Spam Attacks Research Articles

Deteksi Email Spam dengan Continuous Bag-Of-Words dan Random Forest

Spam email poses a significant cyber threat, as scammers employ various tactics to deceive individuals into divulging sensitive information or downloading harmful content. For instance, in June 2023, Indonesia encountered approximately 6.51 thousand spam attacks, underscoring the widespread nature of this issue. These attacks frequently involve deceptive strategies, such as impersonation or false promises of rewards, to ensnare unsuspecting victims. Succumbing to spam can result in financial losses and other grave repercussions. To address this concern, this research addresses this pressing problem by focusing on email content classification to detect phishing attempts. The proposed solution leverages runtime platforms such as Google Colab and uses Continuous Bag of Words (CBOW) analysis and Random Forest methods. CBOW is selected for its effectiveness in capturing semantic relationships between words, allowing the model to extract meaningful features from the email content. Random Forest, on the other hand, is chosen for its ability to handle imbalanced datasets commonly encountered in email classification tasks, ensuring fair representation of both spam and ham emails during model training. By combining these two techniques, we aim to develop a robust classification model capable of accurately distinguishing between phishing (spam) and legitimate (ham) emails, thus enhancing email security measures. Through our approach, we aim to classify the SpamAssassin dataset into ham or spam categories, with an anticipated precision rate of 0.98, demonstrating the model's effectiveness in accurately identifying phishing emails.

Social risks of internet activity of virtual communities

The article studies a phenomenon of Internet activism of virtual communities, identifies their essence and characteristics, and analyzes possible social risks of their activities. The authors substantiate a position that such communities are able to quickly mobilize users for coordinated actions in social reality, responding to economic, social, political, and cultural events. These activities are generally oppositional to established values and social institutions and carry social risks. Based on the approaches of G. Rheingold, N. Baym, and B. Wellman, the authors propose, justify, and develop their own typology of virtual communities depending on their Internet activity. The article focuses on the activity of explicitly virtual (latently real) communities that influence social reality through protest performances, flash mobs, spam attacks, Internet actions, etc. Using the case study method, the authors examine Reddit’s r/wallstreetbets and V.V. Pozdnyakov’s Muzhskoe Gosudarstvo Telegram communities. Based on the analysis of the Internet activism practices of virtual communities, risks and threats of uncontrolled and spontaneous actions on their part have been demonstrated. As a result, need for multidimensional analysis of virtual communities by government agencies, business representatives, and research scientific centers has been noted.

Securing Low-Power Blockchain-enabled IoT Devices against Energy Depletion Attack

Blockchain-enabled Internet of Things (IoT) envisions a world with rapid development and implementations to change our everyday lives based on smart devices. These devices are attached to the internet that can communicate with each other without human interference. A well-known wireless network in blockchain-enabled IoT frameworks is the Low Power and Lossy Network (LLN) that uses a novel protocol known as Routing protocol for low power and lossy networks (RPL) to provide effective and energy-efficient routing. LLNs that run on RPL are inherently prone to multiple Denial of Service (DoS) attacks due to the low cost, shared medium, and resource-constrained nature of blockchain-enabled IoT devices. A Spam DODAG Information Solicitation (DIS) attack is one of the novel attacks that drains the energy source of legitimate nodes and ends up causing the legitimate nodes to suffer from DoS. To address this problem, a mitigation scheme named DIS Spam Attack Mitigation (DISAM) is proposed. The proposed scheme effectively mitigates the effects of the Spam DIS attack on the network’s performance. The experimental results show that DISAM detects and mitigates the attack quickly and efficiently.

SPAM DETECTION MODEL USING TENSORFLOW AND DEEP LEARNING ALGORITHM

As technology is becoming an integral aspect of every person's life since it makes living simpler and more efficient. As technology advances, spam attacks are becoming increasingly widespread. In this paper, we propose a solution to tackle this issue by comparing Convolutional Neural Network (CNN), Recurrent Neural Network (RNN), and Long Short-Term Memory (LSTM) deep learning techniques. Our objective is to develop a spam detection model that can effectively identify and filter out spam text. To evaluate the performance of our proposed model, we conducted experiments on a meticulously curated dataset consisting of spam and ham instances. The RNN model demonstrated exceptional accuracy, achieving an accuracy rate of 98.36%. Comparative analysis revealed that the CNN model achieved an accuracy rate of 97.10%, while the LSTM model attained an accuracy rate of 92.85%. These findings highlight the superior performance of the RNN model in accurately detecting spam using the TensorFlow platform. This research contributes to the advancement of spam detection methodologies, providing valuable insights for the development of effective spam filtering systems in the digital realm.

