Every day throughout the world millions of electronic messages (e-mail) are sent over networks such as the Internet, however most of them are unsolicited and unwanted, so-called “spam.” Electronic spam has been defined as messages containing commercial, political, and other forms of advertising, as well as malicious programs and links to phishing or other disreputable sites. The most unpleasant part of spam that it is routinely sent over the Internet to individuals who have not expressed a desire to receive such messages. Additionally, since each typical Internet user receives dozens or even hundreds of spam messages in a given day, statistics indicate that spam accounts for up to 90% of all sent messages. It is clear that the problem of fighting spam is extremely important.
One way to combat spam is to use various filters that allow finding a spam message by one or more keywords or by entering the sender's address in a blacklist. More advanced techniques, such as the use of histograms or categories, also allow users to raise the level of spam detection to values, sometimes approaching 100%. These techniques are currently implemented in commercial products such as Anti Spam Filter, Antispam Post, GFI MailEssentials, Kaspersky Internet Security or Kaspersky Anti-Spam—designed for both individual users and the corporate sector.
These solutions fight spam after it has been sent to a user's e-mail server, and do not solve the main problem itself, that is, the mass e-mailing of spam. These solutions also run the risk of indicating false positives, which means that legitimate email (e.g., from friends or colleagues) can appear as spam if they happen to trigger the filtering mechanisms.
Most spamming is currently performed by individual programs—known as spam bots—which are often covertly installed on users' computers to perform routine operations, such as sending spam. Spam e-mails are transmitted from various servers, which spammers rent for a short time, are not spam's main source, but rather serve for promotional purposes. Thus, one option for fighting spam is to detect spam bots on users' computers. The volume of spam for a home user with a channel bandwidth of 10-20 Mbps can reach up to 50-100 gigabytes of spam a day. Because of the large number of spam bots the aggregate amount of traffic can cause serious strain on email servers. There is therefore a pressing need for effective removal of spam bots from users' computers.