Name
Abstract | ||
|---|---|---|
Previous work has shown that the network dynamics experienced by both the initial packet and an entire connection carrying an email can be leveraged to classify the email as spam or ham. In the case of packet properties, the prior work has investigated their efficacy based on models of traffic collected from around the world. In this paper, we first revisit the techniques when only using information from a single enterprise's vantage point and find packet properties to be less useful. We also show that adding flow characteristics to a model of packet features adds modest discriminating power, and some flow features' information is captured by packet features. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1007/978-3-642-19260-9_10 | PAM |
Keywords | DocType | Volume |
flow characteristic,single enterprise,prior work,previous work,flow feature,network dynamic,initial packet,packet property,packet feature,stand-alone enterprise,entire connection,network dynamics | Conference | 6579 |
ISSN | Citations | PageRank |
0302-9743 | 6 | 0.48 |
References | Authors | |
8 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Tu Ouyang | 1 | 15 | 1.35 |
| Soumya Ray | 2 | 94 | 8.89 |
| Michael Rabinovich | 3 | 1212 | 139.46 |
| Mark Allman | 4 | 3045 | 278.07 |