MODELLING AND ANALYSIS ON THE

PROPAGATION DYNAMICS OF EMAIL MALWARE

BATCH NO : 29

DONE BY :
ELIZABETH.M -311416104019
GUIDED BY : -311416104024
Mrs. THIRUPURASUNDARI.D.R, M.E., (Ph.D) HEMAVATHY.
JASMINE JULIAT.Y -311416104025
HOD/CSE B
KIRUTHIKA.S -311416104031

Mrs. V.Vidhya,M.E., Dr. CH.Prameela Devi,M.E.,Ph.D Mrs. D.Sudha,M.E.,(Ph.D)

SUPERVISOR INTERNAL EXAMINER PROJECT COORDINATOR
 OUTLINE

• OBJECTIVE

• ABSTRACT

• LITERATURE SURVEY

• EXISTING SYSTEM

• PROPOSED SYSTEM

• REFERENCES
 OBJECTIVE

To detect email malware bots and block spamming bots in sender side with the

use of bloom filter technique.

 ABSTRACT

• Internet Mail Server Spam delivery is the most common issue.

• They are good at filtering spam for end users, but spam messages still keep

wasting Internet bandwidth and the storage space of mail servers.

• Bro intrusion detection system is used to monitor the SMTP session.

• Due to the huge number of email addresses observed in the SMTP sessions, storing and

managing them efficiently using Bloom filters.

 LITERATURE SURVEY
S.No Title Algorithm/Technique Advantages Disadvantages
1. Abdelrahman AlMahmoud, Ernesto • Privacy preserving collaborative • Detect Spam campaigns • Used only in email body.
Damiani, Hadi Otrok, Yousof Al-Hammadi spam detection algorithm. • Less computation time • Cannot used for links.
Spamdoop:APrivacy-preserving Big Data • Highly parallel encoding
platform for collaborative spam technique
detection,2019.
2. Sreekanth Madisetty ,Maunendra sankar • Cluster Algorithm • Detects spammer • Spammer can create new
desarkar”A Neural Network-Based • Block spammer. accounts.
Ensemble Approach • Spread spam again.
for Spam Detection in
Twitter”,2018.
3. Peter Christen, Thilina Ranbaduge, Dinusha • SVM Algorithm • Efficient. • Re-identify sensitive values.
Vatsalan, and Rainer Schnell “Precise and • Encode sensitive attributes.
fast cryptanalysis for Bloom filter based
privacy –preserving record linkage”,2018.
4. Saeedreza shehnepoor, Mostafa Salehi, Reza • Weighting Algorithm • Spam features datasets used. • Four categories used
farahbakhsh, Noel Crespi “Net Spam: a • Mapping spam • Only one technique performs
Network-based Spam Detection Framework detection procedure. efficiently.
for Reviews in Online Social Media”,2017.

5. Sanjeev das, Yang liu, Wei zhang, • Highly parallel Algorithm • Online malware detection. • Non Effective
Mahintham Chandramohan “Semantics- • Exploit system vulnerabilities.
based Online Malware Detection: Towards
Efficient Real-time Protection Against
Malware”,2015
 EXISTING SYSTEM

• Spam mails are filtered on the Receiver side.

• Highly parallel encoding technique used to detect the spam campaigns.

• Privacy preserving collaborative spam detection is used.

• It detects malware attacks and sends feedback to the receiver.

• It performs favourably against the creation and delivery overhead.

ARCHITECTURE – EXISTING SYSTEM
 DISADVANTAGES

• Spam messages still exist in the spam box.

• Wastage of internet bandwidth.

• Reduce mail server storage.

• Does not deals with harmful links.

 PROPOSED SYSTEM

• Spam filtering techniques is deployed on the sender side

• Email with attachments such as.exe, .dll, .pif, .scr, .js files, documents ,video links

are filtered as malware at the sender side .

• Word net dictionary is used to find unwanted, out of dictionary and unparliament words.

• Link checker is implemented to find prank videos.

• Bloom filter technique is used to detect repeated spam mails and filters spam
messages
ARCHITECTURE – PROPOSED SYSTEM
 ADVANTAGES

• No Wastage of Internet bandwidth.

• Improve Mail server storage.

• Performance Enhancement.

