DNS resource record analysis of URLs in e-mail messages for improving spam filtering

Shuji Suwa; Nariyoshi Yamai; Kiyohiko Okayama; Motonori Nakamura

doi:10.1109/SAINT.2011.82

DNS resource record analysis of URLs in e-mail messages for improving spam filtering

Shuji Suwa, Nariyoshi Yamai, Kiyohiko Okayama, Motonori Nakamura

Center for Information Technology and Management

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Citations (Scopus)

Abstract

In recent years, spam mails intending for "One-click fraud" or "Phishing" have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.

Original language	English
Title of host publication	Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011
Pages	439-444
Number of pages	6
DOIs	https://doi.org/10.1109/SAINT.2011.82
Publication status	Published - 2011
Event	11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011 - Munich, Bavaria, Germany Duration: Jul 18 2011 → Jul 21 2011

Publication series

Name	Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011

Other

Other	11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011
Country/Territory	Germany
City	Munich, Bavaria
Period	7/18/11 → 7/21/11

Keywords

DNS
URL
e-mail
spam

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications

Access to Document

10.1109/SAINT.2011.82

Cite this

Suwa, S., Yamai, N., Okayama, K., & Nakamura, M. (2011). DNS resource record analysis of URLs in e-mail messages for improving spam filtering. In Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011 (pp. 439-444). [6004119] (Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011). https://doi.org/10.1109/SAINT.2011.82

DNS resource record analysis of URLs in e-mail messages for improving spam filtering. / Suwa, Shuji; Yamai, Nariyoshi; Okayama, Kiyohiko et al.

Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011. 2011. p. 439-444 6004119 (Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Suwa, S, Yamai, N, Okayama, K & Nakamura, M 2011, DNS resource record analysis of URLs in e-mail messages for improving spam filtering. in Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011., 6004119, Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011, pp. 439-444, 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011, Munich, Bavaria, Germany, 7/18/11. https://doi.org/10.1109/SAINT.2011.82

Suwa S, Yamai N, Okayama K, Nakamura M. DNS resource record analysis of URLs in e-mail messages for improving spam filtering. In Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011. 2011. p. 439-444. 6004119. (Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011). doi: 10.1109/SAINT.2011.82

@inproceedings{0fae65f9f6234b1996fd1f76dedfcdcf,

title = "DNS resource record analysis of URLs in e-mail messages for improving spam filtering",

abstract = "In recent years, spam mails intending for {"}One-click fraud{"} or {"}Phishing{"} have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.",

keywords = "DNS, URL, e-mail, spam",

author = "Shuji Suwa and Nariyoshi Yamai and Kiyohiko Okayama and Motonori Nakamura",

year = "2011",

doi = "10.1109/SAINT.2011.82",

language = "English",

isbn = "9780769544236",

series = "Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011",

pages = "439--444",

booktitle = "Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011",

note = "11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011 ; Conference date: 18-07-2011 Through 21-07-2011",

}

TY - GEN

T1 - DNS resource record analysis of URLs in e-mail messages for improving spam filtering

AU - Suwa, Shuji

AU - Yamai, Nariyoshi

AU - Okayama, Kiyohiko

AU - Nakamura, Motonori

PY - 2011

Y1 - 2011

N2 - In recent years, spam mails intending for "One-click fraud" or "Phishing" have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.

AB - In recent years, spam mails intending for "One-click fraud" or "Phishing" have become increasing. As one anti-spam technology, DNSBL based on the URLs or their corresponding IP addresses in the messages is well used. However, some spam mails that cannot be filtered by conventional DNSBLs get appearing since the spammers create websites using various techniques such as botnet, fast-flux and Wildcard DNS record. To improve the accuracy of filtering spam mails using these techniques, we analyzed DNS record features corresponding to the domain name from the URLs in actual spam mails. According to the result of this analysis, we confirmed that abuse of Wildcard DNS record is one effective criterion for spam filtering.

KW - DNS

KW - URL

KW - e-mail

KW - spam

UR - http://www.scopus.com/inward/record.url?scp=80052977126&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=80052977126&partnerID=8YFLogxK

U2 - 10.1109/SAINT.2011.82

DO - 10.1109/SAINT.2011.82

M3 - Conference contribution

AN - SCOPUS:80052977126

SN - 9780769544236

T3 - Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011

SP - 439

EP - 444

BT - Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011

T2 - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011

Y2 - 18 July 2011 through 21 July 2011

ER -

DNS resource record analysis of URLs in e-mail messages for improving spam filtering

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this