Author: Hasan Alkahtani
Alkahtani, Hasan, 2015 Exploration of Email Spam, with a Focus on its Effects and Mitigation in Saudi Arabia, Flinders University, School of Computer Science, Engineering and Mathematics
Terms of Use: This electronic version is (or will be) made publicly available by Flinders University in accordance with its open access policy for student theses. Copyright in this thesis remains with the author. You may use this material for uses permitted under the Copyright Act 1968. If you are the owner of any included third party copyright material and/or you believe that any material has been made available without permission of the copyright owner please contact copyright@flinders.edu.au with the details.
Email spam is an international issue that has caused many challenges in different
countries. In Saudi Arabia, the volume of email spam is high compared to other
countries. This research investigated the nature of email spam in Saudi Arabia and
the awareness of email users about it and efforts to combat it; and provided
suggestions for strategies mitigate it. The study was conducted among three groups
in Saudi Arabia: public users, businesses and ISPs.
This research adopted a quantitative approach, using self-administrated
questionnaires to collect data. In this descriptive and cross-sectional study, data was
collected to answer the research questions from February 2011 to July 2011.
Multiple cluster random sampling was used to select public users and businesses, and
convenience sampling was used to select ISPs. A total of 1,500 public users from
universities, schools, hospitals, and government departments, and 300 businesses
were selected randomly from five regions; and all 27 ISPs. The validity of the
questionnaires was examined through a pilot study.
During data collection, public users, businesses and ISPs were asked to forward
Arabic and English email spam that they received in their email inboxes (i.e. email
spam that was bypassed anti-spam filters) to a specific email address created for the
purpose of this research. An email spam corpora was collected to investigate the
tricks used in the Arabic and English spam to bypass filters, affecting their
effectiveness. A total of 1,270 email SPAMs were analysed: 1,035 Arabic, 179
English, and 56 mixed Arabic and English spam. A taxonomy of email spam filters
(mostly developed to detect English spam) was constructed to develop methods to
counter the tricks used in Arabic spam. Using a phenetics approach, filters were
classified according to similarity between the methods used to detect spam.
Statistical tests such as chi-square and independent-samples t-test were used to
analyse the data.
Email users in Saudi Arabia had limited awareness of spam and ways to combat it,
although a large portion of them were well-educated professionals. ISPs, businesses
and public users believed that most of the spam was written in English, followed by
a large minority in Arabic. The most common types of Arabic spam were related to
forums, and religion and politics; and most English spam was pornographic, and
phishing and fraud emails. Saudi Arabia was the greatest source of Arabic spam;
whereas most of the English spam was sent from non-Arabic countries.
ISPs indicated that anti-spam filters were not completely effective, and these filters
performed better in detecting English spam than Arabic spam. The highest
percentage of Arabic spam originated from Saudi Arabia. Different tricks were used
in Arabic and English spam to bypass the filters. More Arabic than English spam
included attractive words in the subject line, contained an image in the body of the
message, and was sent by obfuscated or fake email addresses. Malicious contents
(e.g. viruses) appeared more often in English spam than Arabic spam.
The greatest effect of email spam on the performance of public users and
organisations in Saudi Arabia was reduced productivity, which can affect the
country’s economic growth.
More work is needed to combat spam in Saudi Arabia. Recommended strategies for
government and ISPs to reduce its effects in Saudi Arabia are: adopt an agreed
definition; enact culturally fit anti-spam laws; investigate effective ways to educate
email users; and refine and develop more effective filters, especially for Arabic
spam.
Keywords: Email, Spam, Arabic, English, Saudi Arabia
Subject: Computer Science thesis
Thesis type: Doctor of Philosophy
Completed: 2015
School: School of Computer Science, Engineering and Mathematics
Supervisor: Dr. Robert Goodwin