|Project Description: ||Identifying and fixing the affected machines is the key step to resolve any security threats in a network. Because, it becomes a route to launch several attacks such as Denial of service attacks, spamming, stealing user identities and spreading malware etc. Spamming is one of the major threats where attackers perform single attack and make multiple machines in a network as compromised machines. Even though few existing methods like spam signatures and spam behavior analysis resolved the problems to certain extent, it is still not applicable in large networks. Moreover, these methods lack online spam detection mechanism. Existing systems and its drawbacks are also discussed in this report.
An effective design and implementation of a tool is important to monitor and detect spam attacks in a real time network. In this research, a tool is developed to differentiate spam affected and non-spam affected machines by the exchange of messages in a network in an online manner. The tool keeps track of IP addresses of each machine and records the spam percentage in a network. It maintains the privacy of the clients exchanging non-spam emails by encrypting its content from the view of the network administrator. A definite algorithm in this report is used to differentiate between spam and non-spam. The performance of this tool is based on the parameters like number of spam messages, percentage of spam detected and its efficiency to overcome the limitations of the existing systems.