Presentation is loading. Please wait.

Presentation is loading. Please wait.

Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner.

Published byAliya Gummere Modified over 9 years ago

Similar presentations

Presentation on theme: "Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner."— Presentation transcript:

1

2 Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner & Daniel M. Havey Department of Computer Science Cal State University San Bernardino Presented by Phil Lucas

3 Payment Based Solution Mail Transfer Agents (MTA) Lightweight Currency Protocol – Can create your own currency – Can use other mail domain’s currency – Can use other LCP-based service providers

4 Definition of Indiscriminately copied to millions of inboxes as opposed to “opting in” Contains false return addresses or other false envelop data Contains material considered objectionable by most and sent without consent Generated by a computer virus or has been specifically formatted to pass through email filters

5 Definition of Junk Mail Unsolicited email that does not fall into the “Spam” category Advertising targeted to the recipient Similar to USPS junk mail

6 Legislative Based Payment Based Filter Based

7 Legislation Governments pass laws against sending spam and enforcement of laws reduces spam after spammers begin to fear punishment Social costs of increased government control of speech Economic costs of enforcement Spam can originate from foreign countries Solution:

8 Legislation The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography And Marketing Act) (effective January 1, 2004) – Established Requirements for commercial email – Spells out penalties for spammers – Gives consumers right to opt- out Solution:

9 Not 100% accurate – BOTH false positives and false negatives Encourages spammers to send more in order to bypass filters Does little to reduce actual cost of spam Solution:

10 Payment Cooperating email systems create an economic disincentive to spam Small enough payment to allow legitimate email Large enough to make sending large numbers of junk email unprofitable Advertisers are willing to pay $.20/junk mail today, certainly $.01/email is okay Solution:

11 Payments cont… Proof-of-work (POW) – Sender must perform time- consuming calculation Spammer will not have resources to perform millions of calculations Waste resources of sender and compute time varies wildly between processors Charity stamps – proceeds go to Charities (Who? How much?) Solution:

12 Overview of + Self-regulated + Fully open market + Multiple currencies + Not restricted to email services Solution:

13 LCP Continued… Lightweight Currency Protocol Can be used as a medium of exchange independent of any particular application Easy to implement Not directly tied to real-world currencies

14 Continued… Organization generates public/private key pair and distributes the public key. Alternatively, a certificate can be issued binding the domain name to the public key. Currency holders also generate public/private key pair

15 Something to Note about LCP A currency holder holds a particular currency when the issuer of that currency has a record of it.

16 How LCP works Request Funds Msg Acknowledge Msg Payment Made Msg Identification msg SenderReceiver

17 LCP-Based Email Email servers require a payment in LC to accept incoming email Responsibility is placed on the email service providers to ensure that spam is not passing through their system

18 LCP - Based Email: Case 1 A and B have a history of mail exchange If A holds B dollars, A pays B one B dollar for the email If B holds A dollars, A sends another A dollar

19 LCP -Based Email: Case 1, cont. If B has too much A currency, B requests alternatives A sends list of alternative currency it holds – Wide acceptance currency – Domains with large amounts of B currency

20 LCP - Based Email: Case 1, cont. Reasons B will accept alternative currencies – B can redeem alternatives elsewhere on the net – B can redeem currencies for real-world $$$ – B wants to avoid the same situation A is currently in

21 LCP - Based Email: Case 2 A is sending to B for the first time Although unlikely, if A holds B dollars, it uses them Tries to use A dollars If B trusts the certificate from A, it may trust a limited amount of email B users respond to A email, so B uses A dollars to send it back

22 LCP-Based Email: Case 2 Possibility of spam if cost of new certificates is less than profit from spam Recommended practice would be to accept widely accepted currencies or domains with B currency

23 LCP-Based Email Spammers send out large amounts of mail with few responses, so spammers could not acquire large amounts of alien currencies Spammers would have to sell services or purchase currencies outright

24 LCP-Based Email Imbalances List operators could request support from users Prices could be different for outgoing vs. incoming mail. Example: a domain that sends out twice as much mail as received could charge twice as much for incoming mail as outgoing. Commercial sites could absorb cost of statements and confirmations.

