Download presentation
Presentation is loading. Please wait.
1
1 Enhancing Email Address Privacy on Anti-SPAM by Dou Wang and Ying Chen School of Computer Science University of Windsor October 2007
2
2 Contents Introduction Related Works Our Proposed Method Advantages Conclusion
3
3 Introduction SPAM Consume recipients’ time and work Consume resources of Mail Transfer Agents (MTAs) Deliver with virus, spy-ware and/or ad-ware Contain phishing content to break the users’ privacy
4
4 Introduction Jupiter Research estimates the average e-mail user will receive more than 3,900 spam mails per year by 2007, up from just 40 in 1999, and Ferris Research estimates spam costs U.S. companies 10 billion in 2003 and a user spends on the average 4 seconds to process a SPAM mail. [1]
5
5 Related works Anti-spam Solutions Category Filtering [2] Origin-based filtering Content-based filtering Traffic-based filtering Policy-Control Human-interactive Completely Automatic Public Turing Test to tell Computer and Humans Apart (CAPTCHA) [3] Address-hiding
6
6 Related works Filtering Origin-based filter checks sender information with certain keywords, string styles and compares with recipients’ whitelist and blacklist. Content-based filter analyzes the body content of the email message by complex algorithms and maintain the knowledge base to realize self-learning. Traffic-based filter examines the network traffic on the email server and gather the server logging information to determine the spam probability.
7
7 Related works User interface of SOPHOS spam filter about quarantine and whitelist and blacklist.
8
8 Related works Policy-Control Non-technical policy restriction. More and more governments defined regulations and acts to restrict spammers performing the spam spreading. Technical policy restriction. Change the protocol regulation can restrict spam message delivery for the technology that the spammers currently are using.
9
9 Related works Human-Interactive Completely Automatic Public Turing Test to Tell Computer and Humans Apart (CAPTCHA) Ttriggered by the recipient MTA to send a verification string back to sender to verify the sender is a real human. Samples of CAPTCHA string
10
10 Related works Address-hiding Hide the unique character in the email address, the symbol @ userid@domain.com userid at domain dot com
11
11 Our Proposed Method Make email addresses on the Internet be unsearchable by scanning program. Encrypt both sender and recipients email addresses to prevent hijacking during the transferring.
12
12 Our Proposed Method How the spammers get bulk email addresses Buy the millions of email addresses from some organizations. Scan the Internet addresses from the Internet web pages or some web pages that contain email addresses.
13
13 Our Proposed Method Make email addresses on the Internet be unreachable by scanning program username@company.com username@company.ca
14
14 Our Proposed Method Encrypt both sender and recipients email addresses to prevent hijacking during the transferring The MTA randomly generates a MessageID and assign it to the email which arrived to the MTA. Before sending out the email message to destination MTA, sender relay host sends a SMTP socket with MessageID to recipient MTA to ask for returning a key generated by using the MessageID on the recipient server.
15
15 Our Proposed Method Encrypt both sender and recipients email addresses to prevent hijacking during the transferring (continue) Sender MTA uses this key to encrypt all the email addresses in the message (SendTo, CopyTo and From, etc) to generate the encrypted code for the part of email address before “@” symbol. userid@gmail.comuserid@gmail.com 1Qerg4mF7@gmail.com 1Qerg4mF7@gmail.com userid@gmail.com1Qerg4mF7@gmail.com After the message arrived the recipient MTA, the host uses the original MessageID to decrypt the email addresses in the email message and assign a new MessageID for delivery.
16
16 Our Proposed Method Diagram of encoding email addresses
17
17 Advantages Reduces the SPAM from the root. Compatibility and maintain the standard. Low cost of network traffic. Easy to implement. Gain the initiative in the anti-spam combat.
18
18 Conclusions The first approach convert posted email addresses to graphical pictures rather than expose the character strings to prevent spammers use scanning program to search them out. The second approach use an encryption method to secure the email addresses to avoid hijacking during the email transferring.
19
19 ?
20
20 References [1] Ming-Wei Wu; Yennun Huang; Shyue-Kung Lu; Ing-Yi Chen; Sy-Yen Kuo, “A Multi-faceted approach towards spam-resistible mail”, Dependable Computing, 2005. Proceeding, 11th Pacific Rim International Symposium, Page(s): 9 pp, Dec, 2005. [2] Yanhui Guo; Yaolong Zhang; Jianyi Liu; Cong Wang, “Research on the Comprehensive Anti-Spam Filter”, Industrial Informatics, 2006 IEEE International Conference, Page(s) 1069-1074, Aug, 2006 [3] Sajad Shirali-Shahreza; Ali Movaghar, “A New Anti-Spam Protocol Using CAPTCHA”, Networking, Sensing and Control, 2007 IEEE International Conference, Page(s) 234-238, April, 2007
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.