Abu Awal Md Shoeb, the lead author of the paper titled "Spam Campaign Cluster Detection Using Redirected URLs and Randomized Sub-Domains", presented their work in the Third ASE international conference on Social Informatics 2​0​1​4​ at Harvard University on December 14, 2014 and received the Best Paper Award. Dibya Mukhopadhyay, Shahid Al Noor, Professor Alan Sprague, and Gary Warner co-authored the paper. Abu Awal Md Shoeb and Shahid Al Noor work at CIS SECRETLab under the supervision of Dr. Ragib Hasan and Dibya Mukhopadhyay works at CIS SPIES lab under the supervision of Dr. Nitesh Saxena.


Abstract: A substantial majority of the email sent everyday is spam. Spam emails cause many problems if someone acts or clicks on the link provided in the email body. The problems may include infecting users' personal machine with malware, stealing personal information, capturing credit card information, etc. Since spam emails are generated as a part of a very limited numbers of spam campaigns, it is useful to cluster spam messages into campaigns, so as to identify which campaigns are the largest. This enables investigation to focus this attention on the largest as the most significant clusters. In this paper, we present a method to cluster spam emails into spam campaigns. In our approach, the redirected URL has been chosen as the primary field for cluster formation. Our study shows that, a huge number of URLs arriving in spam email eventually points to a much smaller set of redirected URLs. Our multilevel clustering method grouped 90% of our half million spam emails into 4 spam campaigns. In addition to redirected URLs, we also use randomized sub domains, which come as a given URL in email body, for campaign identification. We believe that our model can be applied in real time to quickly detect major campaign.