Um modelo de filtros compostos para detecção de mensagens maliciosas
| Ano de defesa: | 2006 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal de Minas Gerais
UFMG |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | http://hdl.handle.net/1843/RVMR-6QHJB9 |
Resumo: | The growth of the Internet created a whole new set of applications, most of them being characterized by the ease of use and interactivity. However, these new interaction models also allowed the raise of bad practices, where those novel mechanisms are used abusively. A typical example of such practices are the malicious messages or spams, which became a virtual prague, given their volume and variety. In order to minimize the spam-related problems, several proposals have been presented, including filters. Filters are programs that analyze the incoming messages to the mail server and identify those that seem to be malicious. This process may employ a large variety of criteria, each of them quantifying an aspect that may identify the message as being malicious or not. The completeness of these criteria is still an open problem, that is, no current solution has 100% precision. Further, we should note that filtering is a computationally expensive process, and the filtering cost is a function of the criterion complexity, the message length, and, obviously, the number of criteria employed. A malicious message may be detected by several criteria, characterizing a waste of computational resources, which are already scarce in most of the mail services. An alternate approach is to employ just some of the criteria, reducing the filtering cost, but facing the challenge of maintaining the detection effectiveness. In this work we investigate the trade offs of this last proposal through the composite filter model. We also present a greedy strategy for building such filters, and evaluated it using actual workloads, where we were able to verify that this is a promising solution. |