Spam May 15 2006 CS239. Taxonomy E-mail (UBE)  Advertisement  Phishing Webpage  Content  Links From: Thrifty Health-Insurance Mailed-By: noticeoption.comReply-To:

Slides:

Advertisements

Similar presentations

Enabling Secure Internet Access with ISA Server

Advertisements

Kalpesh Vyas & Seward Khem

IP Warming Overview and Implementation Using Eloqua.

© 2012 Eloqua, Inc. Confidential 1 Deliverability and IP Warming Overview and Implementation Using Eloqua.

Basic Communication on the Internet:

Paul Vanbosterhaut Managing Director, Vircom Europe January 2007 ModusGate™ 4.4 Smart Assurance Gateway Not Just Warmed-over Open Source Technology…

Authentication Approaches Phillip Hallam-Baker VeriSign Inc.

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Deliverability How We Get You to the Inbox. +98 % Our Deliverability routinely ranks in the high 90s. There’s another way of saying this: We Get Your.

Methods for Stopping Spam James Lick

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

----Presented by Di Xu  Introduction  Overview of Spam  Solutions to Spam  Conclusion.

1 Aug. 3 rd, 2007Conference on and Anti-Spam (CEAS’07) Slicing Spam with Occam’s Razor Chris Fleizach, Geoffrey M. Voelker, Stefan Savage University.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.

IMF Mihály Andó IT-IS 6 November Mihály Andó 2 / 11 6 November 2006 What is IMF? Intelligent Message Filter provides server-side message filtering,

Spam Sagar Vemuri slides courtesy: Anirudh Ramachandran Nick Feamster.

Understanding the Network-Level Behavior of Spammers Anirudh Ramachandran Nick Feamster.

Preventing Spam: Today and Tomorrow Zane Bonny Vilaphong Phasiname The Spamsters!

SPAM Ka Yat, Kei Comp 450 Spring 2008, CSUN. Thesis Statement Thesis Statement---Spam is becoming a bigger issue in the computer world. How do we.

Understanding the Network-Level Behavior of Spammers Mike Delahunty Bryan Lutz Kimberly Peng Kevin Kazmierski John Thykattil By Anirudh Ramachandran and.

URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J

Spam Andy Nguyen 5/17/2004. What is Spam? Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk.

Sender policy framework. Note: is a good reference source for SPFhttp://

Guide to Operating System Security Chapter 10 Security.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Spam Sonia Jahid University of Illinois Fall 2007.

23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.

Spam Reduction Techniques Using greylisting and SpamAssassin.

Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.

Visit for Marketing and Deliverability Tips, Tools, & Trainingwww. Delivered.com.

Antispam GARR Michele Michelotto Hepix Karlsruhe, 11 May 2005.

What’s New in WatchGuard XCS v9.1 Update 2. WatchGuard XCS v9.1 Update 2  Introduce New Features WatchGuard XCS Outlook Add-in Secur Encryption.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

Login Screen This is the Sign In page for the Dashboard Enter Id and Password to sign In New User Registration.

Sending Mark Kruger Coldfusionmuse.com Cfwebtools.com.

1 The Business Case for DomainKeys Identified Mail.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel

SMTP PROTOCOL CONFIGURATION AND MANAGEMENT Chapter 8.

Login Screen This is the Sign In page for the Dashboard New User Registration Enter Id and Password to sign In.

Wireless and Security CSCI 5857: Encoding and Encryption.

Network and Systems Security By, Vigya Sharma (2011MCS2564) FaisalAlam(2011MCS2608) DETECTING SPAMMERS ON SOCIAL NETWORKS.

How Web Servers and the Internet Work by by: Marshall Brainby: Marshall Brain

Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦

Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.

The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .

Marketing Effective way to commutate. Things to remember in marketing 1. IS NOT ONLY ABOUT SELLING 2. IS NOT ONLY FOR THE SOURCE.

A Technical Approach to Minimizing Spam Mallory J. Paine.

Botnet behavior and detection October RONOG Silviu Sofronie – a Head of Forensics.

Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.

Technology Considerations for Spam Control 3 rd AP Net Abuse Workshop Busan Dave Crocker Brandenburg InternetWorking

A Kosher Source of Ham Nathan Friess John Aycock Department of Computer Science University of Calgary Canada.

Studying Spamming Botnets Using Botlab 台灣科技大學資工所楊馨豪 2009/10/201 Machine Learning And Bioinformatics Laboratory.

