DNS resource record analysis of URLs in e-mail messages for improving spam filtering

Shuji Suwa, Nariyoshi Yamai, Kiyohiko Okayama, Motonori Nakamura

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

In recent years, spam mails intending for "One-click fraud" or "Phishing" have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.

Original languageEnglish
Title of host publicationProceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011
Pages439-444
Number of pages6
DOIs
Publication statusPublished - 2011
Event11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011 - Munich, Bavaria, Germany
Duration: Jul 18 2011Jul 21 2011

Other

Other11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011
CountryGermany
CityMunich, Bavaria
Period7/18/117/21/11

Fingerprint

Websites
Fluxes
Botnet

Keywords

  • DNS
  • e-mail
  • spam
  • URL

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Suwa, S., Yamai, N., Okayama, K., & Nakamura, M. (2011). DNS resource record analysis of URLs in e-mail messages for improving spam filtering. In Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011 (pp. 439-444). [6004119] https://doi.org/10.1109/SAINT.2011.82

DNS resource record analysis of URLs in e-mail messages for improving spam filtering. / Suwa, Shuji; Yamai, Nariyoshi; Okayama, Kiyohiko; Nakamura, Motonori.

Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011. 2011. p. 439-444 6004119.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Suwa, S, Yamai, N, Okayama, K & Nakamura, M 2011, DNS resource record analysis of URLs in e-mail messages for improving spam filtering. in Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011., 6004119, pp. 439-444, 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011, Munich, Bavaria, Germany, 7/18/11. https://doi.org/10.1109/SAINT.2011.82
Suwa S, Yamai N, Okayama K, Nakamura M. DNS resource record analysis of URLs in e-mail messages for improving spam filtering. In Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011. 2011. p. 439-444. 6004119 https://doi.org/10.1109/SAINT.2011.82
Suwa, Shuji ; Yamai, Nariyoshi ; Okayama, Kiyohiko ; Nakamura, Motonori. / DNS resource record analysis of URLs in e-mail messages for improving spam filtering. Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011. 2011. pp. 439-444
@inproceedings{0fae65f9f6234b1996fd1f76dedfcdcf,
title = "DNS resource record analysis of URLs in e-mail messages for improving spam filtering",
abstract = "In recent years, spam mails intending for {"}One-click fraud{"} or {"}Phishing{"} have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.",
keywords = "DNS, e-mail, spam, URL",
author = "Shuji Suwa and Nariyoshi Yamai and Kiyohiko Okayama and Motonori Nakamura",
year = "2011",
doi = "10.1109/SAINT.2011.82",
language = "English",
isbn = "9780769544236",
pages = "439--444",
booktitle = "Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011",

}

TY - GEN

T1 - DNS resource record analysis of URLs in e-mail messages for improving spam filtering

AU - Suwa, Shuji

AU - Yamai, Nariyoshi

AU - Okayama, Kiyohiko

AU - Nakamura, Motonori

PY - 2011

Y1 - 2011

N2 - In recent years, spam mails intending for "One-click fraud" or "Phishing" have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.

AB - In recent years, spam mails intending for "One-click fraud" or "Phishing" have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.

KW - DNS

KW - e-mail

KW - spam

KW - URL

UR - http://www.scopus.com/inward/record.url?scp=80052977126&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=80052977126&partnerID=8YFLogxK

U2 - 10.1109/SAINT.2011.82

DO - 10.1109/SAINT.2011.82

M3 - Conference contribution

AN - SCOPUS:80052977126

SN - 9780769544236

SP - 439

EP - 444

BT - Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011

ER -