我正在尝试构建一个垃圾邮件分类器。我一直在阅读一些研究论文,随着添加基于内容的功能,我也试图添加标题字段功能,例如密件抄送收件人,主题,发件人等的数量,但我被困在一个特定的地方:
- 我需要检查发件人域名地址的合法性。我是我所有的代码都是用R写的,我不太确定如何检查使用r .
- 我还试图提取X-Mailer字段,这不是一个艰巨的任务。然而,x邮件的问题是,如果它不是那么现在这是一个很好的迹象表明,电子邮件是垃圾邮件,然而,当垃圾邮件发送者试图混淆时,问题就出现了x -mail和乱码,我怎么分辨在这两种类型的数据——乱码的X-mailer内容和合法的X-mailer之间。
- 同样,我正在尝试创建这样的功能:"domain_合法性"发送方域名的合法性,"date_time_合法性"信息创建和接收的日期和时间的合法性;"ip_合法性"是接收者的IP,"发送合法性"是一些什么自我解释。
感谢您的时间和考虑。
所以这里是我的代码的一个例子,我想做的是:
extract_header <- function(email.data){
header.features <- data.frame(matrix(ncol = 13))
email.regex <- "[[:alnum:].-]+@[[:alnum:].-]+" #regular expression to extract from email address
colnames(header.features) <- c("rec_field_num_of_hops", "span_time", "domain_legality", "date_time_legality", "IP_legality", "sender_legality", "num_of_To_receivers", "num_of_CC_receivers", "num_of_BCC_receivers", "mail_agent", "email_subject", "date_received")
for(i in 1:length(email.data)){
#extracting the email address of the sender
header.features$sender_legality[i] = str_match(email.data[[i]]$meta$author, email.regex)
#the subject of the email
header.features$email_subject[i] = email.data$meta$heading
#number of To receipients of the email
posToField = which(!is.na(str_match(email.data[[i]]$meta$header, ignore.case("^To:"))))
if(length(posToField) > 0)
header.features$num_of_To_receivers[i] = sum(str_count(email.data[[i]]$meta$header[posToField], email.regex))
else
header.features$num_of_To_receivers[i] = 0
#number of people CC in the email
posCCField = which(!is.na(str_match(email_corpus[[i]]$meta$header, ignore.case("^Cc:"))))
if(length(posCCField) > 0)
header.features$num_of_CC_receivers[i] = sum(str_count(email.data[[i]]$meta$header[posCCField], email.regex))
else
header.features$num_of_CC_receivers[i] = 0
#number of the Bcc people in the email
posBccField = which(!is.na(str_match(email_corpus[[i]]$meta$header, ignore.case("^Bcc:"))))
if(length(posBccField) > 0)
header.features$num_of_BCC_receivers[i] = sum(str_count(email.data[[i]]$meta$header[posBccField], email.regex))
else
header.features$num_of_BCC_receivers[i] = 0
#number of email servers hopped by
header.features$rec_field_num_of_hops[i] <- sum(str_count(email_corpus[[i]]$meta$header, "^Received: from"))
}
}
我正在遵循研究论文中提出的方法:
- 可扩展的智能非基于内容的垃圾邮件过滤框架
- 识别潜在有用的电子邮件头功能用于电子邮件垃圾邮件过滤
我需要检查电子邮件的发件人是否是一个合法的发件人,这样做的理由是,大多数时候垃圾邮件发送者欺骗他们的电子邮件地址,这个特殊的功能有助于识别电子邮件是否是垃圾邮件。
头:From rpm-list-admin@freshrpms.net Tue Oct 8 10:56:20 2002
Return-Path: <rpm-zzzlist-admin@freshrpms.net>
Delivered-To: zzzz@localhost.example.com
Received: from localhost (jalapeno [127.0.0.1])
by example.com (Postfix) with ESMTP id 79DB116F16
for <zzzz@localhost>; Tue, 8 Oct 2002 10:56:20 +0100 (IST)
Received: from jalapeno [127.0.0.1]
