Presentation is loading. Please wait.

Presentation is loading. Please wait.

Spam Andy Nguyen 5/17/2004. What is Spam? Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Spam Andy Nguyen 5/17/2004. What is Spam? Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk."— Presentation transcript:

1 Spam Andy Nguyen 5/17/2004

2 What is Spam? Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content. Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content. A message is Spam only if it is both Unsolicited and Bulk (UBE) A message is Spam only if it is both Unsolicited and Bulk (UBE) Unsolicited Email is normal email (examples include first contact enquiries, job enquiries, sales enquiries)Unsolicited Email is normal email (examples include first contact enquiries, job enquiries, sales enquiries) Bulk Email is normal email (examples include subscriber newsletters, discussion lists, information lists)Bulk Email is normal email (examples include subscriber newsletters, discussion lists, information lists) Technical Definition of “Spam”: Technical Definition of “Spam”: An electronic message is "spam" IF: (1) the recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients; AND (2) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent; AND (3) the transmission and reception of the message appears to the recipient to give a disproportionate benefit to the sender.An electronic message is "spam" IF: (1) the recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients; AND (2) the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent; AND (3) the transmission and reception of the message appears to the recipient to give a disproportionate benefit to the sender. Source: www.spamhaus.org

3 Effects of Spam Bandwidth Loss Bandwidth Loss Connection Expense Connection Expense Unnecessary disk space usage Unnecessary disk space usage Over-flowing user mail boxes Over-flowing user mail boxes Loss of productivity Loss of productivity Fraud Fraud Costs estimated at $1 Billion/year Costs estimated at $1 Billion/year Nearly 30% of AOL’s mail is Spam Nearly 30% of AOL’s mail is Spam

4 Spammers Use automated tools that analyze online content Use automated tools that analyze online content Methods Methods Looking through UseNet for email addressesLooking through UseNet for email addresses Mailing listsMailing lists Web pages (guest books, forums, etc.)Web pages (guest books, forums, etc.) Dictionary attacks on user and domain names, using predictable email addressesDictionary attacks on user and domain names, using predictable email addresses E-mail directories, white pages (Big Foot)E-mail directories, white pages (Big Foot) Chat RoomsChat Rooms

5 Spam Defense Types of Defense: Types of Defense: EducationalEducational TechnicalTechnical Legal/EconomicalLegal/Economical Issues for Technical Spam Solutions: Issues for Technical Spam Solutions: DeploymentDeployment

6 Blacklisting Blocking mail from servers that is known to be bad Blocking mail from servers that is known to be bad Can stop e-mail before it is sent out Can stop e-mail before it is sent out Uses DNS-based distribution scheme Uses DNS-based distribution scheme Issues: Issues: Account Hopping – spammers use free e-mail addresses, spoof e-mail addresses, send through open relays/non- blacklisted servers to hide their point of originAccount Hopping – spammers use free e-mail addresses, spoof e-mail addresses, send through open relays/non- blacklisted servers to hide their point of origin Should you trust the administrators of these blacklists?Should you trust the administrators of these blacklists? blacklist listing policies differ blacklist listing policies differ Compromised blacklist can blacklist the internet (0/0), or allow everyone through Compromised blacklist can blacklist the internet (0/0), or allow everyone through New/unknown mail servers? Also may prevent good mail from coming throughNew/unknown mail servers? Also may prevent good mail from coming through

7 Spam Poisoning Defense against e-mail harvesting Defense against e-mail harvesting Instead of user@example.com, use user@exampleREMOVETHIS.com Instead of user@example.com, use user@exampleREMOVETHIS.comuser@example.com user@exampleREMOVETHIS.comuser@example.com user@exampleREMOVETHIS.com Using images Using images Generating fake web pages, with fake addresses Generating fake web pages, with fake addresses Issues: Issues: Once address is revealed, all effort spent concealing address wastedOnce address is revealed, all effort spent concealing address wasted Harvesters use search engines to find email addressesHarvesters use search engines to find email addresses

8 Distributed, Collaborative Filtering When a system receives spam, either from a user or “spam trap”, message is hashed and passed to closest server When a system receives spam, either from a user or “spam trap”, message is hashed and passed to closest server This mechanism maintains a distributed and constantly updating library of bulk mail This mechanism maintains a distributed and constantly updating library of bulk mail Issues: Issues: Users can abuse service and submit legitimate emailUsers can abuse service and submit legitimate email Spammers randomize their spam to change checksums (adding random strings etc.)Spammers randomize their spam to change checksums (adding random strings etc.)

