(3.238.235.155) 您好!臺灣時間:2021/05/16 17:13
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

: 
twitterline
研究生:王琮郁
研究生(外文):Tsung-Yu Wang
論文名稱:垃圾郵件發送行為之觀察與分析
論文名稱(外文):Observation and Analysis on Spam Sending Behavior
指導教授:葉春超
指導教授(外文):Chun-Chao Yeh
學位類別:碩士
校院名稱:國立臺灣海洋大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2010
畢業學年度:98
語文別:中文
論文頁數:60
中文關鍵詞:垃圾郵件殭屍網路
外文關鍵詞:SpamBotnet
相關次數:
  • 被引用被引用:1
  • 點閱點閱:188
  • 評分評分:
  • 下載下載:27
  • 收藏至我的研究室書目清單書目收藏:2
隨著網際網路的蓬勃發展,電子郵件使用簡單及便利,正逐漸替代傳統郵件,由於電子郵件發送成本低廉,且郵件地址的收集十分容易,也促使垃圾郵件(未經使用者同意而濫發的電子郵件)在網路上氾濫,不僅增加郵件伺服器負擔,更影響收件者正常使用郵件。現今網路的攻擊尤其喜愛以垃圾郵件做為傳播的媒介,常經由殭屍網路進行大量發送。當使用者不慎開啟垃圾郵件,就可能誤進偽裝過的網站,或是引發電腦被感染入侵的風險,抑制垃圾郵件氾濫已是刻不容緩。
本篇論文利用線上收集的大量垃圾郵件,擷取郵件來源IP及郵件內容URL 等特徵,藉由前述資訊對所收集的垃圾郵件進行分群,最後針對每個群組在時間及空間性質觀察與分析。根據所收集的樣本,觀察到最大的垃圾郵件輸出國是中國佔27.88%,且整體郵件來源IP有78.84%在黑名單之中;而本文利用URL分群,發現 Top 10 的群組其來源IP散佈於世界各地,很可能是透過殭屍網路所散播。
Due to Internet, people prefer using emails instead of traditional post mails, because of its simple and easy to use. Meanwhile unsolicited emails (Spam) become a serious problem, as sending bulk emails are almost cost free in terms of time and money. Spam not only reduces system performance of mail servers but also annoys mail receivers. Nowadays attacks from Internet usually have strong links with embedding malicious codes/links in Spam mails. When users open Spam incautiously, they may be redirected to a fake website, or trig malicious codes.
In this thesis, we collect a large number of Spam to observe and analyze Spam sending behavior. For each Spam, we gather source IP and the information of URLs, such as URL addresses, URL domain IPs, and web pages of the URL. Base on the information collected from Spam, we use clustering-technique to observe and analyze temporal and spatial properties of the Spam. From the collected spam, we found about 78% of the mail source IPs are in the RBL blacklist. Also, basing on URL hosting information we found those mails related to top ten of the URL hosting groups are highly suspicious to be sent by botnet.

摘要
Abstract
致謝
目錄
圖目錄
表目錄
第一章 緒論
1.1 研究背景
1.2 研究動機與目的
1.3 研究架構
第二章 相關研究探討
2.1 電子郵件內容格式
2.1.1 電子郵件結構
2.1.2 URI結構
2.2 垃圾郵件介紹
2.2.1 垃圾郵件特性
2.2.2 垃圾郵件發送技術
2.3 相關文獻探討
2.3.1 Spamology:A Study of Spam Origins
2.3.2 Characterizing Botnets from Email Spam Records
2.3.3 Spamming Chains: A New Way of Understanding Spammer Behavior
第三章 資料收集與特徵擷取
3.1 垃圾郵件收集
3.2 垃圾郵件特徵擷取
3.2.1 擷取郵件資訊
3.2.2 擷取URL資訊
3.2.3 查詢郵件Source IP資訊
第四章 實驗觀察與數據分析
4.1 審視總體郵件
4.2 從URL觀察發送行為
4.3 從來源IP觀察發送行為
第五章 結論及未來發展方向
參考文獻

