Skip to Main Content
One of the main and serious threats on the Internet is Spam. Spam refers to the abuse of electronic messaging system by sending unrequested bulk messages randomly. Botnets are considered one of the main contributors to the sources of spam. Botnet refers to a group of software called bots. The function of these bots is to run on several compromised computers autonomously and automatically. Spamming causes illegal consuming of network resources in general and mail system in particular. The objective of this research is to detect the source of spam on the network by detecting the abnormal behaviors that reflect spamming activities. Behavioral-based Spam Detector (BSD) combines several behaviors of the spam bots at different stages including the behavior of spam preparation before the spam session when the spammers search for an open relay SMTP service to send e-mails through, and the behavior of spammers while connecting to the mail server. The proposed method monitors the network traffic for group malicious activities. The relationship between the host behaviors that trigger suspicion is used to find out if there are any Spam bots or Botnet members within the network. Detecting the abnormal behavior produced by the spam activities gives a high rate of suspicion on the existence of bots.