Breaking Captcha System with Minimal Exertion through Deep Learning: Real-time Risk Assessment on Indian Government Websites

Captchas are used to prevent computer bots from launching spam attacks and automatically extracting data available in the websites. The government websites mostly contain sensitive data related to citizens and assets of the country, and the vulnerability to its captcha systems raises a major security challenge. The proposed work focuses on the real-time captcha systems used by the government websites of India and identifies the risks level. To effectively analyze its captcha security, we concentrate on the problem from an attacker’s perspective. From the viewpoint of an attacker, building an effective solver to breach the captcha security system from scratch with limited feature engineering knowledge of text and image processing is a challenge. Neural network models are useful in automated feature extraction, and a simple model can be trained with a minimum number of manually annotated real captchas. Along with popular text captchas , government websites of India use text instructions –based captchas. We analyze an effective neural network pipeline for solving text captchas. The text instructions captchas are relatively new, and the work provides novel end-to-end neural network architectures to break different types of text instructions captchas . The proposed models achieve more than 80% accuracy and on a desktop GPU has a maximum inference speed of 1.063 seconds . The study comes up with an ecosystem and procedure to rate the overall risk of a captcha system used on a website. We observe that concerning the importance of available information on these government websites, the effort required to solve the captcha systems by an attacker is alarming.

An Efficient Spam Detection Technique for IoT Devices Using Machine Learning

Abstract: The Internet of Things (IoT) is a group of millions of devices having sensors and actuators linked over wired or wireless channels for data transmission. IoT has grown rapidly over the past decade with more than 25 billion devices are expected to be connected by 2020. The volume of data released from these devices will increase many-fold in the years to come. In addition to an increased volume, the IoT devices produces a large amount of data with a number of different modalities having varying data quality defined by its speed in terms of time and position dependency. In such an environment, machine learning algorithms can play an important role in ensuring security and authorization based on biotechnology, anomalous detection to improve the usability and security of IoT systems. On the other hand, attackers often view learning algorithms to exploit the vulnerabilities in smart IoT-based systems. Motivated from these, in this paper, we propose an innovative approach for spam detection in IoT devices using machine learning. Our technique harnesses the power of advanced machine learning algorithms to accurately identify and mitigate spam attacks, ensuring the integrity and security of IoT ecosystems. We present a comprehensive methodology that combines data collection, feature extraction, model training, and evaluation to build a robust spam detection system.

Preventing Cloud Network from Spamming Attacks Using Cloudflare and KNN

Cloud computing is one of the most attractive and cost-saving models, which provides online services to end-users. Cloud computing allows the user to access data directly from any node. But nowadays, cloud security is one of the biggest issues that arise. Different types of malware are wreaking havoc on the clouds. Attacks on the cloud server are happening from both internal and external sides. This paper has developed a tool to prevent the cloud server from spamming attacks. When an attacker attempts to use different spamming techniques on a cloud server, the attacker will be intercepted through two effective techniques: Cloudflare and K-nearest neighbors (KNN) classification. Cloudflare will block those IP addresses that the attacker will use and prevent spamming attacks. However, the KNN classifiers will determine which area the spammer belongs to. At the end of the article, various prevention techniques for securing cloud servers will be discussed, a comparison will be made with different papers, a conclusion will be drawn based on different results.

BotSward: Centrality Measures for Graph-Based Bot Detection Using Machine Learning

The number of botnet malware attacks on Internet devices has grown at an equivalent rate to the number of Internet devices that are connected to the Internet. Bot detection using machine learning (ML) with flow-based features has been extensively studied in the literature. Existing flow-based detection methods involve significant computational overhead that does not completely capture network communication patterns that might reveal other features of malicious hosts. Recently, Graph-Based Bot Detection methods using ML have gained attention to overcome these limitations, as graphs provide a real representation of network communications. The purpose of this study is to build a botnet malware detection system utilizing centrality measures for graph-based botnet detection and ML. We propose BotSward, a graph-based bot detection system that is based on ML. We apply the efficient centrality measures, which are Closeness Centrality (CC), Degree Centrality (CC), and PageRank (PR), and compare them with others used in the state-of-the-art. The efficiency of the proposed method is verified on the available Czech Technical University 13 dataset (CTU-13). The CTU-13 dataset contains 13 real botnet traffic scenarios that are connected to a command-and-control (C&C) channel and that cause malicious actions such as phishing, distributed denial-of-service (DDoS) attacks, spam attacks, etc. BotSward is robust to zero-day attacks, suitable for large-scale datasets, and is intended to produce better accuracy than state-of-the-art techniques. The proposed BotSward solution achieved 99% accuracy in botnet attack detection with a false positive rate as low as 0.0001%.

