1 Enhancing Email Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.

Slides:

Advertisements

Similar presentations

1 Effective, secure and reliable hosted security and continuity solution.

Advertisements

Basic Communication on the Internet:

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.

Lesson 7: Business, , & Personal Information Management

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Preventing Spam: Today and Tomorrow Zane Bonny Vilaphong Phasiname The Spamsters!

Information Networking Security and Assurance Lab National Chung Cheng University Guidelines on Electronic Mail Security

Fundamentals of Electronic Mail From Greenlaw/Hepp, In-line/On-line: Fundamentals of the Internet and the World Wide Web 1 Introduction Advantages.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 15 How Spam Works.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

Belnet Antispam Pro A practical example Belnet – Aris Adamantiadis BNC – 24 November 2011.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

How Companies Fight Spamming by Sonya Tormaschy & Marc Eggert E-Commerce: Tuesday & Thursdays; 1:30 – 2:45.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

1 The Business Case for DomainKeys Identified Mail.

Combating Abuse Brian Nisbet NOC Manager HEAnet.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 12 Electronic Mail.

Electronic Mail Originally –Memo sent from one user to another Now –Memo sent to one or more mailboxes Mailbox –Destination point for messages.

CSIE 1 Filtering mail Speaker: Chung yu Wu Adviser: Quincy Wu Date: 2005/12/07.

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.

Department of Computer Sciences The University of Texas at Austin Zmail : Zero-Sum Free Market Control of Spam Benjamin J. Kuipers, Alex X. Liu, Aashin.

The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .

Module 6 Planning and Deploying Messaging Security.

Chapter 6 Electronic Mail Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

A Technical Approach to Minimizing Spam Mallory J. Paine.

Types of Electronic Infection

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

E- SAFETY GROUP MEMBERS:  MALINI A/P KUMAR  PREMA A/P PARAMASIVAN.

By Gianluca Stringhini, Christopher Kruegel and Giovanni Vigna Presented By Awrad Mohammed Ali 1.

Silicon & Software Systems (S3)‏ Copyright © Silicon & Software Systems Limited Antispam protection IT Department 20/03/2008 Ondrej Valousek.

Application Security: (April 10, 2013) © Abdou Illia – Spring 2013.

CSCE 201 Security Fall CSCE Farkas2 Electronic Mail Most heavily used network-based application – Over 210 billion per day Used across.

X-ASVP Executive Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 25, 2007.

Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .

SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.

Security fundamentals Topic 9 Securing internet messaging.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Firewall in the Internet Security By Dou Wang, Ying Chen, Jiaying Shi School of Computer Science University of Windsor November 2007.

© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.

X-ASVP Technical Overview eXtensible Anti-spam Verification Protocol X-ASVP Committee Technical Working Group July 22, 2007.

1 Kyung Hee University Chapter 22 Simple Mail Transfer Protocol (SMTP)

Spam By Dan Sterrett. Overview ► What is spam? ► Why it’s a problem ► The source of spam ► How spammers get your address ► Preventing Spam ► Possible.

Anti-Spam Updates Activity Coordination Meeting March 2006 Kevin Hill.

(class #2) CLICK TO CONTINUE done by T Batchelor.

Computer Skills (1) .

Securing Information Systems

TMG Client Protection 6NPS – Session 7.

Internet Business Associate v2.0

CIW Lesson 7 Part A Name: _______________________________________

What is it? Why do I keep getting from Barracuda? SPAM.

Social Media And Global Computing Sending

Management Suite v2.0 DoubleCheck Manager Management Suite v2.0.