[ 1]台灣網路資訊中心(TWNIC)(Access on July, 2010)
http://www.twnic.net.tw/download/200307/200307index.shtml
[ 2]Commtouch 2010 網路威脅趨勢報告(Access on July, 2010)
http://www.commtouch.com/download/1679
[ 3]亞太垃圾信研究中心(Asia SPAM-mail Research Center) (Access on July, 2010)
http://asrc.softsqr.com/
[ 4]國家通訊傳播委員會(NCC) (Access on July, 2010)
http://www.ncc.gov.tw/
[ 5]Sophos安全威脅報告(Access on July, 2010)
https://secure.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-jan-2010-wpna.pdf
[ 6]Symantec網路安全威脅報告(Access on July, 2010)
http://www.symantec.com/business/theme.jsp?themeid=threatreport
[ 7]Spam, From Wikipedia(Access on July, 2010)
http://en.wikipedia.org/wiki/Wikipedia:Spam
[ 8]eMarketer(Access on July, 2010)
http://www.emarketer.com/Article.aspx?R=1006486
[ 9]Pedro H. Calais Guerra, Dorgival Guedes, Wagner Meira Jr., Cristine Hoepers, Marcelo H. P. C. Chaves, and Klaus Steding-Jessen, ” Spamming Chains: A New Way of Understanding Spammer Behavior”, CEAS 2009
[10]Craig A. Shue, Minaxi Gupta, Chin Hua Kong, John T. Lubia, and Asim S. Yuksel, ”Spamology: A Study of Spam Origins”,CEAS 2009
[11]Amazon.com, Inc, “Alexa Web information service(Access on July, 2010)
(AWIS),”2008, http://aws.amazon.com/awis
[12]Li Zhuang, John Dunagan, Daniel R. Simon, Helen J. Wang, Ivan Osipkov, Geoff Hulten, and J. D. Tygar,“Characterizing Botnets from Email Spam Records”, LEET 2008
[13]IP address, From Wikipedia(Access on July, 2010)
http://en.wikipedia.org/wiki/IP_address
[14]Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, and IvanOsipkov, “Spamming Botnets: Signatures and Characteristics”, SIGCOMM 2008
[15]Dr. Neal Krawetz, “Anti-Spam Solutions and Security” (Access on July, 2010)
http://www.symantec.com/connect/articles/anti-Spam-solutions-and-security
[16]Provos, N., and Holz, T. Virtual Honeypots: From Botnet Tracking to Intrusion Detection, 1st ed. Addison-Wesley Professional, July 2007 ISBN-13:978-0321336323
[17]方家慶,”電子郵件標頭解析”, 國家資通安全會報技術服務中心
http://www.icst.org.tw/
[18]E-mail, From Wikipedia (Access on July, 2010)
http://en.wikipedia.org/wiki/Email
[19]MIME, From Wikipedia (Access on July, 2010)
http://zh.wikipedia.org/zh-tw/MIME
[20]URI, From Wikipedia (Access on July, 2010)
http://en.wikipedia.org/wiki/Uniform_Resource_Identifier
[21]RFC 3986: Uniform Resource Identifier (URI): Generic Syntax
http://tools.ietf.org/html/rfc3986
[22]URI scheme, From Wikipedia (Access on July, 2010)
http://blog.miniasp.com/post/2008/10/URL-URI-Description-and-usage-tips.aspx
[23]RBL blacklists (Access on July, 2010)
http://rbls.org/
[24]資安之眼報導 (Access on July, 2010)
http://www.itis.tw/node/3759
[25]賽門鐵克發表6月最新垃圾郵件及網路釣魚報告 (Access on July, 2010)
http://www.symantec.com/zh/tw/about/news/release/article.jsp?prid=20100615_01
[26]XROXY.COM (Access on July, 2010)
http://www.xroxy.com/proxylist.htm
[27]資安之眼報導 (Access on July, 2010)
http://www.itis.tw/node/2477
[28]Green-Computing報導 (Access on July, 2010)
http://www.green-computing.com/official/?f=news&i=view&g_id=33
[29]Justin Ma, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker, “Identifying Suspicious URLs: An Application of Large-Scale Online Learning”, ICML 2009
[30]Anirudh Ramachandran and Nick Feamster, “Understanding the Network-Level Behavior of Spammers”, SIGCOMM 2006
[31]Cynthia Dhinakaran and Jae Kwang Lee, “Characterizing Spam traffic and Spammers”, 0-7695-3038-9/07, IEEE 2007
[32]Mohammed Fadhil Zamil, Ahmed M. Manasrah, Omar Amir, and Sureswaran Ramadass, “A Behavior Based Algorithm to Detect Spam Bots”, 978-1-4244-6622-1/10, IEEE 2010

連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top