Виртуальные сообщества как новые акторы социальной реальности

The article is devoted to the analysis of the phenomenon of virtual communities that arise in social networks, today more and more often go beyond their boundaries, having a significant impact on social reality. Based on the classical sociological theories of small groups by Ch. Cooley and F. Tennis, as well as new approaches to the study of network communities by G. Reingold, N. Baym, B. Wellman, the authors explicate the very concept of a virtual community, reveal a relationship with real communities, and propose a typology modern virtual communities. Depending on the degree of influence on social reality, the authors propose to single out explicit-real (latent-virtual); exclusively virtual; explicit-virtual (latent-real) virtual communities. Using the case method, the article discusses examples of the activities of virtual communities of the third type: the community of the financial network r/wallstreetbets on the Reddit platform and the community of the founder of the “Men’s State” V. Pozdnyakov§ in Telegram. Specific examples demonstrate the mechanisms of influencing social reality through such tools as speeches, flash mobs, spam attacks, and Internet promotions. As a result, the authors note the need for a multidimensional analysis of virtual communities by government agencies, business representatives, research centers in order to study them and develop mechanisms for an adequate response to possible challenges.

An Evaluation of Security in Blockchain-based Sharing of Student Records in Higher Education

Blockchain has recently taken off as a disruptive technology, from its initial use in cryptocurrencies to wider applications in areas such as property registration and insurance due to its characteristic as a distributed ledger which can remove the need for a trusted third party to facilitate transactions. This spread of the technology to new application areas has been driven by the development of smart contracts – blockchain-based protocols which can automatically enforce a contract by executing code based on the logic expressed in the contract. One exciting area for blockchain is higher education. Students in higher education are ever more mobile, and in an ever more agile world, the friction and delays caused by multiple levels of administration in higher education can cause many anxieties and hardships for students as well as potential employers who need to examine and evaluate student credentials. Distance learning as a primary platform for higher education promises to open up higher education to a wider range of learners than ever before. Blockchain-based storage of academic credentials is being widely studied due to the advantages it can bring. As with any network-based system, blockchain comes with a number of security and privacy concerns. Blockchain needs to meet several security-related requirements to be widely accepted: decentralization; confidentiality; integrity; transparency; and immutability. Researchers have been busy devising schemes to ensure that such requirements can be met in blockchain-based systems. Several types of blockchain-specific attacks have been identified: 51% attacks; malicious contracts; spam attacks; mining pools; targeted DDoS attacks; and others. Real-world attacks on blockchain-based systems have been seen on cryptocurrency sites. In this paper, we will evaluate the specific privacy and security concerns for blockchain-based systems used for academic credentials as well as suggested solutions. We also examine the issues for academic credentials which are stored “off-chain” in such systems (as is often the case). In this case, a Distributed File System (DFS) implemented with a peer-to-peer (P2P) architecture is often the choice for the storage of the academic credentials since it matches the decentralized nature of blockchain. Blockchain then contributes much to the usefulness of such a DFS, making it in turn a good match for a P2P DFS such as IPFS.

Characterizing the reputation of evaluators using vectors in the object feature space

Evaluation is a frequent occurrence in our daily lives, especially in online systems. Establishing ways to characterize the reputation of an evaluator is therefore becoming an important problem in online systems, and this has attracted much attention. Most existing evaluation methods use the rating information in user–object bipartite networks to evaluate the reputations of evaluators. These methods use a scalar quantity to represent the reputation of each user, which is applied to try to identify malicious ratings and spamming attacks. In this paper, we suggest that the reputation should be characterized by a vector, and propose a reputation–evaluation algorithm based on the classification of objects. More specifically, the objects are classified into several categories according to the community structure information obtained from a one-mode projection onto the objects of a bipartite network. The reputation vector of an evaluator then represents his/her reputation for the objects in different categories. The evaluator is also assigned an appropriate attribute according to his/her reputation vector using K-means clustering. The results from both artificial and real rating data have shown that the presented method is better than a correlation-based ranking method in terms of both accuracy and robustness.

