Spam and Anti-Spam

Document Sample
Spam and Anti-Spam Powered By Docstoc
					Spam and
        Aditi Desai
        Yousuf Haider
   Introduction
   Purpose of Spam
   Types of Spam
   Spam Techniques
   Anti spam
   Why Spam is so Easy
   Anti Spam Techniques
   Ongoing research
   Conclusion
   Spam- unwanted “junk" e-mail sent to a large
    number of people to promote products or
     1 out of 4 Network Administrators spend more than 1 hour a day
      combating spam
     1 out of 2 organization’s bandwidth usage is at least 10% spam.

   Emphasis on email spam.
   Discussion on AntiSpam and its Techniques.
Purpose of Spam
   High potential payoffs in return for very little
    effort on the spammer’s part.
   Spammers succeed when even a small number
    of people reply to and purchase some spam-
    based offering for the spammers to succeed
   E.g. Lawrence Canter and Martha Siegel are two of the original, and
    perhaps most notorious, spammers on the Internet. These
    immigration attorneys earned their 15 minutes of fame by posting
    green card lottery ads on thousands of Usenet groups in 1993.
Mediums of Spam
   E-mail spam
   Instant Messaging and Chat Room spam
   Chat spam
   Newsgroup spam and forum spam
   Mobile phone spam
   Online game messaging spam
   Spam targeting search engines (spamdexing)
   Blog, wiki, and guestbook spam
   Spam targeting video sharing sites
   Noncommercial spam
Types of Internet Spam
  Unsolicited commercial mails - 68%
 Adult - 15%
 Jokes - 9%
 Chain letters - 4.5%
 Large file attachments with non-work
  related content - 3%.
Types of Spamming Techniques
   Email spamming
     Bulk email software
     Dictionary spamming
     Directory harvest attack
     Spambot
     Pink contract
Security Implications of Spam
   Some of the security concerns of spam are:
       Unwanted spam messages eat up a tremendous amount of
        storage space.
       Large no. of messages coming in network can overload & create
        a DoS condition leading to serious email system downtime.
        Consequences: email system unavailability, improper message
        send receive.

       Network intrusions along with malware, Viruses,Trojan horses,
        Web bugs wreak havoc on networks, server, and end user
       Some of the spam is actually social engineering at work.
Cost Estimates of Spam
   Despite agreeing that spam is free speech, it costs
    people and organizations time and money
   Taking a real world corporate example,
       25 emails/day  150/week7800/year
       2 secs. to handle each  4.33/year
       $40/hr pay  173.33/user/year (???)
       Each msg is 5KB  7800x 5 = 38MB clutter

   These figures count big for large firms with 1000+
   The Goal
     Prevent or minimize the effectiveness of
     spammers to send spam to a large number of
     Emphasis on Email Anti Spam
       Why Spam is so Easy
 Cost of Harvesting or collecting email
 Monetary Cost of sending spam email.
 Computational Cost of sending spam
 Legal Cost of sending spam email.
 Anonymity of the sender.
Anti-Spam Techniques
   3 Categories
     End User Techniques.
     Automated Techniques for Email
     Automated Techniques for Email Senders.
End User Techniques
   Address ‘Munging’
     myname at email dot com
     Transparent address munging     more effective
   Disable HTML in e-mail
     If
       not disabled might execute malicious scripts
     Validate email addresses
   Reporting spam
     Track down spammer’s ISP and report
     Difficult for End user to do and will not work   for
      botnets or netblocks.
End User Techniques…(contd.)
   Disposable Email addresses
        Disposable temporary address forwards email to
        valid address
   No Response to Spam
       Responding validates address
   Aggressive Response to Spam
     Controversial, spam the spammer
     Automated tools to submit forms on spammer sites
     Might not work with zombies on botnets
Automated Techniques for Email
   Rule Based Systems
     Parse incoming email for specific keywords
     or content and then apply set of rules
     May have Distributed community approach
         Members mark spam
         Add to database

         Infer Rules from database

       Valid emails may end up in Spam box
Automated Techniques for Email
Administrators… (contd.)
   Challenge-Response Systems
      Exploits the spammer anonymity factor.
     White List – Email from addresses on white list
     Black List – Email from addresses on Black List
     For unknown addresses :
           Send Challenge to unknown address
           If valid response received accept the original message.
Automated Techniques for Email
Administrators… (contd.)
   Authentication and Reputation
       Reputation system for legitimate servers.
       Used in conjunction with spam filtering.
   Checksum-based filtering
       Maintain database of checksums of spam emails
       Compare chechsum of incoming email to detect
   DNS Based Blackhole Lists
       Different kind of lists to indicate servers that send spam
   Greylisting
       Temporarily reject messages from unknown senders
       Spammers will usually not try resending
Automated Techniques for Email
 Background checks on new users and
 Confirmed opt-in for mailing lists
Ongoing Research
   Ham passwords
       Attach ham passwords to email subject line
        to verify validity of message
   Cost-based systems
       Stamps - Monetary cost, micro-payments
       Proof-of-work systems – Computational cost
       Bonds or Sender-at-risk – Pay cost if
        suspicious sender
 Arms race between spammers and anti
  spam techniques
 Effective and efficient use of various Anti-
  Spam techniques as discussed can make
  spamming less profitable and can prove a
  way to help FIGHT SPAM.
 Distributed Community approach most

Shared By: