1 / 23

Preventing Spam: Today and Tomorrow

Preventing Spam: Today and Tomorrow. Zane Bonny Vilaphong Phasiname The Spamsters!. Summary. Why Prevent Spam How is Spam Prevented What is Wrong With This Picture? What can we do? List Based Approach Algorithm Based Approach Government Legislation Who Did What and Sources Conclusions.

tamarr
Download Presentation

Preventing Spam: Today and Tomorrow

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Preventing Spam:Today and Tomorrow Zane Bonny Vilaphong Phasiname The Spamsters!

  2. Summary • Why Prevent Spam • How is Spam Prevented • What is Wrong With This Picture? • What can we do? • List Based Approach • Algorithm Based Approach • Government Legislation • Who Did What and Sources • Conclusions

  3. Why Prevent Spam • Phishing Scams • Red Cross Donation • Privacy • Many want your personal information • Out of control • 70 to 100 a day at the average office • Costly • More than 10 Billion a year.

  4. Why Prevent Spam • ANNOYING! • Who likes spam in their inbox? • Can you totally eliminate spam?

  5. How is Spam Prevented • Junk E-Mail Filter – will decide to delete a message or not based on the content of the email message. • Safe Senders List – this list defines an email as safe or not. Imagine an email message that is sent through but is deleted by the spam filter. This filter tells the email program that it is safe. • Safe Recipients Lists – this list is similar to the senders list but is instead used for large groups of people. • Blocked Senders List – this is a list of the people that will be treated as junk whether they pass the filter or not.

  6. How is Spam Prevented • Never reply to a spam • Don’t click any links in a spam email • Don’t use your home or business email address • Preview your messages before you open them • Disguise your email address

  7. What is Wrong With This Picture? • Rely heavily on the user • Many of these methods do not provide automatic protection. • Lists and filters are rarely used by users • Even if they are utilized it takes time to be effective • What can we do to help eliminate?

  8. What can we do? • More user friendly methods • More automatic • Handled more on the IT side

  9. List: DNS Black Listing • Implementation of an old idea • Black list can be formed for an individual • This is known as DNS Blacklisting • Been in use since 1997 • Three requirements for Blacklist • Domain • Name Server • List of addresses

  10. List: DNS Black Listing • DNSBL queries • First reverses ip • Second appends DNSBL with reverse IP • Last checks names in list • Example • IP=1.2.3.4 DNSBL=bl.black.com • Sent to blacklist as 4.3.2.1.bl.black.com • Policies vary from blacklist to blacklist • What does the list wish to prevent? • How do you find the addresses? • How long?

  11. List: DNS Black Listing

  12. List: Challenge Response • This is an email filter in reverse • Assumes that all email is spam • First mail is sent • Second challenge is issued to the sender • Lastly, if the sender responds then they are white listed

  13. List: Challenge Response • A number of problems exist • Not all email can be responded to • Listserv • Mailing lists • Also what if a spammer used a legitimate email address?

  14. List: Bounce Messages • What is this? • Send one each time a spam email is sent • A few problems…. • Spammers don’t care • Forged return address • Pretty easy to tell by header if it is real or not

  15. Algorithm: Bayesian Probability • Bayesian achieves 98%+ spam detection rate using mathematical approach. • How does it work? • Uses ham files • Ham files contain legitimate email. • For example: • The word “free” can be recognize within the data base files of ham. • If the word “free” spell differently the Bayesian filter will detected as spam.

  16. Algorithm: Chung-Kwei • Named after Feng-Shui figure • This figure was a symbol of protection • Chung-Kwei is designed to protect business • Part of SpamGuru package made by IBM • Uses Teiresias algorithm to discover patterns for spam-vocabulary

  17. Algorithm: Chung-Kwei • Spam-vocabulary is what is used to filter emails before reaching end user. • White email can remove spam from the spam-vocabulary. • Query method then classifies

  18. Government Legislation • Why come up with a fancy technique at all why not just ask Uncle Sam for help? • Consider the Do Not Call Registry • Fairly effective at deterring telemarketers • Legal action is available if the telemarketers do not comply • On the flip side…. • Legal questions arise • And constitutional questions

  19. Who Did What? • Vilaphong… • Algorithm based approaches • Government legislation • Conclusion • Zane… • List based approaches • PowerPoint • Intro

  20. Sources • Boyce, Jim. “What to do with all that spam”. Microsoft. 1 May. 2003. 14 Nov. 2007. <http://office.microsoft.com/en-us/outlook/HA011590551033.aspx>. • “DNSBL”. Wikipedia. 13 Oct. 2007. 14 Nov. 2007. <http://en.wikipedia.org/wiki/DNSBL>. • Gowan, Frith. “Don't Get Lured by Phishing Scams”. Techsoup.org. 12 Dec. 2005. 14 Nov. 2007. <http://www.techsoup.org/learningcenter/internet/page4777.cfm> • Orlov, Gregory. “Spam: prevention is better than cure!”. BCS. 1 Jan. 2005. 14 Nov. 2007. <http://www.bcs.org/server.php?show=ConWebDoc.3064>. • Rigoutsos, Isidore and Huynh, Tien. “Chung-Kwei: a Pattern-discovery-based System for the Automatic Identification of Unsolicited E-mail Messages (SPAM)”. IBM Thomas J Watson Research Center. 1 Jan. 2005. 14 Nov. 2007. <http://www.ceas.cc/papers-2004/ 153.pdf>. • “Section 7 - Spam Prevention”. SORBS. 1 Jan. 2004. 14 Nov. 2007. <http://www.au.sorbs.net/ spamfo/prevention.shtml>. • Stuart, Anne. “Canning Spam”. Inc.com. 1 May. 2003. 14 Nov. 2007. <http://www.inc.com/ articles/2003/05/25444.html>. • Tenby, Susan. “Things You Can Do to Prevent Spam”. Techsoup.org. 12 Nov. 2007. 14 Nov. 2007. <http://www.techsoup.org/learningcenter/internet/page4782.cfm>. • “Why Bayesian Filtering is the Most Effective Anti-Spam Technology”. GFI.com. 1 Jan. 2007. 14 Nov. 2007. <http://www.gfi.com/whitepapers/why-bayesian-filtering.pdf>

  21. Conclusion • Have many prevention methods already implemented • Most important improvement that can be made is automation • Have listing methods and algorithms. algorithms tend to yield the best results • Simple lists were sufficient in past • Today Spam has evolved to a point that it requires “smarter” methods to prevent it • The prevention of spam will undoubtedly become more of issue in the future and cost business a consumers more money • A fool proof prevention is unlikely • Only 100% way is Government Regulation • That also has drawbacks

  22. Questions?

More Related