Online Privacy-Preserving Data-Driven Network Anomaly Detection

We study online privacy-preserving anomaly detection in a setting in which the data are distributed over a network and locally sensitive to each node, and a probabilistic data model is unknown. We design and analyze a data-driven solution scheme where each node observes a high-dimensional data stream for which it computes a local outlierness score. This score is then perturbed, encrypted, and sent to a network operator. The network operator then decrypts an aggregate statistic over the network and performs online network anomaly detection via the proposed generalized cumulative sum (CUSUM) algorithm. We derive an asymptotic lower bound and an asymptotic approximation for the average false alarm period of the proposed algorithm. Additionally, we derive an asymptotic upper bound and asymptotic approximation for the average detection delay of the proposed algorithm under a certain anomaly. We show the analytical tradeoff between the anomaly detection performance and the differential privacy level, controlled via the local perturbation noise. Experiments illustrate that the proposed algorithm offers a good tradeoff between privacy and quick anomaly detection against the UDP flooding and spam attacks in a real Internet of Things (IoT) network.

Improving the Performance of Reputation Evaluation by Combining a Network Structure With Nonlinear Recovery

Characterizing the reputation of an evaluator is particularly significant for consumers to obtain useful information from online rating systems. Furthermore, overcoming the difficulties of spam attacks on a rating system and determining the reliability and reputation of evaluators are important topics in the research. We have noticed that most existing reputation evaluation methods rely only on using the evaluator’s rating information and abnormal behaviour to establish a reputation system, which disregards the systematic aspects of the rating systems, by including the structure of the evaluator-object bipartite network and nonlinear effects. In this study, we propose an improved reputation evaluation method by combining the structure of the evaluator-object bipartite network with rating information and introducing penalty and reward factors. The proposed method is empirically analyzed on a large-scale artificial data set and two real data sets. The results have shown that this method has better performance than the original correlation-based and IARR2 in the presence of spamming attacks. Our work contributes a new idea to build reputation evaluation models in sparse bipartite rating networks.

Email spam protection technology based on DMARC

The article explores the issues of protecting information and communication systems and e-mail from unwanted spam or spam attacks. Theoretical information about spam and its types is provided. The main technologies and methods of protecting communication systems from spam and spam attacks are formulated. The influence of spam on the activity and work of the corporate network is considered. Using a practical example, countermeasure technology is developed and it is shown how spam can affect the network and how you can protect yourself from spam attacks using DMARC technology.

MURLi: A Tool for Detection of Malicious URLs and Injection Attacks

SQL databases have been a staple for storing data in enterprises to meet their database requirements. SQL injection has also become a major security threat due to the growth of SQL. Injection attacks occur when the query in the database is modified by malicious data from an unsecure user. The use of NoSQL databases has been growing steadily due to advancements in Big Data and similar domains, and as an alternative to SQL databases. But recent studies have proved that even NoSQL is susceptible to injection attacks. Malicious websites can harm a person using the internet in various ways. Phishing attacks, Spam attacks, Defacement Attacks can occur once a user clicks on a URL. In this research, we propose the tool mURLi, for early detection of Malicious URLs, SQLi and NoSQLi, which pose a large threat to the end-users. To build mURLi, we have used various deep learning models (ANN, BiLSTM, BERT) and machine learning models (Random Forest, XGBoost, Adaboost, KNN) in an attempt to detect these attacks (SQLi, NoSQLi and Malicious URLs) more accurately than traditional methods and have presented a comparative study of the same. The results show that BERT model outperforms the existing tools for SQL and NoSQL attacks with an accuracy of 99.6% and 99.01% respectively, which was achievable due to its pre-training and deep language knowledge. BiLSTM proves to be the best tool for detection of Malicious URL attacks, with the results being 95.2% accurate.

Advances in spam detection for email spam, web spam, social network spam, and review spam: ML-based and nature-inspired-based techniques

Despite the great advances in spam detection, spam remains a major problem that has affected the global economy enormously. Spam attacks are popularly perpetrated through different digital platforms with a large electronic audience, such as emails, microblogging websites (e.g. Twitter), social networks (e.g. Facebook), and review sites (e.g. Amazon). Different spam detection solutions have been proposed in the literature, however, Machine Learning (ML) based solutions are one of the most effective. Nevertheless, most ML algorithms have computational complexity problem, thus some studies introduced Nature Inspired (NI) algorithms to further improve the speed and generalization performance of ML algorithms. This study presents a survey of recent ML-based and NI-based spam detection techniques to empower the research community with information that is suitable for designing effective spam filtering systems for emails, social networks, microblogging, and review websites. The recent success and prevalence of deep learning show that it can be used to solve spam detection problems. Moreover, the availability of large-scale spam datasets makes deep learning and big data solutions (such as Mahout) very suitable for spam detection. Few studies explored deep learning algorithms and big data solutions for spam detection. Besides, most of the datasets used in the literature are either small or synthetically created. Therefore, future studies can consider exploring big data solutions, big datasets, and deep learning algorithms for building efficient spam detection techniques.

