Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner.

Slides:

Advertisements

Similar presentations

Virtual Conference on Anti-spam Regulation and Policy Development Sharing The Singapore Experience By Low Boon Kiat Policy & Competition Development Group.

Advertisements

A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.

Ind – Develop a foundational knowledge of pricing to understand its role in marketing. (Part II) Entrepreneurship I.

Basic Communication on the Internet:

Macroeconomics - ECO 2013 Fall 205 – 1 Term August 24 – December 16, 2005.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Spam Edward W. Felten Dept. of Computer Science Princeton University.

Back to Table of Contents

Breaking Trust On The Internet

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.

The Federal Reserve and Monetary Policy

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Open-Economy Macroeconomics: Basic Concepts Chapter 29 Copyright © 2001 by Harcourt, Inc. All rights reserved. Requests for permission to make copies of.

1 Enhancing Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.

Bitcoin: Free Money Roger Ver Blockchain. Bitcoin: Free Money “For the first time in the history of the world, anyone can now send or receive any amount.

BITCOIN Exponential Growth. Good Money “For the first time in the history of the world, anyone can now send or receive any amount of money with anyone.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

MIT Info Group, January 19, 2005 Page 1 The CAN-SPAM Act and what it means for MIT communicators MIT Info Group, January 19, 2005 Marsha Sanders Senior.

WRITE MARKETING COPY and EXECUTE TARGETED S 3.07.

AND SPAM BY OLUWATOBI BAKARE

WE Can Stop the Spam! June 16, 2003 Author: Mr. Jack P. McHugh Presented by: Nidhi Dalwadi.

How Companies Fight Spamming by Sonya Tormaschy & Marc Eggert E-Commerce: Tuesday & Thursdays; 1:30 – 2:45.

Should there be a law that forbids people from sending to thousands of people (spam)? By: Bennett Moss Daniel Hoyt Hizkias Neway Junyu Wang.

“Recipients ” “Signature” “Subject Line” CONTENT of .

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

What is E-Commerce? Section 8.1. What is E-commerce? E-commerce is the exchange of goods, services, information, or other businesses through electronic.

1 The Business Case for DomainKeys Identified Mail.

SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.

XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 2 1 Evaluating an Program and a Web-Based Service Basic Communication.

Tutorial 2: Basic Communication on the Internet: .

Bitcoin (what, why and how?)

Chapter 5 Slide 1 Copyright – David A. McGowan All rights reserved. Revised Chapter 5: REAL ESTATE BROKERAGE Broker Salesperson Leasing Agent.

CS 4001Mary Jean Harrold1 Class 24 Freedom of speech in cyberspace Assign Assignment 8—due today Term paper—due 11/20.

Department of Computer Sciences The University of Texas at Austin Zmail : Zero-Sum Free Market Control of Spam Benjamin J. Kuipers, Alex X. Liu, Aashin.

Name: Ryan Lugg Form: 10B . How can businesses make use of . (P) can be a very useful tool, it can be very cost effective and efficient.

The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .

Module 6 Planning and Deploying Messaging Security.

Marketing Effective way to commutate. Things to remember in marketing 1. IS NOT ONLY ABOUT SELLING 2. IS NOT ONLY FOR THE SOURCE.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

Unsolicited Commercial Meeting of Oftel Internet Forum 22 July 1999 EU Distance Selling Directive provisions on unsolicited .

Small Business Resource Power Point Series How to Avoid Your Marketing Messages Being Labelled as Spam.

Commerce Done by: Sadoun AL-Suwaida Turki AL-Anazi.

Digitally Signed Transcripts Department of Computer Science, University of Wisconsin – Eau Claire Student Researcher: Kevin M. Spinar

Electronic Signatures in the SFA Loan Programs Electronic P-Notes Presented by Jeff Baker & Kay Jacks.

MAKE YOUR BARTER DOLLAR JUST LIKE CASH - THE PAY ANYONE REVOLUTION.

CAN SPAM and Your Marketing Best Practices for Senders By Lars Helgeson Cooler .