• Parallel processing.
 MODULES

• Reinfection

• Word Scrutinizer

• Susceptible Detection Using Bloom Filter

• Blocking Spambots
 REINFECTION

• After the successful login, the user goes to view the compose page.
• A user may get infected whenever the user visits malicious hyperlink or
attachments.
• Email attachments such as .exe, .dll files will be detected.
• The user can also use the chat option for a closed group of people.
 SEQUENCE DIAGRAM

Sender Mail Server Admin

1. Login

2. Compose Mail

3. Detect Malware

4. Update

5. Alert Message
Compose Page Group Chat page
 WORD SCRUTINIZER

• Word-net dictionary is a lexical database of semantic relations between words.

• Wordnet used for detecting unwanted words.
• E.g. : Ruffle the surface of the water – Emotional message (anger)
I hate you – Emotional message (anger) – This message will be blocked.
• Link Checker is a program that tests alphanumeric string to detect unwanted
video links (prank videos).
• Unwanted words or video links if detected, it shows an alert message to the
Sender.
ACTIVITY DIAGRAM
Alert page Alert page
 SUSCEPTIBLE DETECTION USING BLOOM FILTER

• A bloom filter is a space and memory efficient probabilistic data structure

that is used to test whether an element is present in a set.
• If the unwanted messages or links are detected then the bloom filter makes
the count of it.
• Based on the counting, the spam bots can be monitored according to the
senders network and recipients email address.
DATA FLOW DIAGRAM
 PSEUDOCODE

BLOOM FILTER INSERTION

Input : x is the object key to insert into the Bloom Filter

Output : insert(x)
1: for j : 1…k
do 2: i ← hj (x);
3: if Bi == 0 then
4: position i
5: Bi ← 1;
6: end
7: end
MEMBER TEST WITH COUNTING

Input : x is the object key for which membership is tested.

Output : ismember(x) returns true or false to the membership test
1: m ← 1;
2: j ← 1;
3: while m = = 1 and j ≤ k do
4: i ← hj(x)
5: if Bi = = 0 then
6: m ← 0;
7: end
8: j ← j + 1;
9: end
10: return m;
Network Monitoring Analyze REA
 BLOCKING SPAMBOTS

• Based on REA and senders network, a network administrator monitors the count of
blocked mails.
• If the count exceeds more than 10, the network administrator blocks the spam bot.
• After blocking, the spam bot cannot access his/her account.
• After providing proper authentication, the blocked account will be unblocked by
network administrator.
ACTIVITY DIAGRAM
Block Spambot
 SYSTEM REQUIRMENTS
SOFTWARE REQUIRMENTS:

• Client-side Scripting : JavaScript

• Programming Language : Java
• Web Applications : JDBC, Servlets, JSP
• IDE/Workbench : Netbeans 7.3
• Server Deployment : Tomcat 7

HARDWARE REQUIRMENTS:

• Processor : Pentium IV
• Hard Disk : 260 GB
• RAM : 4GB or more
 CONCLUSION AND FUTURE ENHANCEMENT

• We are able to classify the emails as spam or ham.

• Provides sensitivity to the clients and can adapt very well to changes.
• To provide a strong and comprehensive technique to detect spam in the sender
side.
• The problem of spam email and anti-spam solution is game of cat and mouse.
• Spammer will come up with new techniques of sending emails.
• In future the work can be extended to block the phishing mails and also extend
to keep away the denial of service attacks(DOS).
 REFERENCES

1 Abdelrahman AlMahmoud, Ernesto Damiani, Hadi Otrok, Yousof Al-

Hammadi Spamdoop:A Privacy-preserving Big Data
platform for collaborative spam
detection,2019.
2 Sreekanth Madisetty ,Maunendra sankar desarkar”A Neural
Network-Based Ensemble Approach for Spam Detection in Twitter”,2018.
3 Peter Christen, Thilina Ranbaduge, Dinusha Vatsalan, and Rainer Schnell
“Precise and fast cryptanalysis for Bloom filter based privacy –preserving
record linkage”,2018.
4 Saeedreza shehnepoor, Mostafa Salehi, Reza farahbakhsh, Noel Crespi “Net
Spam: A Network-based spam detection framework for reviews in Online social
media”,2017
5 Sanjeev das, Yang liu, Wei zhang, Mahintham Chandramohan “Semantic-based
Online Malware detection towards efficient real-time protection against
malware”,2015
THANK
YOU