spam is bad
play

Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am - PowerPoint PPT Presentation

Feb 27, 2024 •342 likes •655 views

Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am http://asrg.sp.am Why is spam bad? Theres too much of it Its offensive Its fraudulent 2 Why is spam bad? Theres too much of it 98% More spam

  1. Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am http://asrg.sp.am

  2. Why is spam bad? • There’s too much of it • It’s offensive • It’s fraudulent 2

  3. Why is spam bad? • There’s too much of it 98% – More spam than real mail everywhere 95% – Large ISPs see > 80% spam 90% – Even with filters, real 80% mail is lost in the noise 50% 0 10 20 30 40 50 3

  4. Why is spam bad? • It’s offensive – Large amounts of porn – Porn in the spam itself – Who’d give their kid an e-mail account? 4

  5. Why is spam bad? • It’s fraudulent – All those fake addresses – Forgeries of familiar addresses – Selling fraudulent stuff – Who’ll read real mail from the bank after getting 1000 fake mails from the bank? 5

  6. What Isn’t the Spam Problem? • The Authentication Problem • The Introduction Problem • The Filtering Problem • The Accreditation Problem • The Reputation Problem 10

  7. The Authentication Problem • Verify that a message is actually from the sender it purports to be from 11

  8. The Authentication Problem • Verify that a message is actually from the sender it purports to be from 12

  9. The Authentication Problem • Verify that a message is actually from the sender it purports to be from • Same person as last time? 13

  10. The Authentication Problem • Verify that a message is actually from the sender it purports to be from • Same person as last time? • An actual real-life person? 14

  11. The Authentication Problem • Verify that a message is actually from the sender it purports to be from • Same person as last time? • An actual real-life person? • An entity against which we can retaliate? 15

  12. The Introduction Problem • Mail from hitherto unknown senders • Make it hard enough to deter spammers • But easy enough to admit real mail 16

  13. The Introduction Problem • Mail from hitherto unknown senders • Make it hard enough to deter spammers • But easy enough to admit real mail E-postage Hashcash CAPTCHA Challenge/Response 17

  14. The Filtering Problem • Distinguish nice mail from nasty mail • Try not to lose too much nice mail • Hope it’s not too expensive to do • Hope my tastes and yours aren’t too different 18

  15. The Accreditation Problem • Third parties that vouch for potential correspondents • You can prove you’re nice to one place rather than millions? 19

  16. The Accreditation Problem • Third parties that vouch for potential correspondents • You can prove you’re nice to one place rather than millions? – Bonded Sender – Habeas – IADB (ISIPP Accreditation Database) 20

  17. The Reputation Problem • Who’s nasty, who’s nice • State of the art: DNSBLs • Needs a lot of work – What do you ask a reputation system? – What kinds of answers can they return 21

  18. Are These the Spam Problem? • NO • They’re related to it • But they’re not the spam problem • Or even necessarily parts of it 22

  19. What has ASRG done lately? • Reorganized into subgroups • One finished, a few under way 23

  20. Lightweight MTA Authentication Protocol • Threw it over the wall to MARID • Reborn as SMTP authorization – Looking at analysis of effect of whatever MARID does 24

  21. Abuse reporting • Simple convention for exchanging spam reports as e-mail • Large ISPs express interest 25

  22. BCP • Drafted a few – DNSBLs / DNSWLs – Port 25 blocking and SUBMIT 26

  23. Filtering • Some work on a header to document what filtering has happened • Now looking at filtering rule exchange 27

  24. Message verification • Domain keys, Authenticated Mail, TEOS, Lumos, S/MIME, … • Look for common aspects – Probably redundant with MASS 28

  25. Identity, Authentication, and Reputation • Lots of interest, no action • Sender-ID et al need a reputation system • How do we build them? What are the questions? What are the answers? • Can we invent common interfaces? 29

