參考文獻 |
[1] E. Cooke, F. Jahanian, D. McPherson, “The zombie roudup: Understanding, detecting, and disrupting botnets,” in Proc, USENIX Conf, SRUTI’05, Cambridge, MA, Jul. 2005.
[2] A. Ramachandran, N. Feamster, “Understanding the Network-Level Behavior of Spammers,” ACM Conf, SIGCOMM’06, Pisa, Italy, Sep. 2006.
[3] J. R. Binkley, S. Singh, “An algorithm for anomaly-based botnet detection,” in Proc, USENIX Conf, SRUTI’06, San Jose, CA, Jul. 2006.
[4] A. Karasaridis, B. Rexroad, D. Hoeflin, “Wide-scale botnet detection and characterization, ” in Proc, USENIX Conf, HotBots’07, Cambridge, MA, Apr. 2007.
[5] G. Gu, R. Perdisci, J. Zhang, W. Lee, “BotMiner: Clustering analysis of network traffic for protocol-and structure-independent botnet detection,” in Proc, USENIX Conf, SEC’08, San Jose, CA, Jul. 2008.
[6] S. Hao, N. A. Syed, N. Feamster, G. Gray, S. Krasser, “Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine,” in Proc, USENIX Conf, Oct. 2009
[7] Wikipedia. (Upgrading). Spam (electronic) [Online]. Available: http://en.wikipedia.org/wiki/Spam_(electronic)
[8] Wikipedia. (Upgrading). Simple Mail Transfer Protocol [Online]. Available: http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol
[9] Wikipedia. (Upgrading). Post Office Protocol [Online]. Available: http://en.wikipedia.org/wiki/Post_Office_Protocol
[10] Wikipedia. (Upgrading). Internet Message Access Protocol [Online]. Available: http://en.wikipedia.org/wiki/Internet_Message_Access_Protocol
[11] J Mann. (2007, Dec 12). Spam is 95% of email traffic, says Barracuda [Online]. Available: http://www.techspot.com/news/28226-spam-is-95-of-email-traffic-says-barracuda.html
[12] p0f, 2006. http://freshmeat.net/projects/p0f/
[13] MailAvenger, 2005. http://www.mailavenger.org/
[14] SpamAssassin, 2005. http://www.spamassassin.org/
[15] Honeynet Project. Known Your Enemy: Tracking Botnets. http://www.honeynet.org/papers/bots/botnet-commands.html, 2006
[16] K. Chiang, L. Lloyd, “A case study of the restock rootkit and spam bot,” in First workshop on hot topics in understanding botnets, 2007.
[17] Network Benchmarking Lab (NBL), http://betasite.nctu.edu.tw/betasite/
[18] Wikipedia. (Upgrading). Network Address Translation [Online], Available: http://en.wikipedia.org/wiki/Network_address_translation
[19] Wikipedia. (Upgrading). Webmail [Online], Available: http://en.wikipedia.org/wiki/Webmail
[20] P. J. Salzman, M. Burian, O. Pomerantz (May. 2007). The Linux Kernel Module Programming Guide [Online], Available: http://en.tldp.org/LDP/lkmpg/2.6/html/index.html
[21] NMAP.ORG, TCP/IP Reference [Online], Available: http://nmap.org/book/tcpip-ref.html
[22] netfilter, http://www.netfilter.org/
[23] iptables, http://www.netfilter.org/projects/iptables/index.html
[24] Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, E. Gillum, “BotGraph: Large Scale Spamming Botnet Detection,” in Proc, USENIX Symposium on Networked Systems Design and Implementation, Boston MA, 2009.
[25] Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, I. Osipkov, “Spamming Botnets: Signatures and Characteristics,” in Proc, ACM Conf., SIGCOMM’08, Washington USA, Aug. 2008
[26] G. Gu, J. Zhang, W. Lee, “BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic,” In NDSS, 2008
[27] Wikipedia. Open Mail Relay [Online], Availible: http://en.wikipedia.org/wiki/Open_mail_relay
[28] Message Labs Intelligence, Symantec Corp., “Spam Surges in February while message Size Shrinks,” Feb. 2010.
|