b @bel leveraging email delivery for spam mitigation n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
B @BEL: Leveraging Email Delivery for Spam Mitigation PowerPoint Presentation
Download Presentation
B @BEL: Leveraging Email Delivery for Spam Mitigation

Loading in 2 Seconds...

play fullscreen
1 / 20

B @BEL: Leveraging Email Delivery for Spam Mitigation - PowerPoint PPT Presentation


  • 157 Views
  • Uploaded on

B @BEL: Leveraging Email Delivery for Spam Mitigation . Gianluca Stringhini , Manuel Egele , a Apostolis Zarras , Thorsten Holz , Christopher Kruegel , and Giovanni Vigna presented by rui xie. Problems on Spam. Wealthy economy behind spam 77% of emails are spam

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

B @BEL: Leveraging Email Delivery for Spam Mitigation


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. B@BEL: Leveraging Email Delivery for Spam Mitigation GianlucaStringhini, Manuel Egele, aApostolisZarras, Thorsten Holz, Christopher Kruegel, and Giovanni Vignapresented by ruixie

    2. Problems on Spam • Wealthy economy behind spam • 77% of emails are spam • 85% of spam are sent by botnets

    3. Traditional Spam Detection • Content Analysis • Origin Analysis

    4. Approach in Article • Focusing on the way that client interact with SMTP server

    5. Overview • Techniques • System design • Evaluation • Limitations

    6. Techniques • SMTP dialects • Feedback manipulation

    7. SMTP dialects

    8. Feedback Manipulation

    9. Botnet also use feedback • Botmaster sends spam to bot • Bot sends spam to SMTP server • SMTP server sends spam to useror replies bot no such user exists • Bot replies bot master no such user exists • Bot master delete address of the user from user list

    10. Importance • SMTP dialects • Spam detection • Malware classification • Feedback manipulation • Successful botnets are using bot feedback • 35% of the email addresses were nonexistent

    11. System design • Learning SMTP dialects • Build a decision model • Making a decision

    12. SMTP dialects state • D =< Σ,S,s0,T,Fg,Fb > • Σ: input alphabet • S : set of states • s0: initial state • T : transitions • Fg: good final states • Fb: bad final states

    13. Learning SMTP dialects

    14. Collecting SMTP conversations • Passive observation • Two dialects might look the same! • Active probing • Intentionally sending incorrect replies, error messages

    15. Build a decision model

    16. Making a decision • Passive matching • Detect dialects by observing conversations • Active probing • Send specific replies to “expose” differences

    17. Evaluation • Experiment has 621,919 SMTP conversations • Results • 260,074 as spam • 218,675 as ham • 143,170 could not decide

    18. Result in real life

    19. Limitations • Evading dialects detection • Implement a “faithful” SMTP engine • Making spammers to look like a legitimate client • Evading feedback manipulation

    20. Conclusion • Focusing on the way that client interact with SMTP server • SMTP dialects • Feedback manipulation • Valuable tool for spam mitigation