1 / 26

Stephan Kubisch , Harald Widiger , Peter Danielis , Jens Schulz, Dirk Timmermann

Complementing E-Mails with Distinct, Geographic Location Information in Packet-switched IP Networks. Stephan Kubisch , Harald Widiger , Peter Danielis , Jens Schulz, Dirk Timmermann { stephan.kubisch;peter.danielis }@ uni-rostock.de University of Rostock

misha
Download Presentation

Stephan Kubisch , Harald Widiger , Peter Danielis , Jens Schulz, Dirk Timmermann

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Complementing E-Mails withDistinct, Geographic Location Informationin Packet-switched IP Networks Stephan Kubisch, HaraldWidiger, Peter Danielis,Jens Schulz, Dirk Timmermann {stephan.kubisch;peter.danielis}@uni-rostock.de University of Rostock Institute of Applied Microelectronics and Computer Engineering Thomas Bahls, Daniel Duchow {thomas.bahls;daniel.duchow}@nsn.com Nokia Siemens Networks Broadband Access DivisionGreifswald, Germany MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  2. Outline • Introduction & Motivation • The General IPclip Mechanism • Anti-Spam Framework using IPclip • Modifying the E-Mail Header • A Typical Mail Flow • Requirements and Constraints • Advantages • Summary MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  3. Introduction & Motivation We do have a spamproblem! No 100% solution out there! • Lack of user trustworthiness in the mass-medium Internet • Spam: Masses of unsolicited bulk e-mails delivered by SMTP • What can be done against spam? • DetectTracePrevent • Availableanti-spamtoolstrigger on e-mailandheadercontent • Data canbeforged: Spammers lie! • Anti-spamexamples • DomainKeysIdentified Mail (DKIM) • Sender Policy Framework (SPF) • SpamAssassin • … andmanymore MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  4. Introduction & Motivation Public Switched Telephone Network vs. Internet Public Switched Telephone Network Line-switched Call number identifies access line and an address Direct interrelationship with location information (LI): Trust-by-Wire! Internet Packet-switched IP addresses are ambiguous! No interrelationship with LI: No Trust-by-Wire (TBW)! Trust-by-Authentication (TBA) to provide user trustworthiness? SMTP and the Internet lack both TBW and TBA! How do we restore the user's belief in e-mail services? MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  5. Outline • Introduction & Motivation • The General IPclipMechanism • Anti-Spam Framework usingIPclip • Modifyingthe E-Mail Header • A Typical Mail Flow • RequirementsandConstraints • Advantages • Summary MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  6. The General IPclip Mechanism IPclip is used to provide a useful degree of TBW in IP networks • IPclip = IP Calling Line IdentificationPresentation • Locationinformation (e.g., GPS) isaddedtoeach IP packet asIP option Locationinformation in IP • Eitherbytheuserorbytheaccessnodeof an accessnetwork MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  7. The General IPclip Mechanism What kind of location information do we use? • IP headercancontain IP options • IP optionsshow a type-length-valuestructure • Locationinformationasvaluepartof an IP option MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  8. The General IPclip Mechanism Access network most reasonable place for adding/verifying LI • Access nodeisthe 1st trustworthynetworkelement • User providedlocationinformationsolelyverifiedhere • Access port + accessnode ID ascomplementaryinformation MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  9. The General IPclip Mechanism Using IPclip for ensuring trustworthy location information (LI) in IP • User provided LI trustworthyifwithinaccessnode‘ssubscribercatchmentarea (SCA) • IPclip on accessnodesetsflags in statusfielddepending on LI‘strustworthiness Access Node's SCA (normalized coords) MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  10. The General IPclip Mechanism Using IPclip for ensuring trustworthy location information (LI) • User provided LI trustworthyifwithinaccessnode‘ssubscribercatchmentarea Access Node's SCA (normalized coords) MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  11. Outline • Introduction & Motivation • The General IPclipMechanism • Anti-Spam Framework usingIPclip • Modifyingthe E-Mail Header • A Typical Mail Flow • RequirementsandConstraints • Advantages • Summary MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  12. Anti-Spam Framework using IPclip How to use IPclip and location information for fighting spam? • IPclipaddslocationinformation on layer 3 as IP option • Mail transferagents (MTAs) terminate IP  Weneedlocationinformation on applicationlayer (SMTP) • The first MTA copieslocationinformation in IPto e-mailheaderaslocationinformation in SMTP From - <timestamp> X-IPclip-Status: 1100 X-IPclip-Type: GPS X-IPclip-LI: <longitude;latitude> X-IPclip-Port: x X-IPclip-AN: A X-IPclip-MTA: mx.senderhome.net [86.165.10.2] Return-Path: <sender@senderhome.net> Received: from ... MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  13. Anti-Spam Framework using IPclip Typical mail flow between Alice & Bob (same provider network) MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  14. Anti-Spam Framework using IPclip 4 cases can be distinguished when an e-mail arrives at an MTA • These 4 different possibilitiesregardingtheexistenceoflocationinformation (LI) in IPandLI in SMTP representourframework 2 5 MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  15. Anti-Spam Framework using IPclip Typical mail flow between Alice & Bob (same provider network) MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  16. Anti-Spam Framework using IPclip Requirements and constraints for IPclip in this use case • FullyIPclip-terminateddomain, e.g., a self-containedprovidernetwork • IPclipismandatoryat all accessnodes • IPclip-capable IP stack in relevant networkdevices • MTAs must understand locationinformation (LI) in IP • MTAs must copyLI in IP to e-mailheaderasLI in SMTP • Mail User Agentsor anti-spamtools must understand LI in SMTP totakeadvantageofit MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  17. Anti-Spam Framework usingIPclip Privacy issues – revelation of sensitive user LI? • IPclipsupportsremovaloflocationinformation (LI) in IP • IPclip‘sstatusfieldcontainsremovalflag (RF) • RF indicatesremovalofLI in SMTP atrecipient‘s MTA • Source andtrustabilityflagnotremoved Trigger for anti-spammechanismswithoutrevealing LI • Use an encryptedformatfor LI MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  18. Anti-Spam Framework using IPclip Advantages MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  19. Outline • Introduction & Motivation • The General IPclip Mechanism • Anti-Spam Framework using IPclip • Modifying the E-Mail Header • A Typical Mail Flow • Requirements and Constraints • Advantages • Summary MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  20. Summary • Conceptual anti-spam framework using IPclip • IPclip adds location information (LI, e.g., GPS) to each IP packet • IPclip guarantees LI’s trustworthiness (Trust-by-Wire) • IPclip-capable MTAs copy LI in IP to e-mail header as LI in SMTP • Benefits of the proposed approach 1. More precise tracing of spam by means of LI 2. More reliable classification of spam by means of trustworthy status flags MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  21. Thank you! Any questions?peter.danielis@uni-rostock.dehttp://www.imd.uni-rostock.de/networking MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  22. Introduction & Motivation Trust models for garantueeing trustworthiness of a user Trust-by-Wire (TBW) • Trusted interrelationship between a userandhis/her geographiclocation • Example: Given in Public Switched Telephone Network (PSTN) Trust-by-Authentication (TBA) • Verificationofuseridentitybymeansofsafeinformation, e.g., passwords • Example: Applied in the Internet MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28 22

  23. Anti-Spam Framework using IPclip Possibilities for an e-mail sender in adding location information MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  24. Anti-Spam Framework using IPclip Can location information (LI) in SMTP be forged? • Yes, but forged LI in SMTP canbedetected • First MTA knowsitisthefirstone • LI in SMTP optionsmay not existatthefirst MTA • LI in IP onlyexistsatfirst MTA MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  25. Mail flows between Alice, Bob & Peter (different provider nets) MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

  26. Comparison DKIM, SPF, IPclip Why IPclip, differences/benefits compared to DKIM, SPF MIT 2008 Spam Conference, Cambridge, MA, USA, March 27-28

More Related