ONLINE SECURE DATA SERVICE

Wireless Spoofing Attacks on Mobile Devices

Introduction to Symantec Security Service

Presentation transcript:

1 Enhancing Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007

2 Contents  Introduction  Related Works  Our Proposed Method  Advantages  Conclusion

3 Introduction  SPAM  Consume recipients’ time and work  Consume resources of Mail Transfer Agents (MTAs)  Deliver with virus, spy-ware and/or ad-ware  Contain phishing content to break the users’ privacy

4 Introduction  Jupiter Research estimates the average user will receive more than 3,900 spam mails per year by 2007, up from just 40 in 1999, and Ferris Research estimates spam costs U.S. companies 10 billion in 2003 and a user spends on the average 4 seconds to process a SPAM mail. [1]

5 Related works  Anti-spam Solutions Category  Filtering [2]  Origin-based filtering  Content-based filtering  Traffic-based filtering  Policy-Control  Human-interactive Completely Automatic Public Turing Test to tell Computer and Humans Apart (CAPTCHA) [3]  Address-hiding

6 Related works  Filtering  Origin-based filter checks sender information with certain keywords, string styles and compares with recipients’ whitelist and blacklist.  Content-based filter analyzes the body content of the message by complex algorithms and maintain the knowledge base to realize self-learning.  Traffic-based filter examines the network traffic on the server and gather the server logging information to determine the spam probability.

7 Related works User interface of SOPHOS spam filter about quarantine and whitelist and blacklist.

8 Related works  Policy-Control  Non-technical policy restriction. More and more governments defined regulations and acts to restrict spammers performing the spam spreading.  Technical policy restriction. Change the protocol regulation can restrict spam message delivery for the technology that the spammers currently are using.

9 Related works  Human-Interactive  Completely Automatic Public Turing Test to Tell Computer and Humans Apart (CAPTCHA) Ttriggered by the recipient MTA to send a verification string back to sender to verify the sender is a real human. Samples of CAPTCHA string

10 Related works  Address-hiding Hide the unique character in the address, the userid at domain dot com

11 Our Proposed Method  Make addresses on the Internet be unsearchable by scanning program.  Encrypt both sender and recipients addresses to prevent hijacking during the transferring.

12 Our Proposed Method  How the spammers get bulk addresses  Buy the millions of addresses from some organizations.  Scan the Internet addresses from the Internet web pages or some web pages that contain addresses.

13 Our Proposed Method  Make addresses on the Internet be unreachable by scanning program

14 Our Proposed Method  Encrypt both sender and recipients addresses to prevent hijacking during the transferring  The MTA randomly generates a MessageID and assign it to the which arrived to the MTA.  Before sending out the message to destination MTA, sender relay host sends a SMTP socket with MessageID to recipient MTA to ask for returning a key generated by using the MessageID on the recipient server.

15 Our Proposed Method  Encrypt both sender and recipients addresses to prevent hijacking during the transferring (continue)  Sender MTA uses this key to encrypt all the addresses in the message (SendTo, CopyTo and From, etc) to generate the encrypted code for the part of address before symbol.  After the message arrived the recipient MTA, the host uses the original MessageID to decrypt the addresses in the message and assign a new MessageID for delivery.

16 Our Proposed Method Diagram of encoding addresses

17 Advantages  Reduces the SPAM from the root.  Compatibility and maintain the standard.  Low cost of network traffic.  Easy to implement.  Gain the initiative in the anti-spam combat.

18 Conclusions  The first approach convert posted addresses to graphical pictures rather than expose the character strings to prevent spammers use scanning program to search them out.  The second approach use an encryption method to secure the addresses to avoid hijacking during the transferring.

19 ?

20 References  [1] Ming-Wei Wu; Yennun Huang; Shyue-Kung Lu; Ing-Yi Chen; Sy-Yen Kuo, “A Multi-faceted approach towards spam-resistible mail”, Dependable Computing, Proceeding, 11th Pacific Rim International Symposium, Page(s): 9 pp, Dec,  [2] Yanhui Guo; Yaolong Zhang; Jianyi Liu; Cong Wang, “Research on the Comprehensive Anti-Spam Filter”, Industrial Informatics, 2006 IEEE International Conference, Page(s) , Aug, 2006  [3] Sajad Shirali-Shahreza; Ali Movaghar, “A New Anti-Spam Protocol Using CAPTCHA”, Networking, Sensing and Control, 2007 IEEE International Conference, Page(s) , April, 2007