  26. Things we’re not doing • Define spam • Challenge/response • E-postage • Replacements for SMTP 30

  27. What’s happening elsewhere • Open Group – Validation profiles • MAAWG – Implementation advice to members • ITU-T – Technical and administrative coordination – Tell governments what to endorse 32

  28. The standards process IETF ITU-T • Practical orientation • Driven by politics • Based on working • Paper designs prototypes • Slow cumbersome • Fast efficient process process 33

  29. The standards process ITU-T IETF • Practical orientation • Driven by politics • Based on working • Paper designs prototypes • Slow cumbersome • Fast efficient process process 34

  30. So where are we? • Spam is still bad • Solutions are hard • But we can make incremental progress 35

  31. Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am

Recommend

Spam, Spam, Spam Why is spam interesting? Everyone can observe spam. Spam / Anti-spam is a

Spam, Spam, Spam Why is spam interesting? Everyone can observe spam. Spam / Anti-spam is a

Spam, Spam, Spam Why is spam interesting? Everyone can observe spam. Spam / Anti-spam is a highly evolved form of information warfare. Fascinating socioeconomic study with many players - users, ISPs, spammers, technologists, legal

322 views • 17 slides
Spam Fighting at CERN 28 April 2004 Emmanuel Ormancey 1 What is Spam ? What is Spam ? Spam

Spam Fighting at CERN 28 April 2004 Emmanuel Ormancey 1 What is Spam ? What is Spam ? Spam

Spam Fighting at CERN 28 April 2004 Emmanuel Ormancey 1 What is Spam ? What is Spam ? Spam is the friendly name given to unsolicited mail everyone receives in the mailbox. Comes from a Monty Python sketch, where in a caf everything

505 views • 13 slides
Opinion Spam and Analysis NITIN JINDAL & BING LIU, WSDM 08 UIUC Opinion/Review Spam All

Opinion Spam and Analysis NITIN JINDAL & BING LIU, WSDM 08 UIUC Opinion/Review Spam All

Opinion Spam and Analysis NITIN JINDAL & BING LIU, WSDM 08 UIUC Opinion/Review Spam All spam is spam but some spam is more spam than others Opinion spam similar to web spam or email spam in intent, but different in form / content Web

912 views • 38 slides
The CAN-SPAM Act of 2003 D E C E M B E R 2 0 0 3 THE CAN-SPAM ACT OF 2003 Status of Legislation

The CAN-SPAM Act of 2003 D E C E M B E R 2 0 0 3 THE CAN-SPAM ACT OF 2003 Status of Legislation

The CAN-SPAM Act of 2003 D E C E M B E R 2 0 0 3 THE CAN-SPAM ACT OF 2003 Status of Legislation When Congress returns from recess on December 8, 2003, it will finish its work on the CAN-SPAM Act of 2003 (Controlling the Assault of

323 views • 4 slides
Link Spam Alliances Zoltn Gyngyi Hector Garcia-Molina Class List Spam 101 Intro to

Link Spam Alliances Zoltn Gyngyi Hector Garcia-Molina Class List Spam 101 Intro to

Link Spam Alliances Zoltn Gyngyi Hector Garcia-Molina Class List Spam 101 Intro to web spam Spam 221 Spamming PageRank Spam farm model Optimal farm structure Alliances of two farms Larger alliances Spam

876 views • 30 slides
Web Spam Dr. Marc Spaniol Dr. Marc Spaniol Saarbrcken, June 24, 2010 Databases and

Web Spam Dr. Marc Spaniol Dr. Marc Spaniol Saarbrcken, June 24, 2010 Databases and

Web Dynamics Web Spam Web Spam Dr. Marc Spaniol Dr. Marc Spaniol Saarbrcken, June 24, 2010 Databases and Information Systems Prof. Dr. G. Weikum MPII-Sp-0710-1/49 Agenda Web spam - Why and what? Web Spam - Spam taxonomy

669 views • 49 slides
Web Spam Marc Spaniol Marc Spaniol Saarbrcken, July 23, 2009 Databases and Information

