Spam and Anti-Spam By Aditi Desai Yousuf Haider. Agenda Introduction Purpose of Spam Types of Spam Spam Techniques Anti spam Why Spam is so Easy Anti.

Slides:



Advertisements
Similar presentations
Basic Communication on the Internet:
Advertisements

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
Surrey Public Library Electronic Classrooms Essentials.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Internet, Intranet and Extranets
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Issue Project - SPAM - EDCI 564 Vaithinathan Vanitha & Sookeun Byun.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
SPAM Ka Yat, Kei Comp 450 Spring 2008, CSUN. Thesis Statement Thesis Statement---Spam is becoming a bigger issue in the computer world. How do we.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 3 Internet Security.
The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.
Spam Filters. What is Spam? Unsolicited (legally, “no existing relationship” Automated Bulk Not necessarily commercial – “flaming”, political.
Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Chapter 6 SPAM. Synopsis What is spam Why does spam keep coming Specialty spam Why doesn't someone stop the spammers How do spammers get the addresses.
Surrey Libraries Computer Learning Centres Totally New to Computers Easy Gmail September 2013 Easy Gmail Teaching Script.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 15 How Spam Works.
Surrey Libraries Computer Learning Centres Totally New to Computers Easy Gmail March 2013 Easy Gmail Teaching Script.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Spam Sonia Jahid University of Illinois Fall 2007.
Spam Reduction Techniques Using greylisting and SpamAssassin.
OCR Functional Skills Keywords Use the right keywords To do this you need to know what it is you are searching for! – For example, you might want to search.
ICASAS206A Detect and protect from spam and destructive software Identify and Stop Spam Warren Toomey North Coast TAFE Port Macquarie campus.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Should there be a law that forbids people from sending to thousands of people (spam)? By: Bennett Moss Daniel Hoyt Hizkias Neway Junyu Wang.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Unit 9 Communication Services
XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 2 1 Evaluating an Program and a Web-Based Service Basic Communication.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
Unit 10 Communication Services.  Identify types of electronic communication  Describe users of electronic communication  Identify major components.
Copyright © Allyn & Bacon 2008 POWER PRACTICE Chapter 7 The Internet and the World Wide Web START This multimedia product and its contents are protected.
BUSINESS B1 Information Security.
Staying Safe Online Keep your Information Secure.
Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.
The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .
Norman Protection Powerful and flexible Protection Gateway.
Privacy & Security Online Ivy, Kris & Neil Privacy Threat - Ivy Is Big Brother Watching You? - Kris Identity Theft - Kris Medical Privacy - Neil Children’s.
Unit 10 Communication Services
Small Business Resource Power Point Series How to Avoid Your Marketing Messages Being Labelled as Spam.
Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.
Tim Reid Malvern Parish C.E Primary School Internet Safety.
By Hina Patel TCM 471 Introduction SPAM? Solicited Unsolicited How spammer gets the address Prevention from spam Conclusion.
advantages The system is nearly universal because anyone who can access the Internet has an address. is fast because messages.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
Promotion of e-Commerce sites. A business which uses e- commerce to trade online must also advertise. Several traditional methods can be used, such as.
Evaluation of Spam Detection and Prevention Frameworks for and Image Spam - A State of Art Pedram Hayati, Vidyasagar Potdar Digital Ecosystems and.
Marketing Amanda Freeman. Design Guidelines Set your width to pixels Avoid too many tables Flash, JavaScript, ActiveX and movies will not.
Introduction Spam in Society Spam IM Spam Text Spam Blog Spamming Spam Blogs.
What is Spam? d min.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
What is a spam? w abuse-faq/spam-faq.html w Spam is flooding the Internet with many copies of the same message,
Basics What is ? is short for electronic mail. is a method for sending messages electronically from one computer.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Any criminal action perpetrated primarily through the use of a computer.
Spam By Dan Sterrett. Overview ► What is spam? ► Why it’s a problem ► The source of spam ► How spammers get your address ► Preventing Spam ► Possible.
Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Prepared for: Dr. Mokhairi Mokhtar Prepared by: Ana Syafiqah Binti Zahari Hazira Hamiza
BUILD SECURE PRODUCTS AND SERVICES
IT Security  .
Using Apps to Get and Share Information
Internet, Intranet and Extranets
Securing Information Systems
Internet, Intranet and Extranets
Information Security Session October 24, 2005
Spam Fighting at CERN 12 January 2019 Emmanuel Ormancey.
INFORMATION TECHNOLOGY
Cybersecurity Simplified: Phishing
Presentation transcript:

Spam and Anti-Spam By Aditi Desai Yousuf Haider

Agenda Introduction Purpose of Spam Types of Spam Spam Techniques Anti spam Why Spam is so Easy Anti Spam Techniques Ongoing research Conclusion

Introduction Spam- unwanted “junk" sent to a large number of people to promote products or services.  1 out of 4 Network Administrators spend more than 1 hour a day combating spam  1 out of 2 organization’s bandwidth usage is at least 10% spam. Emphasis on spam. Discussion on AntiSpam and its Techniques.

