Download presentation
Presentation is loading. Please wait.
Published byJason Dixon Modified over 4 years ago
1
Spamming with BGP Spectrum Agility Anirudh Ramachandran Nick Feamster Georgia Tech
2
2 Collection Two domains instrumented with MailAvenger –Sinkhole domain #1 Continuous spam collection since Aug 2004 No real email addresses---sink everything 3 million+ pieces of spam –Sinkhole domain #2 Recently registered domain (Nov 2005) Clean control – domain posted at a few places Not much spam yet…perhaps we are being too conservative
3
3 Spamming Techniques Mostly botnets, of course Were trying to quantify this –Coordination –Characteristics How were doing this –Correlation with Bobax victims from Georgia Tech botnet sinkhole –Heuristics Distance of Client IP from MX record Coordinated, low-bandwidth sending
4
4 BGP Spectrum Agility Log IP addresses of SMTP relays Join with BGP route advertisements seen at network where spam trap is co-located. A small club of persistent players appears to be using this technique. Common short-lived prefixes and ASes 65.0.0.0/8 23541 61.0.0.0/8 4678 82.0.0.0/8 8920
5
5 Length of short-lived BGP epochs ~ 10% of spam coming from short-lived BGP announcements 1 day Epoch length
Similar presentations
© 2018 SlidePlayer.com Inc.
All rights reserved.
Ppt on earthen dam construction Ppt on high voltage engineering netherlands Ppt on teachers day in english Ppt on entrepreneurship development Biology ppt on reproduction Ppt on service oriented architecture training Elements of one act play ppt on dvd Ppt on uses of concave and convex mirror Ppt on current indian economy 2012 Ppt on ideal gas law constant