计算机应用 ›› 2017, Vol. 37 ›› Issue (1): 206-211.DOI: 10.11772/j.issn.1001-9081.2017.01.0206

• 网络空间安全 • 上一篇    下一篇

基于增量学习算法的校园网垃圾邮件检测模型

陈斌, 东一舟, 毛明荣   

  1. 南京师范大学 信息化建设管理处, 南京 210023
  • 收稿日期:2016-08-04 修回日期:2016-09-13 出版日期:2017-01-10 发布日期:2017-01-09
  • 通讯作者: 陈斌
  • 作者简介:陈斌(1978-),男,江苏南京人,工程师,博士,CCF会员,主要研究方向:分布式计算、云计算;东一舟(1978-),男,江苏海门人,实验师,主要研究方向:物联网应用;毛明荣(1958-),男,江苏靖江人,高级实验师,主要研究方向:网络应用。
  • 基金资助:
    南京师范大学数字校园建设研究项目(2013JSJG069)。

Spam detection model of campus network based on incremental learning algorithm

CHEN Bin, DONG Yizhou, MAO Mingrong   

  1. Informatization Office, Nanjing Normal University, Nanjing Jiangsu 210023, China
  • Received:2016-08-04 Revised:2016-09-13 Online:2017-01-10 Published:2017-01-09
  • Supported by:
    This work is supported by the Digital Campus Construction Project of Nanjing Normal University (2013JSJG069).

摘要: 针对大量垃圾邮件对用户带来困扰的问题,提出了一种增量被动攻击学习算法。该方法基于半年时间的对本校校园网内邮件宿主机上所发起的简单邮件传输协议(SMTP)会话日志的采集,针对会话中记录的投递率状态及多种类型的失败消息进行了宿主机行为分析,最终达到有效地适应被检测垃圾邮件源宿主机对最近邮件分类行为的目的。实验结果表明,在执行了若干回合分类策略的调整后,该检测的准确度可以达到94.7%。该设计可以有效地检测内部垃圾邮件宿主机行为,继而从根源上抑制了垃圾邮件的产生。

关键词: 垃圾邮件宿主机, 简单邮件传输协议会话, 增量学习, 分类器, 失败信息

Abstract: Concerning the problem brought by a large number of spam, an incremental passive attack learning algorithm was proposed. The passive attack learning method was based on the Simple Mail Transfer Protocol (SMTP) session log initiated by the email host in the campus during half a year. Analysis on the status of delivery rate and many types of failure message of the host behavior in the session record was conducted, and the effective adaptation was ultimately achieved by detecting spam source host behavior on the recent email classification. The experimental results show that after implementing several rounds of classification strategy adjustment, the detection accuracy of the proposed model can reach 94.7%. The design is very useful to effectively detect internal spam host and control the spam from the source.

Key words: spam host, Simple Mail Transfer Protocol (SMTP) session, incremental learning, classifier, failure information

中图分类号: