电子邮件垃圾邮件分类从标头提取功

时间:2014-07-06 06:24:14

标签: r machine-learning classification feature-extraction spam-prevention

我正在尝试构建垃圾邮件分类器。我一直在阅读一些研究论文,并添加基于内容的功能,我也试图添加标题字段功能,例如BCC收件人,主题,发件人等的数量,但我被困在一个特定的地方:

  • 我需要检查发件人域名地址的合法性。我是 在R中写下我的所有代码,我不知道如何检查 使用R。
  • 我也在尝试提取X-Mailer字段,这不是一个 困难的任务。但是,X-mailer的问题在于它不是 然后,这是一个很好的迹象表明该电子邮件是垃圾邮件, 然而,当垃圾邮件发送者试图混淆时,问题就出现了 X-mailer并用乱码文本填充,我该如何区分 在这两类数据之间 - 乱码的X-mailer内容和合法的X-mail。
  • 同样,我正在尝试创建以下功能:“domain_legality” 发件人域名的合法性,“date_time_legality” 创建和接收消息的日期和时间的合法性, 接收者的“IP_legality”IP,以及“sender_legality”,这些都是什么 自我解释。

感谢您的时间和考虑。

所以这是我的代码示例,我正在尝试做什么:

extract_header <- function(email.data){
  header.features <- data.frame(matrix(ncol = 13))
  email.regex <- "[[:alnum:].-]+@[[:alnum:].-]+" #regular expression to extract from email address
  colnames(header.features) <- c("rec_field_num_of_hops", "span_time", "domain_legality", "date_time_legality", "IP_legality", "sender_legality", "num_of_To_receivers", "num_of_CC_receivers", "num_of_BCC_receivers", "mail_agent", "email_subject", "date_received")
  for(i in 1:length(email.data)){
    #extracting the email address of the sender
    header.features$sender_legality[i] = str_match(email.data[[i]]$meta$author, email.regex)

    #the subject of the email
    header.features$email_subject[i] = email.data$meta$heading

    #number of To receipients of the email
    posToField = which(!is.na(str_match(email.data[[i]]$meta$header, ignore.case("^To:"))))
    if(length(posToField) > 0)
      header.features$num_of_To_receivers[i]  = sum(str_count(email.data[[i]]$meta$header[posToField], email.regex))
    else
      header.features$num_of_To_receivers[i]  = 0

    #number of people CC in the email
    posCCField = which(!is.na(str_match(email_corpus[[i]]$meta$header, ignore.case("^Cc:"))))
    if(length(posCCField) > 0)
      header.features$num_of_CC_receivers[i] = sum(str_count(email.data[[i]]$meta$header[posCCField], email.regex))
    else
      header.features$num_of_CC_receivers[i] = 0

    #number of the Bcc people in the email
    posBccField = which(!is.na(str_match(email_corpus[[i]]$meta$header, ignore.case("^Bcc:"))))
    if(length(posBccField) > 0)
      header.features$num_of_BCC_receivers[i] = sum(str_count(email.data[[i]]$meta$header[posBccField], email.regex))
    else
      header.features$num_of_BCC_receivers[i] = 0

    #number of email servers hopped by
    header.features$rec_field_num_of_hops[i] <- sum(str_count(email_corpus[[i]]$meta$header, "^Received: from"))

  }
}

我正在遵循研究论文中提出的方法:

  • 可扩展的智能非基于内容的垃圾邮件过滤框架
  • 识别电子邮件垃圾邮件过滤的潜在有用电子邮件标头功能

我需要检查电子邮件的发件人是否是合法的发件人,这样做的理由是垃圾邮件制造者大多数时候都会欺骗他们的电子邮件地址,而这个特殊功能有助于识别电子邮件是否是垃圾邮件

部首:

From rpm-list-admin@freshrpms.net  Tue Oct  8 10:56:20 2002
Return-Path: <rpm-zzzlist-admin@freshrpms.net>
Delivered-To: zzzz@localhost.example.com
Received: from localhost (jalapeno [127.0.0.1])
    by example.com (Postfix) with ESMTP id 79DB116F16
    for <zzzz@localhost>; Tue,  8 Oct 2002 10:56:20 +0100 (IST)
Received: from jalapeno [127.0.0.1]
    by localhost with IMAP (fetchmail-5.9.0)
    for zzzz@localhost (single-drop); Tue, 08 Oct 2002 10:56:20 +0100 (IST)
Received: from egwn.net (ns2.egwn.net [193.172.5.4]) by
    dogma.slashnull.org (8.11.6/8.11.6) with ESMTP id g988mPK07565 for
    <zzzz-rpm@example.com>; Tue, 8 Oct 2002 09:48:25 +0100
Received: from auth02.nl.egwn.net (localhost [127.0.0.1]) by egwn.net
    (8.11.6/8.11.6/EGWN) with ESMTP id g988i1f16827; Tue, 8 Oct 2002 10:44:02
    +0200
Received: from chip.ath.cx (cs146114.pp.htv.fi [213.243.146.114]) by
    egwn.net (8.11.6/8.11.6/EGWN) with ESMTP id g988hGf13093 for
    <rpm-list@freshrpms.net>; Tue, 8 Oct 2002 10:43:16 +0200
Received: from chip.ath.cx (localhost [127.0.0.1]) by chip.ath.cx
    (8.12.5/8.12.2) with ESMTP id g988hASA018848 for <rpm-list@freshrpms.net>;
    Tue, 8 Oct 2002 11:43:10 +0300
Received: from localhost (pmatilai@localhost) by chip.ath.cx
    (8.12.5/8.12.5/Submit) with ESMTP id g988h9j2018844 for
    <rpm-list@freshrpms.net>; Tue, 8 Oct 2002 11:43:10 +0300
X-Authentication-Warning: chip.ath.cx: pmatilai owned process doing -bs
From: Panu Matilainen <pmatilai@welho.com>
X-X-Sender: pmatilai@chip.ath.cx
To: rpm-zzzlist@freshrpms.net
Subject: Re: a problem with apt-get
In-Reply-To: <Pine.LNX.4.44.0210071231560.4199-100000@urgent.rug.ac.be>
Message-Id: <Pine.LNX.4.44.0210081140130.18762-100000@chip.ath.cx>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Mailscanner: Found to be clean, Found to be clean
Sender: rpm-zzzlist-admin@freshrpms.net
Errors-To: rpm-zzzlist-admin@freshrpms.net
X-Beenthere: rpm-zzzlist@freshrpms.net
X-Mailman-Version: 2.0.11
Precedence: bulk
Reply-To: rpm-zzzlist@freshrpms.net
List-Help: <mailto:rpm-zzzlist-request@freshrpms.net?subject=help>
List-Post: <mailto:rpm-zzzlist@freshrpms.net>
List-Subscribe: <http://lists.freshrpms.net/mailman/listinfo/rpm-zzzlist>,
    <mailto:rpm-list-request@freshrpms.net?subject=subscribe>
List-Id: Freshrpms RPM discussion list <rpm-zzzlist.freshrpms.net>
List-Unsubscribe: <http://lists.freshrpms.net/mailman/listinfo/rpm-zzzlist>,
    <mailto:rpm-list-request@freshrpms.net?subject=unsubscribe>
List-Archive: <http://lists.freshrpms.net/pipermail/rpm-zzzlist/>
X-Original-Date: Tue, 8 Oct 2002 11:43:09 +0300 (EEST)
Date: Tue, 8 Oct 2002 11:43:09 +0300 (EEST)

我希望这些额外的细节有所帮助。谢谢你的帮助:)。

1 个答案:

答案 0 :(得分:1)

这个问题非常笼统,但我会尽量给出一些建议。

首先,您应该考虑分层次地构建分类器。即:构建单独的分类器来处理特定问题,例如:各种参数的合法性,如日期,x-mailer等。

在每个子分类器的上下文中,您将能够比在解决所有这些问题时更轻松地使用领域知识和调试代码。

例如,让我们专注于从合法的x-mailers中分离乱码文本。

查看一系列示例,您可能会获得一些有关查找垃圾的见解。例如:字段长度,字符分布(对于乱码文本可能更加均匀),已知有效x-mailer列表等。

基于这些见解,您可以为此构建分类器:提取相关功能,培训,测试等。

一旦您满意地解决了这个问题,您就可以使用此分类器的输出作为更一般的垃圾邮件过滤器的输入。如果你这样做,最好让这个子分类器提取一个置信度的数值度量,而不仅仅是一个布尔值,这样一般的分类器就会有更多的信息来决定。

此时的另一个选择是将您发现的功能添加到更通用的分类器的功能集中,并让它们与其他功能一起用于分类。

此方法可以更好地解决您的功能之间更复杂的交互。

相关问题
最新问题