A Novel Approach to Detect Spam Worms Propagation with Monitoring the Footprinting

  IJCOT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© - December Issue 2013 by IJCTT Journal
Volume-6 Issue-3                           
Year of Publication : 2013
Authors :Rajesh R Chauhan , G S Praveen Kumar

MLA

Rajesh R Chauhan , G S Praveen Kumar"A Novel Approach to Detect Spam Worms Propagation with Monitoring the Footprinting"International Journal of Computer Trends and Technology (IJCTT),V6(3):143-149 December Issue 2013 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract:- -One of the key security threats on the Internet are the compromised machines that can be used to launch various security attacks such as spamming and spreading malware, accessing useful information and DDoS. Attackers for spamming activity are volunteer by large number of compromised machines. Our main focus is on detection of the compromised machines in a network that may be or are involved in the spamming activities; these machines are commonly known as spam zombies. Activities such as port scan, DB scan and so on are treated as malicious activity within the network. So to overcome that we develop one of the most effective spam zombie detection system within the network based on the behavior of other systems as if performing the above activities are treated as zombies machines. If any system within the network try’s to gather some information about any other system then this is treated as a malicious activity and should be not allowed to do so. SYN packets are used in order to initiate communication within the network so as to establish connection. If any system try’s to flood the network with these packets we can make an assumption that the system is trying to gather the information about other system. This is what called footprinting. So we will try to detect any system involved in footprinting and report to the administrator.

References:-

[1] Zhenhai Duan , Peng Chen and Fernando Sanchez.”Detecting Spam Zombies by Monitoring Outgoing Messages”, DEPENDABLE AND SECURE COMPUTING, VOL 9, NO. 2, MARCH/APRIL 2012
[2] G. Gu, J. Zhang, and W. Lee, “BotSniffer: Detecting Botnet Command and Control Channels i,n Network Traffic,” Proc. 15th Ann. Network and Distributed System Security Symp. (NDSS ’08), Feb. 2008.
[3] Z. Duan, Y. Dong, and K. Gopalan, “DMTP: Controlling Spam through Message Delivery Differentiation,” Computer Networks, vol. 51, pp. 2616-2630, July 2007.
[4] G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee, “BotHunter: Detecting Malware Infection through Ids-Driven Dialog Correlation,” Pro c. 16th USENIX Security Symp., Aug. 2007.
[5] Zhenhai Duan, Peng Chen, Fernando Sanchez, Yingfei Dong, Mary Stephenson, and James Michael Barker “Detecting Spam Zombies by Monitoring Outgoing Messages” IEEE Transactions on dependable and secure computing, vol. 9, no. 2, march/april 2012.
[6] Z. Chen, C. Chen, and C. Ji, “Understanding Localized-Scanning Worms,” Proc. IEEE Int’l Performance, Computing, and Comm. Conf. (IPCCC ’07), 2007.
[7] A. Ramachandran and N. Feamster, “Understanding the Network-Level Behavior of Spammers,” Proc. ACM SIGCOMM, pp. 291-302, Sept. 2006.
[8] Y. Xie, F. Xu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov, “Spamming Botnets: Signatures and Characteristics,” Proc. ACM SIGCOMM, Aug. 2008.
[9] Y. Xie, F. Xu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov, “Spamming Botnets: Signatures and Characteristics,” Proc. ACM SIGCOMM, Aug. 2008.
[10] L. Zhuang, J. Dunagan, D.R. Simon, H.J. Wang, I. Osipkov, G.Hulten, and J.D. Tygar, “Characterizing Botnets from Email Spam Records,” Proc. First Usenix Workshop Large-Scale Exploits and Emergent Threats, Apr. 2008.

Keywords:-DDos- Distributed denial of services, Footprinting, Malicious activity, Spam Zombies, SYN-synchronize packets