Marketing Amanda Freeman. Design Guidelines Set your width to pixels Avoid too many tables Flash, JavaScript, ActiveX and movies will not.

C August 24, 2004 Page 1 SMS Spam Control Nobuyuki Uchida QUALCOMM Incorporated Notice ©2004 QUALCOMM Incorporated. All rights reserved.

Chapter 17: International Trade Section 3. Copyright © Pearson Education, Inc.Slide 2Chapter 17, Section 3 Objectives 1.Explain how exchange rates of.

© 2003 The MITRE Corporation. All rights reserved For Internal MITRE Use Addressing ISO-RTO e-MARC Concerns: Clarifications and Ramifications Response.

Chapter 11.  Electronic commerce (e-commerce)  The sale of goods and services by computer over the Internet  Internet (Net)  A collection of millions.

BITCOIN What is bitcoin? Put simply, bitcoin is a digital currency. It can be used to make electronic payments face to face or over the internet just like.

Modern Real Estate Practice in Illinois Chapter 5: Real Estate Brokerage.

Security fundamentals Topic 9 Securing internet messaging.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Lecture2 Networking. Overview and spam World Wide Web Censorship Freedom of expression Children and inappropriate content Breaking trust on the.

CERN - IT Department CH-1211 Genève 23 Switzerland t OIS Update on the anti spam system at CERN Pawel Grzywaczewski, CERN IT/OIS HEPIX fall.

“We Can Stop the Spam” By: Jack P. McHugh Power Point Presented by: Ian Carey.

Marketing Chapter 17 Section 1.  Promotion is one of the four Ps of the Marketing Mix (product, place, price, and promotion).  Promotion is persuasive.

© Take Charge Today – August 2013 – Understanding Credit Cards – Slide 1 Funded by a grant from Take Charge America, Inc. to the Norton School of Family.

A Gift of Fire, 2edChapter 5: Freedom of Speech in Cyberspace1 Anonymity Common Sense and the Internet Early publications by some of our Founding Fathers.

Personal Finance Credit Cards. Types of Credit Cards Bank card – Visa, MasterCard Store card – Macy’s, Kohl’s, Boscovs Travel and Entertainment – American.

WRITE MARKETING COPY and EXECUTE TARGETED S

A Study On Solutions To Spam

Understanding Credit Cards

Spam Fighting at CERN 12 January 2019 Emmanuel Ormancey.

Presentation transcript:

Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner & Daniel M. Havey Department of Computer Science Cal State University San Bernardino Presented by Phil Lucas

Payment Based Solution Mail Transfer Agents (MTA) Lightweight Currency Protocol – Can create your own currency – Can use other mail domain’s currency – Can use other LCP-based service providers

Definition of Indiscriminately copied to millions of inboxes as opposed to “opting in” Contains false return addresses or other false envelop data Contains material considered objectionable by most and sent without consent Generated by a computer virus or has been specifically formatted to pass through filters

Definition of Junk Mail Unsolicited that does not fall into the “Spam” category Advertising targeted to the recipient Similar to USPS junk mail

Legislative Based Payment Based Filter Based

Legislation Governments pass laws against sending spam and enforcement of laws reduces spam after spammers begin to fear punishment Social costs of increased government control of speech Economic costs of enforcement Spam can originate from foreign countries Solution:

Legislation The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography And Marketing Act) (effective January 1, 2004) – Established Requirements for commercial – Spells out penalties for spammers – Gives consumers right to opt- out Solution:

Not 100% accurate – BOTH false positives and false negatives Encourages spammers to send more in order to bypass filters Does little to reduce actual cost of spam Solution:

Payment Cooperating systems create an economic disincentive to spam Small enough payment to allow legitimate Large enough to make sending large numbers of junk unprofitable Advertisers are willing to pay $.20/junk mail today, certainly $.01/ is okay Solution:

Payments cont… Proof-of-work (POW) – Sender must perform time- consuming calculation Spammer will not have resources to perform millions of calculations Waste resources of sender and compute time varies wildly between processors Charity stamps – proceeds go to Charities (Who? How much?) Solution:

Overview of + Self-regulated + Fully open market + Multiple currencies + Not restricted to services Solution:

LCP Continued… Lightweight Currency Protocol Can be used as a medium of exchange independent of any particular application Easy to implement Not directly tied to real-world currencies

Continued… Organization generates public/private key pair and distributes the public key. Alternatively, a certificate can be issued binding the domain name to the public key. Currency holders also generate public/private key pair

Something to Note about LCP A currency holder holds a particular currency when the issuer of that currency has a record of it.

How LCP works Request Funds Msg Acknowledge Msg Payment Made Msg Identification msg SenderReceiver

LCP-Based servers require a payment in LC to accept incoming Responsibility is placed on the service providers to ensure that spam is not passing through their system

LCP - Based Case 1 A and B have a history of mail exchange If A holds B dollars, A pays B one B dollar for the If B holds A dollars, A sends another A dollar

LCP -Based Case 1, cont. If B has too much A currency, B requests alternatives A sends list of alternative currency it holds – Wide acceptance currency – Domains with large amounts of B currency

LCP - Based Case 1, cont. Reasons B will accept alternative currencies – B can redeem alternatives elsewhere on the net – B can redeem currencies for real-world $$$ – B wants to avoid the same situation A is currently in

LCP - Based Case 2 A is sending to B for the first time Although unlikely, if A holds B dollars, it uses them Tries to use A dollars If B trusts the certificate from A, it may trust a limited amount of B users respond to A , so B uses A dollars to send it back

LCP-Based Case 2 Possibility of spam if cost of new certificates is less than profit from spam Recommended practice would be to accept widely accepted currencies or domains with B currency

LCP-Based Spammers send out large amounts of mail with few responses, so spammers could not acquire large amounts of alien currencies Spammers would have to sell services or purchase currencies outright

LCP-Based Imbalances List operators could request support from users Prices could be different for outgoing vs. incoming mail. Example: a domain that sends out twice as much mail as received could charge twice as much for incoming mail as outgoing. Commercial sites could absorb cost of statements and confirmations.

Why LCP? SOAP-based, relatively easy to implement into applications Fully transferable into other contexts, so will more easily acquire value Providers that send more than received have access to other methods of acquiring necessary currency Providers that receive more currency than they spend can easily redeem it for other resources

LCP in Action Agent Need $100 Yahoo $100 Yahhoo $100 Yahoo Newsletter Yahoo.com

Security Issues Throwaway identity attack – Naïve policy accepts currency from anyone – Spammer generates as many public key identities as necessary to send mail

Security Issues Man-in-the-Middle attack – Policy that accepts non-bound public key certificates – Middleman impersonates sender or receiver Example: A is sending to B and B accepts A dollars. C delivers to B for A, but makes B think its public key is from A. B accepts worthless currency from C. In the meantime, C accepts worthwhile currency from A. Little currency at stake, but possible disruption of service and trust issues between A and B

Security Solutions Small systems should not accept currency from domains it does not send mail to Large systems would require spammer to buy too many certificates, so built-in economic disincentive by virtue of the size

Deployment Partial Deployment – System accepts both payment and ordinary based – Service providers encouraged to migrate incrementally – Spam eliminated by growing list of cooperating domains

Deployment Full Deployment – Users maintain two addresses, one for payment and one for ordinary Small systems must limit imbalances to a fraction of the total number of inboxes After trust is established, limits can be increased Users should NOT respond to Spam!

Hybrid Approach A establishes LCP mail domain in addition to ordinary mail. Mail arrives from B, A announces to B its support for LCP If B is not a LCP domain, A accepts mail to ordinary mail inbox If B is LCP domain, A and B negotiate payment and LCP inbox is used. Eventually ordinary mail goes unused and is the sole domain of Spam

For More Information…

Summary Spam does not NEED to be on every menu! Questions?