9 Content Filtering Destination based defense Destination based defense Based on the content of the message Based on the content of the message Bayesian ApproachBayesian Approach Issues: Issues: Processing load on mail serverProcessing load on mail server Doesn’t address bandwidth and storage issuesDoesn’t address bandwidth and storage issues Accuracy isn’t 100%? Is this acceptable?Accuracy isn’t 100%? Is this acceptable? Spammers may run their e-mails through the filters in order to bypass themSpammers may run their e-mails through the filters in order to bypass them Privacy issuesPrivacy issues

10 Pricing Functions Basic Idea: Basic Idea: “If I don’t know you and want you to send me a message, then you must prove that you spent, say, ten seconds of CPU time, just for me and just for this message”“If I don’t know you and want you to send me a message, then you must prove that you spent, say, ten seconds of CPU time, just for me and just for this message” Proof of effort takes some time to compute but easily verifiable Proof of effort takes some time to compute but easily verifiable Function based on large number of scattered number of memory accessesFunction based on large number of scattered number of memory accesses Issues: Issues: What about legitimate mailing lists?What about legitimate mailing lists? Attackers could just compromise many machines to send out the mail (similar to DDos)Attackers could just compromise many machines to send out the mail (similar to DDos) Where would you deploy this ? On the between sender and mail server, server-server?Where would you deploy this ? On the between sender and mail server, server-server?

11 Internet Mail 2000 New mailing protocol New mailing protocol Changes “push” architecture to a “pull” architecture Changes “push” architecture to a “pull” architecture Mail stored on sender’s serverMail stored on sender’s server Issues: Issues: New attacks are possibleNew attacks are possible Global deployment would be requiredGlobal deployment would be required

12 Discussion Certified E-mail? Certified E-mail? National opt-out list? National opt-out list? Human Skill-Challenges ? Human Skill-Challenges ? Payment methods (charging a small fee when sending e-mail) Payment methods (charging a small fee when sending e-mail) Possible legislation Possible legislation Which approach do you think is best? Or should we use a combination of mechanisms? Which approach do you think is best? Or should we use a combination of mechanisms?

Download ppt "Spam Andy Nguyen 5/17/2004. What is Spam? Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk."

Similar presentations

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via email, text message, online chat, blogs or various other.

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
----Presented by Di Xu 17.12.2010.  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Victor Ivanov. Introduction  Definition  Unsolicited bulk messages  Concerns  Server load  Garbage content.

Victor Ivanov. Introduction  Definition  Unsolicited bulk messages  Concerns  Server load  Garbage content.
Issue Project - SPAM - EDCI 564 Vaithinathan Vanitha & Sookeun Byun.

Issue Project - SPAM - EDCI 564 Vaithinathan Vanitha & Sookeun Byun.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Understanding the Network-Level Behavior of Spammers Mike Delahunty Bryan Lutz Kimberly Peng Kevin Kazmierski John Thykattil By Anirudh Ramachandran and.

Understanding the Network-Level Behavior of Spammers Mike Delahunty Bryan Lutz Kimberly Peng Kevin Kazmierski John Thykattil By Anirudh Ramachandran and.
The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.

The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.
Spam May 15 2006 CS239. Taxonomy E-mail (UBE)  Advertisement  Phishing Webpage  Content  Links From: Thrifty Health-Insurance Mailed-By: noticeoption.comReply-To:

Spam May CS239. Taxonomy (UBE)  Advertisement  Phishing Webpage  Content  Links From: Thrifty Health-Insurance Mailed-By: noticeoption.comReply-To:
ITIS 1210 Introduction to Web-Based Information Systems Chapter 15 How Email Spam Works.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 15 How Spam Works.
Internet basics, Browsers, application, advantages and disadvantages, architecture, WWW, URL, HTML Week 10 Mr. Mohammed Rahmath.

Internet basics, Browsers, application, advantages and disadvantages, architecture, WWW, URL, HTML Week 10 Mr. Mohammed Rahmath.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
563.8.2 Spam Sonia Jahid University of Illinois Fall 2007.

Spam Sonia Jahid University of Illinois Fall 2007.
Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.
1 Computer Security: Protect your PC and Protect Yourself.

1 Computer Security: Protect your PC and Protect Yourself.
Internet Security In the 21st Century Presented by Daniel Mills.

Internet Security In the 21st Century Presented by Daniel Mills.

Similar presentations

Ads by Google