Spam and Anti-Spam By Aditi Desai Yousuf Haider
Agenda Introduction Purpose of Spam Types of Spam Spam Techniques Anti spam Why Spam is so Easy Anti Spam Techniques Ongoing research Conclusion
Introduction Spam- unwanted “junk" sent to a large number of people to promote products or services. 1 out of 4 Network Administrators spend more than 1 hour a day combating spam 1 out of 2 organization’s bandwidth usage is at least 10% spam. Emphasis on spam. Discussion on AntiSpam and its Techniques.
Purpose of Spam High potential payoffs in return for very little effort on the spammer’s part. Spammers succeed when even a small number of people reply to and purchase some spam- based offering for the spammers to succeed E.g. Lawrence Canter and Martha Siegel are two of the original, and perhaps most notorious, spammers on the Internet. These immigration attorneys earned their 15 minutes of fame by posting green card lottery ads on thousands of Usenet groups in 1993.
Mediums of Spam spam Instant Messaging and Chat Room spam Chat spam Newsgroup spam and forum spam Mobile phone spam Online game messaging spam Spam targeting search engines (spamdexing) Blog, wiki, and guestbook spam Spam targeting video sharing sites Noncommercial spam
Types of Internet Spam Unsolicited commercial mails - 68% Adult - 15% Jokes - 9% Chain letters - 4.5% Large file attachments with non-work related content - 3%.
Types of Spamming Techniques spamming Bulk software Dictionary spamming Directory harvest attack Spambot Pink contract
Security Implications of Spam Some of the security concerns of spam are: Unwanted spam messages eat up a tremendous amount of storage space. Large no. of messages coming in network can overload & create a DoS condition leading to serious system downtime. Consequences: system unavailability, improper message send receive., Network intrusions along with malware, Viruses,Trojan horses, Web bugs wreak havoc on networks, server, and end user systems. Some of the spam is actually social engineering at work.
Cost Estimates of Spam Despite agreeing that spam is free speech, it costs people and organizations time and money Taking a real world corporate example, 25 s/day 150/week 7800/year 2 secs. to handle each 4.33/year $40/hr pay /user/year (???) Each msg is 5KB 7800x 5 = 38MB clutter These figures count big for large firms with employees.
Anti-Spam The Goal Prevent or minimize the effectiveness of spammers to send spam to a large number of recipients. Emphasis on Anti Spam
Why Spam is so Easy Cost of Harvesting or collecting addresses. Monetary Cost of sending spam . Computational Cost of sending spam . Legal Cost of sending spam . Anonymity of the sender.
Anti-Spam Techniques 3 Categories End User Techniques. Automated Techniques for Administrators. Automated Techniques for Senders.
End User Techniques Address ‘Munging’ myname at dot com Transparent address munging more effective Disable HTML in If not disabled might execute malicious scripts Validate addresses Reporting spam Track down spammer’s ISP and report Difficult for End user to do and will not work for botnets or netblocks.
End User Techniques…(contd.) Disposable addresses Disposable temporary address forwards to valid address No Response to Spam Responding validates address Aggressive Response to Spam Controversial, spam the spammer Automated tools to submit forms on spammer sites Might not work with zombies on botnets
Automated Techniques for Administrators Rule Based Systems Parse incoming for specific keywords or content and then apply set of rules May have Distributed community approach Members mark spam Add to database Infer Rules from database Valid s may end up in Spam box
Automated Techniques for Administrators… (contd.) Challenge-Response Systems Exploits the spammer anonymity factor. White List – from addresses on white list accepted. Black List – from addresses on Black List rejected For unknown addresses : Send Challenge to unknown address If valid response received accept the original message.
Automated Techniques for Administrators… (contd.) Authentication and Reputation Reputation system for legitimate servers. Used in conjunction with spam filtering. Checksum-based filtering Maintain database of checksums of spam s Compare chechsum of incoming to detect DNS Based Blackhole Lists Different kind of lists to indicate servers that send spam Greylisting Temporarily reject messages from unknown senders Spammers will usually not try resending
Automated Techniques for Senders Background checks on new users and customers Confirmed opt-in for mailing lists
Ongoing Research Ham passwords Attach ham passwords to subject line to verify validity of message Cost-based systems Stamps - Monetary cost, micro-payments Proof-of-work systems – Computational cost Bonds or Sender-at-risk – Pay cost if suspicious sender
Conclusion Arms race between spammers and anti spam techniques Effective and efficient use of various Anti- Spam techniques as discussed can make spamming less profitable and can prove a way to help FIGHT SPAM. Distributed Community approach most effective
THANK YOU