Web Spam Marc Spaniol Marc Spaniol Saarbrcken, July 23, 2009 Databases and Information

Web Dynamics Web Spam Web Spam Marc Spaniol Marc Spaniol Saarbrcken, July 23, 2009 Databases and Information Systems Prof. Dr. G. Weikum MPII-Sp-0709-1/49 Agenda Web spam - Why and what? Web Spam - Spam taxonomy Overview

806 views • 49 slides
Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why

Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why

Detecting Product Review Spammers using Rating Behaviors Itay Dressler What is Spam? Why should you care? How to detect Spam? 2 What is Spam? What is Spam? All forms of malicious manipulation of user generated data so as to

943 views • 56 slides
Web Spam Know Your Neighbors: Web Spam Detection using the Web Topology Presenter: Sadia Masood

Web Spam Know Your Neighbors: Web Spam Detection using the Web Topology Presenter: Sadia Masood

Seminar: Future Of Web Search University of Saarland Web Spam Know Your Neighbors: Web Spam Detection using the Web Topology Presenter: Sadia Masood Tutor : Klaus Berberich Date : 17-Jan-2008 The Agenda Focus of the First Paper

1.22k views • 53 slides
spam, ham and other food or how to distribute spam to 100k email addresses Who am I? Debian

spam, ham and other food or how to distribute spam to 100k email addresses Who am I? Debian

spam, ham and other food or how to distribute spam to 100k email addresses Who am I? Debian Developer since 2003 Listmaster Alioth Admin Maintainer of packages like iproute, icinga, nagios and a lot of other useless stu ff

219 views • 20 slides
Machine Learning in Spam Filtering A Crash Course in ML Konstantin Tretyakov kt@ut.ee

Machine Learning in Spam Filtering A Crash Course in ML Konstantin Tretyakov kt@ut.ee

Machine Learning in Spam Filtering A Crash Course in ML Konstantin Tretyakov kt@ut.ee Institute of Computer Science, University of Tartu Overview Spam is Evil ML for Spam Filtering: General Idea, Problems. Some Algorithms Nave Bayesian

391 views • 35 slides
x 2 > b w T x > 0 SPAM!! x ( x , 1) w 3 x 3 w T x + b ( w , b ) T ( x , 1)

x 2 > b w T x > 0 SPAM!! x ( x , 1) w 3 x 3 w T x + b ( w , b ) T ( x , 1)

A neuron (or how our brains work) Linear models Subhransu Maji CMPSCI 670: Computer Vision November 3, 2016 Neuroscience 101 CMPSCI 670 Subhransu Maji (UMASS) 2 Perceptron Example: Spam Input are feature values Imagine 3 features (spam

682 views • 8 slides
Spam Filtering with Naive Bayes Classifier Yuriy Arabskyy June 6, 2017 Table of contents What

Spam Filtering with Naive Bayes Classifier Yuriy Arabskyy June 6, 2017 Table of contents What

Spam Filtering with Naive Bayes Classifier Yuriy Arabskyy June 6, 2017 Table of contents What is spam? Different spam types Anti-Spam Techniques Probability theory basics Conditional probability Bayes Theorem Naive Bayes Theorem Spam

1.04k views • 27 slides
Spam-URL Detection via Redirects Heeyoung Kwon Mirza Basim Baig Leman Akoglu Era of Spam Era

Spam-URL Detection via Redirects Heeyoung Kwon Mirza Basim Baig Leman Akoglu Era of Spam Era

A Domain-Agnostic Approach to Spam-URL Detection via Redirects Heeyoung Kwon Mirza Basim Baig Leman Akoglu Era of Spam Era of Spams [1] [1] Social Media Spamming Grew By 658% Between 2013 And 2014: Entertainment, Financial And News

241 views • 20 slides
Advanced Topics of Mail Service Deal with Malicious Mail, including Virus, Phishing, Spam,

Advanced Topics of Mail Service Deal with Malicious Mail, including Virus, Phishing, Spam,

