Skip to Content

    Research Proposal

    Add your abstract and contact information and we will be in touch

    Thanks We will be in touch soon

    Contact us

    Leave a massage and we’ll get back to you

      You can also reach us at:

      Cyber Security Research Center @ Ben-Gurion University of the Negev
      P.O.B. 653
      Beer Sheva, 84105,

      +972 8 6428005
      +972 8 6428121

      Early detection of spamming accounts in large-Scale service provider networks

      Yehonatan Cohen, Daniel Gordon, Danny Hendler

      Knowledge-Based Systems Volume 142, 15 February 2018, Pages 241-255

      We present ErDOS — an algorithm for the Early Detection Of Spamming accounts. The detection approach implemented by ErDOS combines content-based labelling and features based on inter-account communication patterns. We define new account features, based on the ratio between the numbers of sent and received emails, the distribution of emails received from different accounts, and the topological features of the network induced by inter-account communication. We also present ErDOS-LVS — a variant of ErDOS that targets the detection of low-volume spammers. The empirical evaluation of both detectors is based on a real-life data set collected by an email service provider, much larger than data sets previously used for outgoing spam detection research. It establishes that both are able to provide effective early detection of the spammers population, that is, they identify these accounts as spammers before they are detected as such by a content-based detector. Moreover, both detectors require only a single day of training data for providing a high-quality list of suspect accounts.

      Back to top