System and Method for Detecting Email Spammers
First Claim
1. A system for detecting Email spammers comprising:
- a database containing a byte size and variability traffic flow model, the byte size and variability traffic flow model representing byte size and variability of traffic flows associated with a plurality of known SMTP Clients; and
a classification system classifying incoming traffic flows initiated by an unknown SMTP Client based on a comparison between byte size and variability of the incoming traffic flows and the byte size and variability traffic flow model.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for detecting Email spammers from unknown SMTP Clients using the unknown SMTP Client'"'"'s SMTP traffic information e.g. byte size and variability data. The system and method includes a byte size and variability traffic flow model and a classification system. The traffic flow model may be based upon a standard deviation of byte size and variability of traffic flows for a plurality of legitimate SMTP Clients and for a plurality of Spammer SMTP Clients. The classification system then classifies an Unknown SMTP Client as an Email Spammer based on a comparison between the byte size and the variability of the Unknown SMTP Client'"'"'s traffic flows with the byte size and variability traffic flow model.
-
Citations
25 Claims
-
1. A system for detecting Email spammers comprising:
-
a database containing a byte size and variability traffic flow model, the byte size and variability traffic flow model representing byte size and variability of traffic flows associated with a plurality of known SMTP Clients; and a classification system classifying incoming traffic flows initiated by an unknown SMTP Client based on a comparison between byte size and variability of the incoming traffic flows and the byte size and variability traffic flow model. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for detecting Email Spammers comprising:
-
comparing byte size and traffic variability of incoming traffic flows initiated by an SMTP Client to a byte size and variability traffic flow model; and classifying an SMTP Client using the incoming traffic flows initiated by the SMTP Client based on the comparing step. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification