Bibliography
[1] C. Kanich, C. Kreibich, K. Levchenko, B. Enright, G. Voelker, V. Paxson, and S. Savage, “Spamalytics: An empirical analysis of spam marketing conversion,” in Proceedings of the 15th ACM conference on Computer and communications security. ACM, 2008, pp. 3–14.
[2] J. Klensin, “Simple Mail Transfer Protocol,” RFC 2821 (Proposed Standard), Internet Engineering Task Force, Apr. 2001, obsoleted by RFC 5321, updated by RFC 5336. [Online]. Available: http://www.ietf.org/rfc/rfc2821.txt
[3] J. Postel, “Simple Mail Transfer Protocol,” RFC 821 (Standard), Internet Engineering Task Force, Aug. 1982, obsoleted by RFC 2821. [Online]. Available: http://www.ietf.org/rfc/rfc821.txt
[4] D. Crocker, “STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES,” RFC 822 (Standard), Internet Engineering Task Force, Aug. 1982, obsoleted by RFC 2822, updated by RFCs 1123, 2156, 1327, 1138, 1148. [Online]. Available: http://www.ietf.org/rfc/rfc822.txt
[5] P. Resnick, “Internet Message Format,” RFC 2822 (Proposed Standard), Internet Engineering Task Force, Apr. 2001, obsoleted by RFC 5322, updated by RFCs 5335, 5336. [Online]. Available: http://www.ietf.org/rfc/rfc2822.txt
[6] “Windows Events,” Internet Engineering Task Force, Jul. 2009. [Online]. Available: http://msdn.microsoft.com/en-us/library/aa964766%28v=VS.85%29.aspx
[7] C. Lonvick, “The BSD Syslog Protocol,” RFC 3164 (Informational), Internet Engineering Task Force, Aug. 2001, obsoleted by RFC 5424. [Online]. Available: http://www.ietf.org/rfc/rfc3164.txt
[8] R. Gerhards, “The Syslog Protocol,” RFC 5424 (Proposed Standard), Internet Engineering Task Force, Mar. 2009. [Online]. Available: http://www.ietf.org/rfc/rfc5424.txt
[9] D. Alperovitch, P. Judge, and S. Krasser, “Taxonomy of Email Reputation Systems,” in ICDCSW ‘07: Proceedings of the 27th International Conference on Distributed Computing Systems Workshops. Washington, DC, USA: IEEE Computer Society, 2007, p. 27.
[10] Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov, “Spamming botnets: signatures and characteristics,” in SIGCOMM ‘08: Proceedings of the ACM SIGCOMM 2008 conference on Data communication. New York, NY, USA: ACM, 2008, pp. 171–182.
[11] A. Ramachandran, D. Dagon, and N. Feamster, “Can DNS-based blacklists keep up with bots,” in Conference on Email and Anti-Spam, 2006.
[12] “MAPS, the Mail Abuse Prevention System.” [Online]. Available: http://www.mail-abuse.com/
[13] A. Ramachandran and N. Feamster, “Understanding the network-level behavior of spammers,” in SIGCOMM ‘06: Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications. New York, NY, USA: ACM, 2006, pp. 291–302.
[14] “The Spamhaus Project.” [Online]. Available: http://www.spamhaus.org/
[15] “Spamcop.net.” [Online]. Available: http://www.spamcop.net/
[16] “SURBL, the Spam URI Realtime Blocklists.” [Online]. Available: http://www.surbl.org/
[17] K. Walsh and E. G. Sirer, “Fighting peer-to-peer SPAM and decoys with object reputation,” in P2PECON ‘05: Proceedings of the 2005 ACM SIGCOMM workshop on Economics of peer-to-peer systems. New York, NY, USA: ACM, 2005, pp. 138–143.
[18] ——, “The case for an object-based peer-to-peer reputation system,” in SOSP ‘05: Proceedings of the twentieth ACM symposium on Operating systems principles. New York, NY, USA: ACM, 2005, pp. 1–2.
[19] W. N. Gansterer and M. Ilger, “Analyzing UCE/UBE traffic,” in ICEC ‘07: Proceedings of the ninth international conference on Electronic commerce. New York, NY, USA: ACM, 2007, pp. 195–204.
[20] A. Pathak, Y. C. Hu, and Z. M. Mao, “Peeking into spammer behavior from a unique vantage point,” in LEET’08: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats. Berkeley, CA, USA: USENIX Association, 2008, pp. 1–9.
[21] R. Clayton, “Stopping spam by extrusion detection,” To appear, 2004.
[22] J. M. Pujol, R. Sangüesa, and J. Delgado, “Extracting reputation in multi agent systems by means of social network topology,” in AAMAS ‘02: Proceedings of the first international joint conference on Autonomous agents and multiagent systems. New York, NY, USA: ACM, 2002, pp. 467–474.
[23] S. J. Stolfo, S. Hershkop, K. Wang, O. Nimeskern, C.-W. Hu, and W. Hu, “A Behavior-based Approach To Securing Email Systems,” in Mathematical Methods, Models and Architectures for Computer Networks Security. Springer Verlag, 2003, pp. 57–81.
[24] S. J. Stolfo, S. Hershkop, C.-W. Hu, W.-J. Li, O. Nimeskern, and K. Wang, “Behavior-based modeling and its application to Email analysis,” ACM Trans. Internet Technol., vol. 6, no. 2, pp. 187–221, 2006.
[25] S. Hershkop, “Behavior-based email analysis with application to spam detection,” Ph.D. dissertation, Columbia University, 2006.
[26] J. T. Goodman and R. Rounthwaite, “Stopping outgoing spam,” in EC ‘04: Proceedings of the 5th ACM conference on Electronic commerce. New York, NY, USA: ACM, 2004, pp. 30–39.
[27] “Scribe,” Facebook Engineering, Oct. 2008. [Online]. Available: https://github.com/facebook/scribe
[28] W. Venema, “Postfix,” IBM Research, Jan. 1998. [Online]. Available: http://www.postfix.org/
[29] D. Luckham and B. Frasca, “Complex event processing in distributed systems,” Computer Systems Laboratory Technical Report CSL-TR-98-754. Stanford University, Stanford, 1998. [Online]. Available: http://reference.kfupm.edu.sa/content/c/o/complex_event_processing_in_distributed__74987.pdf
[30] P. Dekkers, “Complex event processing,” Master’s thesis, Radboud University Nijmegen, 2007. [Online]. Available: http://dist.codehaus.org/esper/CEP_MasterThesis_PaulDekkers_200709.pdf
[31] “ESPER Event Stream Intelligence.” [Online]. Available: http://esper.codehaus.org/