by localhost with IMAP (fetchmail-5.9.0)
for zzzz@localhost (single-drop); Tue, 08 Oct 2002 10:56:20 +0100 (IST)
Received: from egwn.net (ns2.egwn.net [193.172.5.4]) by
dogma.slashnull.org (8.11.6/8.11.6) with ESMTP id g988mPK07565 for
<zzzz-rpm@example.com>; Tue, 8 Oct 2002 09:48:25 +0100
Received: from auth02.nl.egwn.net (localhost [127.0.0.1]) by egwn.net
(8.11.6/8.11.6/EGWN) with ESMTP id g988i1f16827; Tue, 8 Oct 2002 10:44:02
+0200
Received: from chip.ath.cx (cs146114.pp.htv.fi [213.243.146.114]) by
egwn.net (8.11.6/8.11.6/EGWN) with ESMTP id g988hGf13093 for
<rpm-list@freshrpms.net>; Tue, 8 Oct 2002 10:43:16 +0200
Received: from chip.ath.cx (localhost [127.0.0.1]) by chip.ath.cx
(8.12.5/8.12.2) with ESMTP id g988hASA018848 for <rpm-list@freshrpms.net>;
Tue, 8 Oct 2002 11:43:10 +0300
Received: from localhost (pmatilai@localhost) by chip.ath.cx
(8.12.5/8.12.5/Submit) with ESMTP id g988h9j2018844 for
<rpm-list@freshrpms.net>; Tue, 8 Oct 2002 11:43:10 +0300
X-Authentication-Warning: chip.ath.cx: pmatilai owned process doing -bs
From: Panu Matilainen <pmatilai@welho.com>
X-X-Sender: pmatilai@chip.ath.cx
To: rpm-zzzlist@freshrpms.net
Subject: Re: a problem with apt-get
In-Reply-To: <Pine.LNX.4.44.0210071231560.4199-100000@urgent.rug.ac.be>
Message-Id: <Pine.LNX.4.44.0210081140130.18762-100000@chip.ath.cx>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Mailscanner: Found to be clean, Found to be clean
Sender: rpm-zzzlist-admin@freshrpms.net
Errors-To: rpm-zzzlist-admin@freshrpms.net
X-Beenthere: rpm-zzzlist@freshrpms.net
X-Mailman-Version: 2.0.11
Precedence: bulk
Reply-To: rpm-zzzlist@freshrpms.net
List-Help: <mailto:rpm-zzzlist-request@freshrpms.net?subject=help>
List-Post: <mailto:rpm-zzzlist@freshrpms.net>
List-Subscribe: <http://lists.freshrpms.net/mailman/listinfo/rpm-zzzlist>,
<mailto:rpm-list-request@freshrpms.net?subject=subscribe>
List-Id: Freshrpms RPM discussion list <rpm-zzzlist.freshrpms.net>
List-Unsubscribe: <http://lists.freshrpms.net/mailman/listinfo/rpm-zzzlist>,
<mailto:rpm-list-request@freshrpms.net?subject=unsubscribe>
List-Archive: <http://lists.freshrpms.net/pipermail/rpm-zzzlist/>
X-Original-Date: Tue, 8 Oct 2002 11:43:09 +0300 (EEST)
Date: Tue, 8 Oct 2002 11:43:09 +0300 (EEST)
这个问题很普遍,但我会试着给出一些建议。
首先,您应该考虑分层结构您的分类器。那就是:构建单独的分类器来处理特定的问题,例如各种参数的合法性,如日期、x-mailer等。
在这些子分类器的上下文中,您将能够使用领域知识并比一起解决所有这些问题更容易地调试代码。
例如,让我们专注于从合法的x邮件中分离乱码文本。
看一堆例子,你可能会得到一些关于寻找什么来识别垃圾的见解。例如:字段长度,字符分布(对于乱码文本可能会更大),已知有效x-mailers的列表,等等。
基于这些见解,你可以构建一个分类器:提取相关特征,训练,测试等。
一旦您满意地解决了这个问题,您就可以使用这个分类器的输出作为更通用的垃圾邮件过滤器的输入。如果这样做,让这个子分类器提取一个数字度量的置信度,而不仅仅是一个布尔值,这可能是一个好主意,这样一般分类器将有更多的信息来决定。
此时的另一种选择是将您发现正在工作的特性添加到更通用的分类器的特性集中,并让它使用它们(以及其他特性)进行分类。
这种方法可以更好地解释功能之间更复杂的交互。