25 Why LCP? SOAP-based, relatively easy to implement into applications Fully transferable into other contexts, so will more easily acquire value Providers that send more email than received have access to other methods of acquiring necessary currency Providers that receive more currency than they spend can easily redeem it for other resources

26 LCP in Action Agent Need $100 Yahoo Alice@Yahoo.com $100 Yahhoo $100 Yahoo Email Newsletter Yahoo.com

27 Security Issues Throwaway identity attack – Naïve policy accepts currency from anyone – Spammer generates as many public key identities as necessary to send mail

28 Security Issues Man-in-the-Middle attack – Policy that accepts non-bound public key certificates – Middleman impersonates sender or receiver Example: A is sending email to B and B accepts A dollars. C delivers email to B for A, but makes B think its public key is from A. B accepts worthless currency from C. In the meantime, C accepts worthwhile currency from A. Little currency at stake, but possible disruption of service and trust issues between A and B

29 Security Solutions Small systems should not accept currency from domains it does not send mail to Large systems would require spammer to buy too many certificates, so built-in economic disincentive by virtue of the size

30 Deployment Partial Deployment – System accepts both payment and ordinary based email – Service providers encouraged to migrate incrementally – Spam eliminated by growing list of cooperating domains

31 Deployment Full Deployment – Users maintain two email addresses, one for payment email and one for ordinary email Small systems must limit imbalances to a fraction of the total number of inboxes After trust is established, limits can be increased Users should NOT respond to Spam!

32 Hybrid Approach A establishes LCP mail domain in addition to ordinary mail. Mail arrives from B, A announces to B its support for LCP If B is not a LCP domain, A accepts mail to ordinary mail inbox If B is LCP domain, A and B negotiate payment and LCP inbox is used. Eventually ordinary mail goes unused and is the sole domain of Spam

33 For More Information… http://www.lightweightcurrency.org dturner@csusb.edu dhavey@yahoo.com http://csci.csusb.edu/turner/papers/turner_spam.pdf

34 Summary Spam does not NEED to be on every menu! Questions?

Download ppt "Controlling Spam through Lightweight Currency Proceedings of the Hawaii International Conference on Computer Systems Honolulu HI Jan 2004 David A. Turner."

Similar presentations

Virtual Conference on Anti-spam Regulation and Policy Development Sharing The Singapore Experience By Low Boon Kiat Policy & Competition Development Group.

Virtual Conference on Anti-spam Regulation and Policy Development Sharing The Singapore Experience By Low Boon Kiat Policy & Competition Development Group.
A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.

A business makes payments for what it buys, In return it receives payments for goods it sells or services it provides.
Ind. 5.01 – Develop a foundational knowledge of pricing to understand its role in marketing. (Part II) Entrepreneurship I.

Ind – Develop a foundational knowledge of pricing to understand its role in marketing. (Part II) Entrepreneurship I.
Basic Communication on the Internet:

Basic Communication on the Internet:
Macroeconomics - ECO 2013 Fall 205 – 1 Term August 24 – December 16, 2005.

Macroeconomics - ECO 2013 Fall 205 – 1 Term August 24 – December 16, 2005.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Spam Edward W. Felten Dept. of Computer Science Princeton University.

Spam Edward W. Felten Dept. of Computer Science Princeton University.
Back to Table of Contents

Back to Table of Contents
Breaking Trust On The Internet

Breaking Trust On The Internet
----Presented by Di Xu 17.12.2010.  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.
1 Aug. 3 rd, 2007Conference on Email and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.

1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.
The Federal Reserve and Monetary Policy

The Federal Reserve and Monetary Policy
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
Open-Economy Macroeconomics: Basic Concepts Chapter 29 Copyright © 2001 by Harcourt, Inc. All rights reserved. Requests for permission to make copies of.

Open-Economy Macroeconomics: Basic Concepts Chapter 29 Copyright © 2001 by Harcourt, Inc. All rights reserved. Requests for permission to make copies of.
1 Enhancing Email Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.

1 Enhancing Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007.
Bitcoin: Free Money Roger Ver Blockchain. Bitcoin: Free Money “For the first time in the history of the world, anyone can now send or receive any amount.

Bitcoin: Free Money Roger Ver Blockchain. Bitcoin: Free Money “For the first time in the history of the world, anyone can now send or receive any amount.
BITCOIN Exponential Growth. Good Money “For the first time in the history of the world, anyone can now send or receive any amount of money with anyone.

BITCOIN Exponential Growth. Good Money “For the first time in the history of the world, anyone can now send or receive any amount of money with anyone.
Managing and Avoiding Junkmail. Junk E-mail  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.
MIT Info Group, January 19, 2005 Page 1 The CAN-SPAM Act and what it means for MIT communicators MIT Info Group, January 19, 2005 Marsha Sanders Senior.

MIT Info Group, January 19, 2005 Page 1 The CAN-SPAM Act and what it means for MIT communicators MIT Info Group, January 19, 2005 Marsha Sanders Senior.

Similar presentations

Ads by Google