Skip to main content
Article
Spam Mitigation Using Spatio-Temporal Reputations From Blacklist History
26th Annual Computer Security Applications Conference (ACSAC '10)
  • Andrew G. West, University of Pennsylvania
  • Adam J. Aviv, University of Pennsylvania
  • Jian Chang, University of Pennsylvania
  • Insup Lee, University of Pennsylvania
Date of this Version
12-1-2010
Document Type
Conference Paper
Comments
26th Annual Computer Security Applications Conference, Orlando, Florida, December 5-9, 2010.
Abstract

IP blacklists are a spam filtering tool employed by a large number of email providers. Centrally maintained and well regarded, blacklists can filter 80+% of spam without having to perform computationally expensive content-based filtering. However, spammers can vary which hosts send spam (often in intelligent ways), and as a result, some percentage of spamming IPs are not actively listed on any blacklist. Blacklists also provide a previously untapped resource of rich historical information. Leveraging this history in combination with spatial reasoning, this paper presents a novel reputation model (PreSTA), designed to aid in spam classification. In simulation on arriving email at a large university mail system, PreSTA is capable of classifying up to 50% of spam not identified by blacklists alone, and 93% of spam on average (when used in combination with blacklists). Further, the system is consistent in maintaining this blockage-rate even during periods of decreased blacklist performance. PreSTA is scalable and can classify over 500,000 emails an hour. Such a system can be implemented as a complementary blacklist service and used as a first-level filter or prioritization mechanism on an email server.

DOI
10.1145/1920261.1920287
Copyright/Permission Statement
© ACM 2010. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC '10), http://dx.doi.org/10.1145/1920261.1920287.
Keywords
  • Email spam,
  • blacklists,
  • reputation
Citation Information
Andrew G. West, Adam J. Aviv, Jian Chang and Insup Lee. "Spam Mitigation Using Spatio-Temporal Reputations From Blacklist History" 26th Annual Computer Security Applications Conference (ACSAC '10) (2010) p. 161 - 170
Available at: http://works.bepress.com/andrew_g_west/18/