Preventing Spam: Today and Tomorrow Zane Bonny Vilaphong Phasiname
Download
Report
Transcript Preventing Spam: Today and Tomorrow Zane Bonny Vilaphong Phasiname
Preventing Spam:
Today and Tomorrow
Zane Bonny
Vilaphong Phasiname
The Spamsters!
Summary
Why Prevent Spam
How is Spam Prevented
What is Wrong With This Picture?
What can we do?
List Based Approach
Algorithm Based Approach
Government Legislation
Who Did What and Sources
Conclusions
Why Prevent Spam
Phishing Scams
Red
Cross Donation
Privacy
Many
Out of control
70
want your personal information
to 100 a day at the average office
Costly
More
than 10 Billion a year.
Why Prevent Spam
ANNOYING!
Who
likes spam in their inbox?
Can you totally eliminate spam?
How is Spam Prevented
Junk E-Mail Filter – will decide to delete a message or
not based on the content of the email message.
Safe Senders List – this list defines an email as safe or
not. Imagine an email message that is sent through but
is deleted by the spam filter. This filter tells the email
program that it is safe.
Safe Recipients Lists – this list is similar to the senders
list but is instead used for large groups of people.
Blocked Senders List – this is a list of the people that will
be treated as junk whether they pass the filter or not.
How is Spam Prevented
Never reply to a spam
Don’t click any links in a spam email
Don’t use your home or business email
address
Preview your messages before you open
them
Disguise your email address
What is Wrong With This Picture?
Rely heavily on the user
Many
of these methods do not provide
automatic protection.
Lists and filters are rarely used by users
Even if they are utilized it takes time to be
effective
What can we do to help eliminate?
What can we do?
More user friendly methods
More automatic
Handled more on the IT side
List: DNS Black Listing
Implementation of an old idea
Black
list can be formed for an individual
This is known as DNS Blacklisting
Been in use since 1997
Three requirements for Blacklist
Domain
Name
Server
List of addresses
List: DNS Black Listing
DNSBL queries
Example
First reverses ip
Second appends DNSBL with reverse IP
Last checks names in list
IP=1.2.3.4 DNSBL=bl.black.com
Sent to blacklist as 4.3.2.1.bl.black.com
Policies vary from blacklist to blacklist
What does the list wish to prevent?
How do you find the addresses?
How long?
List: DNS Black Listing
List: Challenge Response
This is an email filter in reverse
Assumes
that all email is spam
First mail is sent
Second challenge is issued to the sender
Lastly, if the sender responds then they
are white listed
List: Challenge Response
A number of problems exist
Not all email can be responded to
Listserv
Mailing
lists
Also what if a spammer used a legitimate
email address?
List: Bounce Messages
What is this?
Send one each time a spam email is sent
A few problems….
Spammers
don’t care
Forged return address
Pretty easy to tell by header if it is real or not
Algorithm: Bayesian Probability
Bayesian achieves 98%+ spam detection rate
using mathematical approach.
How does it work?
Uses ham files
Ham
files contain legitimate email.
For example:
The
word “free” can be recognize within the data base
files of ham.
If the word “free” spell differently the Bayesian filter
will detected as spam.
Algorithm: Chung-Kwei
Named after Feng-Shui figure
This
figure was a symbol of protection
Chung-Kwei is designed to protect business
Part of SpamGuru package made by IBM
Uses Teiresias algorithm to discover
patterns for spam-vocabulary
Algorithm: Chung-Kwei
Spam-vocabulary is what is used to filter
emails before reaching end user.
White email can remove spam from the
spam-vocabulary.
Query method then classifies
Government Legislation
Why come up with a fancy technique at all why
not just ask Uncle Sam for help?
Consider the Do Not Call Registry
Fairly
effective at deterring telemarketers
Legal action is available if the telemarketers do not
comply
On the flip side….
Legal
questions arise
And constitutional questions
Who Did What?
Vilaphong…
Algorithm
based approaches
Government legislation
Conclusion
Zane…
List
based approaches
PowerPoint
Intro
Sources
Boyce, Jim. “What to do with all that spam”. Microsoft. 1 May. 2003. 14 Nov. 2007.
<http://office.microsoft.com/en-us/outlook/HA011590551033.aspx>.
“DNSBL”. Wikipedia. 13 Oct. 2007. 14 Nov. 2007. <http://en.wikipedia.org/wiki/DNSBL>.
Gowan, Frith. “Don't Get Lured by Phishing Scams”. Techsoup.org. 12 Dec. 2005. 14 Nov.
2007.
<http://www.techsoup.org/learningcenter/internet/page4777.cfm>
Orlov, Gregory. “Spam: prevention is better than cure!”. BCS. 1 Jan. 2005. 14 Nov. 2007.
<http://www.bcs.org/server.php?show=ConWebDoc.3064>.
Rigoutsos, Isidore and Huynh, Tien. “Chung-Kwei: a Pattern-discovery-based System for the
Automatic Identification of Unsolicited E-mail Messages (SPAM)”. IBM Thomas J Watson
Research Center. 1 Jan. 2005. 14 Nov. 2007. <http://www.ceas.cc/papers-2004/
153.pdf>.
“Section 7 - Spam Prevention”. SORBS. 1 Jan. 2004. 14 Nov. 2007. <http://www.au.sorbs.net/
spamfo/prevention.shtml>.
Stuart, Anne. “Canning Spam”. Inc.com. 1 May. 2003. 14 Nov. 2007. <http://www.inc.com/
articles/2003/05/25444.html>.
Tenby, Susan. “Things You Can Do to Prevent Spam”. Techsoup.org. 12 Nov. 2007. 14 Nov.
2007. <http://www.techsoup.org/learningcenter/internet/page4782.cfm>.
“Why Bayesian Filtering is the Most Effective Anti-Spam Technology”. GFI.com. 1 Jan. 2007. 14
Nov. 2007. <http://www.gfi.com/whitepapers/why-bayesian-filtering.pdf>
Conclusion
Have many prevention methods already implemented
Most important improvement that can be made is automation
Have listing methods and algorithms. algorithms tend to yield the
best results
Simple lists were sufficient in past
The prevention of spam will undoubtedly become more of issue in
the future and cost business a consumers more money
Today Spam has evolved to a point that it requires “smarter” methods to
prevent it
A fool proof prevention is unlikely
Only 100% way is Government Regulation
That also has drawbacks
Questions?