Improving Spam Detection Based on Structural Similarity By Luiz H. Gomes, Fernando D. O. Castro, Rodrigo B. Almeida, Luis M. A. Bettencourt, Virgílio A.

Understanding the Network-Level Behavior of Spammers Author: Anirudh Ramachandran, Nick Feamster SIGCOMM ’ 06, September 11-16, 2006, Pisa, Italy Presenter:

Understanding the network level behavior of spammers Published by :Anirudh Ramachandran, Nick Feamster Published in :ACMSIGCOMM 2006 Presented by: Bharat.

Detecting Phishing in s Srikanth Palla Ram Dantu University of North Texas, Denton.

Source pictures for document ”Thoughts about increasing spam annoyance” by License: This material may be distributed only subject.

Machine Learning for Spam Filtering 1 Sai Koushik Haddunoori.

 Left Side  Mail/Contacts/Tasks  Labeled Folders  Contacts – “IM” Feature  Right Side  s.

1 Detecting Spammers with SNARE: Spatio-temporal Network-level Automatic Reputation Engine Speaker: Jun-Yi Zheng 2010/01/18.

CERN - IT Department CH-1211 Genève 23 Switzerland t OIS Update on the anti spam system at CERN Pawel Grzywaczewski, CERN IT/OIS HEPIX fall.

Spam By Dan Sterrett. Overview ► What is spam? ► Why it’s a problem ► The source of spam ► How spammers get your address ► Preventing Spam ► Possible.

Fighting Spam in an Exchange Environment Tzahi Kolber IT Supervisor - Polycom Israel.

Sender Reputation in a Large Webmail Service by Bradley Taylor (2006) Presented by : Manoj Kumar & Harsha Vardhana.

Deliverability and IP Warming

Unit 3 Section 6.4: Internet Security

TMG Client Protection 6NPS – Session 7.

This is the Sign In page for the Dashboard

Presentation transcript:

Spam May CS239

Taxonomy (UBE)  Advertisement  Phishing Webpage  Content  Links From: Thrifty Health-Insurance Mailed-By: noticeoption.comReply-To: Thrifty Health-Insurance To: Date: May 10, :30 PM Subject: No obligation Health Insurance Quotes Great health insurance quotes. Get a quote from us and let local agents compete for your business. Health insurance is more affordable than you think. Health Plans Dental Plans Prescription Plans Vision Plans and more Check out the lowest rates in the industry. This is a commercial message. ………….

How worse is the situation 30-40% mail traffic are spam End-user  Waste time reading junk (may fall in trap)  ~1 billion productivity lost per year System operator  Increased running cost

Why people spam? Economic incentive  Effectiveness = sent x (1-P filtered ) x P read x P clickthrough Business strategy?

How spammer collect s UseNet Web pages Registration forms Dictionary attacks

Defense mechanism Authentication Challenge/response system DNSxL Check-sum based filtering Statistical filtering Micro-payment Spam poisoning A brand new architecture

Authentication Avoid forged sender address  SMTP AUTH Verify sender is a legitimate user  Sender Policy Framework (SPF) Verify sender’s IP corresponds to the domain

Challenge/response system Work together with white list  Only sender in the contact list can get through  If not, a challenge is posted to the sender  Ensure sender is a human instead of a program

DNSxL Block list  A list of IP/domain observed to be sending out spam consistently  use DNS to distribute the list  Similar to reverse DNS lookup White list  Similar idea but work in the other way

Check-sum based filtering Collaborative filtering  Distributed Checksum Clearinghouse (DCC)  Vipul’s Razor  Brightmail A checksum is computed for a spam reported The list is consistently updated and distributed

Statistical filtering 2-class text classification problem  Words, phrases  Training samples  Adaptive

Statistical filtering False positive Classified junk Classified legitimate Total Acutally junk36945 Actually legitimate Total

Payment Increase the cost of spammers Micro-payment / e-cash “Computational” payment  HashCash (SHA-1) X-Hashcash: Takes 1 second to generate Takes 1 microsecond to verify (both on 1GHz machine)  CAMRAM

Spam poisoning Expose address in human-readable format  Generate fake dynamically by CGI script Create addresses to harvest spam s (similar to honeypot)

New architecture Internet Mail 2000  Pull based  Sender’s ISP responsible for storing s  Receiver gets a notification only  A global deployment is unlikely anytime in the near future

How spammer response? Append random string at the end of each spam Improve spambot to filter characters used in spam poisoning Use worms to infect client programs Analyze user’s pattern