Department of Business Administration2024-11-092010N/A2-s2.0-84904816246N/Ahttps://hdl.handle.net/20.500.14288/15055Network security problems are deteriorating worldwide, and can potentially undermine the growth of the digital economy and imperil the multitude of innovations that have been a significant driver of economic growth as well as providing increased services to individuals, businesses, and governments. The emergence of botnets as a powerful force undermining security has raised new and important issues. In particular, the difficulty of detection, elimination and prevention of botnets or spam caused thereof on an absolute scale using computing technologies alone have focused attention on studying behavior patterns of botnets and spammers, to help devise better countermeasures. This paper has two objectives; first to introduce a theoretical modeling approach to spammer behavior and derivation of the model, and second, to compare some of the derivations with data that has been collected from blocklist organizations. By making inferences about the blocklist rules, the spammer can strategize to maximize the amount of spam sent, and we find evidence of spammers using multiple strategies. The blocklist can achieve reduction of spam by investigating longer history of a node's behavior instead of focusing on detection alone. While some of the derivations seem consistent with the data there is considerable room for modification and extension of the modeling approach. The paper concludes with suggestion for the extension of the model.Business administrationConference proceedinghttps://www.scopus.com/inward/record.uri?eid=2-s2.0-84904816246andpartnerID=40andmd5=d6ad06a890fbd1a8563646c5dd888fe9N/A13062