Advanced Topics of Mail Service Deal with Malicious Mail, including Virus, Phishing, Spam, Computer Center, CS, NCTU Nature of Spam Spam Simultaneously Posted Advertising Message UBE Unsolicited Bulk Email UCE

915 views • 89 slides
Spam legislation in the Netherlands: the law, results, approach

Spam legislation in the Netherlands: the law, results, approach

Spam legislation in the Netherlands: the law, results, approach and lessons learned Wout de Natris De Natris Consult CITEL spam workshop Mendoza,

701 views • 30 slides
Ac%ve learning x 2 o o Spam + o o o + o o o + o o o o

Ac%ve learning x 2 o o Spam + o o o + o o o + o o o o

Ac%ve learning x 2 o o Spam + o o o + o o o + o o o o o o Ham x 1 Labels are expensive (need to ask expert) Want to minimize the number

860 views • 44 slides
We need EVERYONE to ensure Your Spam Filter is set to allow the District domain access to your

We need EVERYONE to ensure Your Spam Filter is set to allow the District domain access to your

We need EVERYONE to ensure Your Spam Filter is set to allow the District domain access to your inbox. Please ensure @lafayettedistrict.org is allowed to send to Your email and clear Your spam filters. This includes filters set on your Providers

457 views • 23 slides
Combating Spam Server-side Purpose : to provide insight into the steps an organization can take

Combating Spam Server-side Purpose : to provide insight into the steps an organization can take

Combating Spam Server-side Purpose : to provide insight into the steps an organization can take to close the Spam Floodgates. Presented by Ben Serebin May 22, 2003 @ eWin www.reefsolutions.com 1 Introduction Working in the IT sector

382 views • 12 slides
Using BGP for realtime import and export of spam whitelist/blacklist entries Peter Hessler

Using BGP for realtime import and export of spam whitelist/blacklist entries Peter Hessler

Using BGP for realtime import and export of spam whitelist/blacklist entries Peter Hessler phessler@hostserver.de Hostserver GmbH 17 September, 2015 traditional methods network-based spam fighting: download a file from a server every

381 views • 26 slides
Web Spam, Propaganda and Trust P. Takis Metaxas Computer Science Department Wellesley College

Web Spam, Propaganda and Trust P. Takis Metaxas Computer Science Department Wellesley College

Web Spam, Propaganda and Trust P. Takis Metaxas Computer Science Department Wellesley College Joint work with Joe DeStefano Outline of the Talk The Web and its Spam A Short History of the Search Engines

460 views • 27 slides
last chance for mail service ? DKIM TFMC2 01/2006 Mail service status More and more spam,

last chance for mail service ? DKIM TFMC2 01/2006 Mail service status More and more spam,

last chance for mail service ? DKIM TFMC2 01/2006 Mail service status More and more spam, fishing, spoofing, virus More and more energy in spam fighting More and more messages lost because : Imperfect automatic filtering

334 views • 18 slides
BotMagnifier : Locating Spambots on the Internet Gianluca Stringhini Thorsten Holz Brett

BotMagnifier : Locating Spambots on the Internet Gianluca Stringhini Thorsten Holz Brett

BotMagnifier : Locating Spambots on the Internet Gianluca Stringhini Thorsten Holz Brett Stone-Gross Christopher Kruegel Giovanni Vigna USENIX Security Symposium August 12, 2011 Spam is a big problem Spam is sneaky Spam is sneaky Tracking

550 views • 32 slides
SPAMIA: Spam filtering by quantitative profiles Marin Grendr, Jana kutov, Vladimr

SPAMIA: Spam filtering by quantitative profiles Marin Grendr, Jana kutov, Vladimr

Spam and its detection Quantitative profile approach Results Conclusions SPAMIA: Spam filtering by quantitative profiles Marin Grendr, Jana kutov, Vladimr pitalsk Slovanet a.s., Zhradncka 151, 821 08 Bratislava, Slovakia

680 views • 22 slides

More recommend