Exploiting Burstiness in Reviews for Review Spammer Detection

Online product reviews have become an important source of user opinions. Due to profit or fame, imposters have been writing deceptive or fake reviews to promote and/or to demote some target products or services. Such imposters are called review spammers. In the past few years, several approaches have been proposed to deal with the problem. In this work, we take a different approach, which exploits the burstiness nature of reviews to identify review spammers. Bursts of reviews can be either due to sudden popularity of products or spam attacks. Reviewers and reviews appearing in a burst are often related in the sense that spammers tend to work with other spammers and genuine reviewers tend to appear together with other genuine reviewers. This paves the way for us to build a network of reviewers appearing in different bursts. We then model reviewers and their co-occurrence in bursts as a Markov Random Field (MRF), and employ the Loopy Belief Propagation (LBP) method to infer whether a reviewer is a spammer or not in the graph. We also propose several features and employ feature induced message passing in the LBP framework for network inference. We further propose a novel evaluation method to evaluate the detected spammers automatically using supervised classification of their reviews. Additionally, we employ domain experts to perform a human evaluation of the identified spammers and non-spammers. Both the classification result and human evaluation result show that the proposed method outperforms strong baselines, which demonstrate the effectiveness of the method.

SMS Spam Detection Framework Using Machine Learning Algorithms and Neural Networks

In our current generation we are very much habituated to many mobile services like communication, ecommerce etc. In mobile communication services SMS’s (Short Message Service’s) are very common and important services which we are using in personal purposes and profession. In these services some messages may cause spam attacks which is trap to users to access their personal information or attracting them to purchase a product from unauthorized websites. It is very easy for companies send any information or service or alert to their customers/users with these SMS API’s. Based on these services it is also possible for sending spam messages. So in this system we are using advance Machine Learning concepts for detection of the spam filtering in the SMS’s. In this system we are importing the dataset from UCI repository and for spam SMS detection we implementing machine learning classifiers like Support Vector Machine (SVM), K-Nearest Neighbor (KNN), and Neural Networks (NN) algorithms and with their metrics like accuracy, precision, recall and f-score. We calculate performances between there algorithms as well as we show the experiment results with visualization techniques and analyses which algorithm is best for spam SMS detection.

An Effective Model for Fraud Risk Management in Mitigating Telecommunication Fraud Incidences

In the context of Malaysia, the most common types of cyber attacks are denial of service, intrusion attempts, spam, vulnerability report, fraud, malicious code, and content-related attacks as reported by Cyber Security Malaysia. However, since 2011, cyber attacks such as intrusion attempts, denial of service and spam are decreasing steadily as a result of security measures that have been taken by companies or internet users. Nevertheless, cyber attacks which are steadily increasing are cyber harassment, intrusion and fraud. Approximately 5,328 fraud incidences were reported in 2011 while in 2020, the number of cases rose to 7,593 cases. Out of these cyber attacks in Malaysia, the most proliferating ones have been identified as fraud incidences. Thus, it is highly needed to come up with and propose the best fraud risk management strategy to handle fraud incidences among internet users and internet providers through the utilization of business intelligence tools, and quality enhancement via quality systems in place, quality information, and quality users. With these tools in hand, it is hoped that the proposed model will serve as a framework to mitigate and/or prevent the occurrence of fraud incidences.

Evaluating user reputation of online rating systems by rating statistical patterns

Numerous complex systems such as rating systems are highly affected by a small number of spamming attackers. How to design a fast and effective ranking method under the threat of spamming attacks is significant in practice. In this paper, we extract the user’s rating characteristics from personal historical ratings to determine whether the user is normal. It is discovered that reliable users have little bias and their rating scores follow the pattern of peak distribution. On the opposite, malicious users usually have biased ratings and their rating scores scarcely follow a known pattern. A new reputation ranking method IOR (Iterative Optimization Ranking) is proposed based on user rating deviation and rating characteristics. The experimental results on three real datasets show that this method is more efficient than existing states of art methods. This new fundamental idea can be contributed to a new way to solve spammer attacking problem. It can also be applied in large and sparse bipartite rating networks in a short time.