KrasserS.Detecting spammers with SNARE: Spatio\u2010temporal Network\u2010level Automatic Reputation Engine. InUSENIX Security Symposium Montreal Canada Aug.2009;101\u2013118."},{"key":"e_1_2_8_4_1","unstructured":"SpamAssassin.The Apache SpamAssassin project.http:\/\/spamassassin.apache.org\/."},{"key":"e_1_2_8_5_1","unstructured":"Spamhaus.The Spamhaus project.http:\/\/www.spamhaus.org\/."},{"key":"e_1_2_8_6_1","unstructured":"TaylorB.Sender reputation in a large webmail service. InProceedings of Third Conference on Email and Anti\u2010Spam (CEAS) Mountain View CA July2006."},{"key":"e_1_2_8_7_1","doi-asserted-by":"crossref","unstructured":"XieM WangH.A collaboration\u2010based autonomous reputation system for email services. InProc. IEEE INFOCOM San Diego CA Mar.2010;992\u20131000.","DOI":"10.1109\/INFCOM.2010.5461948"},{"key":"e_1_2_8_8_1","unstructured":"AndreoliniM BulgarelliA ColajanniM MazzoniF.Honeyspam: honeypots fighting spam at the source. InProceedings of Usenix SRUTI Cambridge MA July2005."},{"key":"e_1_2_8_9_1","unstructured":"JohnJP MoshchukA GribbleSD KrishnamurthyA.Studying spamming botnets using botlab. In6th Symposium on Networked Systems Design and Implementation (NSDI'09) Apr.2009."},{"key":"e_1_2_8_10_1","doi-asserted-by":"crossref","unstructured":"XieY XuF AchanK PanigrahyR HultenG OsipkovI.Spamming botnets: signatures and characteristics. InProc. ACM SIGCOMM Seattle WA Aug.2008.","DOI":"10.1145\/1402958.1402979"},{"key":"e_1_2_8_11_1","unstructured":"MessageLabs.Messagelabs intelligence: 2010 annual security report."},{"key":"e_1_2_8_12_1","unstructured":"RamachandranA DagonD FeamsterN.Can DNS\u2010based blacklists keep up with bots?InProceedings of First Conference on Email and Anti\u2010Spam (CEAS) Mar.2006."},{"key":"e_1_2_8_13_1","volume-title":"Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond","author":"Scholkopf B","year":"2002"},{"key":"e_1_2_8_14_1","doi-asserted-by":"crossref","unstructured":"CortezP CorreiaA SousaP RochaM RioM.Spam email filtering using network\u2010level properties. InICDM 2010;476\u2013489.","DOI":"10.1007\/978-3-642-14400-4_37"},{"key":"e_1_2_8_15_1","doi-asserted-by":"crossref","unstructured":"RamachandranA FeamsterN.Understanding the network\u2010level behavior of spammers. InProc. ACM SIGCOMM Pisa Italy Sept.2006;291\u2013302.","DOI":"10.1145\/1151659.1159947"},{"key":"e_1_2_8_16_1","unstructured":"SanchezF DuanZ DongY.Understanding forgery properties of spam delivery paths. InProceedings of 7th Annual Collaboration Electronic Messaging Anti\u2010Abuse and Spam Conference (CEAS) Redmond WA July2010."},{"key":"e_1_2_8_17_1","unstructured":"SullivanM MunozL.Suggested Generic DNS Naming Schemes for Large Networks and Unassigned Hosts. Internet Draft Apr.2006."},{"key":"e_1_2_8_18_1","unstructured":"RuddJ.Botnet Plugin for Spamassassin."},{"key":"e_1_2_8_19_1","unstructured":"Mozilla Foundation.Public suffix list.http:\/\/publicsuffix.org\/."},{"key":"e_1_2_8_20_1","unstructured":"GuenterB.Spam archive.http:\/\/untroubled.org\/spam\/."},{"key":"e_1_2_8_21_1","doi-asserted-by":"publisher","DOI":"10.18637\/jss.v015.i09"},{"key":"e_1_2_8_22_1","unstructured":"ChangC\u2010C LinC\u2010J.LIBSVM: a library for support vector machines 2001. Software available athttp:\/\/www.csie.ntu.edu.tw\/cjlin\/libsvm."},{"key":"e_1_2_8_23_1","unstructured":"MazieresD.Mail avenger.http:\/\/www.mailavenger.org\/."},{"key":"e_1_2_8_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-35488-8_13"},{"key":"e_1_2_8_25_1","doi-asserted-by":"crossref","unstructured":"WongM SchlittW.Sender policy framework (SPF): authorizing use of domains in e\u2010mail version 1. RFC 4408 Apr.2006.","DOI":"10.17487\/rfc4408"},{"key":"e_1_2_8_26_1","doi-asserted-by":"crossref","unstructured":"HansenT CrokerD Hallam\u2010BakerP.DomainKeys Identified Mail (DKIM) Service Overview. RFC 5585 June2009.","DOI":"10.17487\/rfc5585"},{"key":"e_1_2_8_27_1","doi-asserted-by":"crossref","unstructured":"FetteI SadehN TomasicA.Learning to detect phishing emails. InProceedings of the 16th International Conference on World Wide Web Alberta Canada May 2007.","DOI":"10.1145\/1242572.1242660"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.587","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.wiley.com\/onlinelibrary\/tdm\/v1\/articles\/10.1002%2Fsec.587","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1002\/sec.587","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,5]],"date-time":"2023-10-05T03:45:30Z","timestamp":1696477530000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/sec.587"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,6,27]]},"references-count":26,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2016,3,10]]}},"alternative-id":["10.1002\/sec.587"],"URL":"https:\/\/doi.org\/10.1002\/sec.587","archive":["Portico"],"relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"value":"1939-0114","type":"print"},{"value":"1939-0122","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,6,27]]}}}