Web mail providers rely on users to “vote” to quickly and collaboratively identify spam messages. Unfortunately, spammers have begun to use large collections of compromised accounts not only to send spam, but also to ...

Routers in the network core are unable to maintain detailed statistics for every packet; thus, traffic statistics are often based on packet sampling, which reduces accuracy. Because tracking large ("heavy-hitter") traffic ...

Traffic classification and distinction allows network operators to provision resources, enforce trust, control unwanted traffic, and traceback unwanted traffic to its source. Today’s classification mechanisms rely ...

Organizations must control where private information spreads; this problem is referred to in the industry as data leak prevention. Commercial solutions for DLP are based on scanning content; these impose high overhead and ...

Phishing is an increasingly prevalent social-engineering attack that attempts identity theft using spoofed Web pages of legitimate organizations. Unfortunately, current phishing detection methods are neither complete ...

This paper studies the network-level behavior of spammers, including: IP address ranges that send the most spam, common spamming modes (e.g., BGP route hijacking, bots), how persistent (in time) each spamming host is, ...