Purpose of Spam High potential payoffs in return for very little effort on the spammer’s part. Spammers succeed when even a small number of people reply to and purchase some spam- based offering for the spammers to succeed E.g. Lawrence Canter and Martha Siegel are two of the original, and perhaps most notorious, spammers on the Internet. These immigration attorneys earned their 15 minutes of fame by posting green card lottery ads on thousands of Usenet groups in 1993.

Mediums of Spam spam Instant Messaging and Chat Room spam Chat spam Newsgroup spam and forum spam Mobile phone spam Online game messaging spam Spam targeting search engines (spamdexing) Blog, wiki, and guestbook spam Spam targeting video sharing sites Noncommercial spam

Types of Internet Spam Unsolicited commercial mails - 68% Adult - 15% Jokes - 9% Chain letters - 4.5% Large file attachments with non-work related content - 3%.

Types of Spamming Techniques spamming  Bulk software  Dictionary spamming  Directory harvest attack  Spambot  Pink contract

Security Implications of Spam Some of the security concerns of spam are:  Unwanted spam messages eat up a tremendous amount of storage space.  Large no. of messages coming in network can overload & create a DoS condition leading to serious system downtime. Consequences: system unavailability, improper message send receive.,  Network intrusions along with malware, Viruses,Trojan horses, Web bugs wreak havoc on networks, server, and end user systems.  Some of the spam is actually social engineering at work.

Cost Estimates of Spam Despite agreeing that spam is free speech, it costs people and organizations time and money Taking a real world corporate example,  25 s/day  150/week  7800/year  2 secs. to handle each  4.33/year  $40/hr pay  /user/year (???)  Each msg is 5KB  7800x 5 = 38MB clutter These figures count big for large firms with employees.

Anti-Spam The Goal  Prevent or minimize the effectiveness of spammers to send spam to a large number of recipients.  Emphasis on Anti Spam

Why Spam is so Easy Cost of Harvesting or collecting addresses. Monetary Cost of sending spam . Computational Cost of sending spam . Legal Cost of sending spam . Anonymity of the sender.

Anti-Spam Techniques 3 Categories  End User Techniques.  Automated Techniques for Administrators.  Automated Techniques for Senders.

End User Techniques Address ‘Munging’  myname at dot com  Transparent address munging more effective Disable HTML in  If not disabled might execute malicious scripts  Validate addresses Reporting spam  Track down spammer’s ISP and report  Difficult for End user to do and will not work for botnets or netblocks.

End User Techniques…(contd.) Disposable addresses  Disposable temporary address forwards to valid address No Response to Spam  Responding validates address Aggressive Response to Spam  Controversial, spam the spammer  Automated tools to submit forms on spammer sites  Might not work with zombies on botnets

Automated Techniques for Administrators Rule Based Systems  Parse incoming for specific keywords or content and then apply set of rules  May have Distributed community approach Members mark spam Add to database Infer Rules from database  Valid s may end up in Spam box

Automated Techniques for Administrators… (contd.) Challenge-Response Systems  Exploits the spammer anonymity factor.  White List – from addresses on white list accepted.  Black List – from addresses on Black List rejected  For unknown addresses : Send Challenge to unknown address If valid response received accept the original message.

Automated Techniques for Administrators… (contd.) Authentication and Reputation  Reputation system for legitimate servers.  Used in conjunction with spam filtering. Checksum-based filtering  Maintain database of checksums of spam s  Compare chechsum of incoming to detect DNS Based Blackhole Lists  Different kind of lists to indicate servers that send spam Greylisting  Temporarily reject messages from unknown senders  Spammers will usually not try resending

Automated Techniques for Senders Background checks on new users and customers Confirmed opt-in for mailing lists

Ongoing Research  Ham passwords  Attach ham passwords to subject line to verify validity of message  Cost-based systems  Stamps - Monetary cost, micro-payments  Proof-of-work systems – Computational cost  Bonds or Sender-at-risk – Pay cost if suspicious sender

Conclusion Arms race between spammers and anti spam techniques Effective and efficient use of various Anti- Spam techniques as discussed can make spamming less profitable and can prove a way to help FIGHT SPAM. Distributed Community approach most effective

THANK YOU