GridEmail: A Case for Economically Regulated Internet-based Interpersonal Communications

Email has emerged as a dominant form of electronic communication between people. Spam is a major problem for email users, with estimates of up to 56% of email falling into that category. Control of Spam is being attempted with technical and legislative methods. In this paper we look at email and spam from a supply-demand perspective. We propose Gridemail, an email system based on an economy of communicating parties, where participants? motivations are represented as pricing policies and profiles. This system is expected to help people regulate their personal communications to suit their conditions, and help in removing unwanted messages.Comment: 15 pages, 10 figures, A Technical Report from Grid Computing and Distributed Systems Laboratory, University of Melbourne, Australi

Ill Telecommunications: How Internet Infrastructure Providers Lose First Amendment Protection

The Federal Communications Commission (FCC) recently proposed an Internet nondiscrimination rule: Subject to reasonable network management, a provider of broadband Internet access service must treat lawful content, applications, and services in a nondiscriminatory manner. Among other requests, the FCC sought comment on whether the proposed nondiscrimination rule would promote free speech, civic participation, and democratic engagement, and whether it would impose any burdens on access providers\u27 speech that would be cognizable for purposes of the First Amendment. The purpose of this Article is to suggest that a wide range of responses to these First Amendment questions, offered by telecommunications providers and civil society groups alike, have glossed over a fundamental question: whether the activities of broadband Internet providers are sufficiently imbued with speech or expressive conduct to warrant protection under the First Amendment in the first place. Interestingly, it is not only those who argue against governmental regulation who make this threshold mistake. Those who argue for the importance of imposing nondiscrimination and common carriage rules upon telecommunications providers also, in their eagerness to open up a conversation about the values of free speech in the age of the Internet, pay little attention to this preliminary question. Yet if this question is not resolved, any subsequent analysis of those who facilitate Internet-based telecommunications will necessarily rest on an incoherent and insufficiently considered definition of the speech that is at the heart of First Amendment concerns. This Article analyzes the FCC\u27s proposed nondiscrimination rule with an eye towards whether the rule affects the speech or expressive conduct of broadband providers in a manner that is cognizable for First Amendment purposes. Discussion of the values, free speech theories, policies, investment incentives, and economic and governmental interests underlying the resolution of this claim--values emphasized by the vast majority of parties engaged in the network neutrality debate, at significant cost to the clarity of constitutional elements--are deferred pending the evaluation of this threshold question

Evasive Internet: Reducing Internet Vulnerability through Transient Destination

In the current Internet architecture, traffic is commonly routed to its destination using DNS names that are mapped to IP addresses, yet there are no inherent means for receivers to attribute sources of traffic to senders or for receivers to authorize senders. These deficiencies leave the Internet and its connected hosts vulnerable to a wide range of attacks including denial-of-service and misrepresentation (spoofing, phishing, etc.) which continue to cause material damage. In this mechanism to combat these vulnerabilities by introducing attribution and authorization into the network using a transient addressing scheme to establish attribution through DNS, establish authorization at the host, and enforce authorization and attribution in the network. In this work, I developed and characterized a system for effecting in-network enforcement at the router, and I demonstrate the enforcement is possible on current commodity hardware at sustained throughput rates Ill above common Internet connection rates. The current internet architecture allows hosts to send arbitrary IP packets across a network, which may not reflect valid source address information. IP spoofing and Denial of service attacks are ubiquitous. Filtering techniques are not sufficient enough to counter these attacks. Current Internet design calls for in-network authentication of addresses and attribution of traffic they generate. In this architecture the destination can only be reached through a valid capability. The aim of this dissertation is to implement Evasive Internet Protocol for the end hosts and measure the preliminary performance as compared to current internet protocols

Economic Policy Analysis and the Internet: Coming to Terms with a Telecommunications Anomaly

The significant set of public policy issues for economic analysis that arise from the tensions between the ‘special benefits’ of the Internet as a platform for innovation, and the drawbacks of the “anomalous” features of the Internet viewed as simply one among the array of telecommunications systems, is the focus of discussion in this chapter. Economists concerned with industrial organization and regulation (including antitrust and merger law) initially found new scope for application of their expertise in conventional policy analyses of the Internet’s interactions with other segments of the telecommunications sector (broadcast and cable television, radio and telephone), and emphasized the potential congestion problems posed by user anonymity and flat rate pricing. Policy issues of a more dynamic kind have subsequently come to the fore. These involve classic tradeoffs between greater efficiency and producer and consumer surpluses today, and a potential for more innovation in Web-based products and service in the future. Many such tradeoffs involve choices such as that between policies that would preserve the original ‘end-to-end’ design of the original Internet architecture, and those that would be more encouraging of market-driven deployment of new technologies that afforded ISPs with greater market power the opportunity to offer (and extract greater profits from) restricted-Web services that consumers valued highly, such as secure and private VOIP.public policy, telecommunications, Web-based products, user anonymity

The Beginnings and Prospective Ending of “End-to-End”: An Evolutionary Perspective On the Internet’s Architecture

The technology of “the Internet” is not static. Although its “end-to- end” architecture has made this “connection-less” communications system readily “extensible,” and highly encouraging to innovation both in hardware and software applications, there are strong pressures for engineering changes. Some of these are wanted to support novel transport services (e.g. voice telephony, real-time video); others would address drawbacks that appeared with opening of the Internet to public and commercial traffic - e.g., the difficulties of blocking delivery of offensive content, suppressing malicious actions (e.g. “denial of service” attacks), pricing bandwidth usage to reduce congestion. The expected gains from making “improvements” in the core of the network should be weighed against the loss of the social and economic benefits that derive from the “end-to-end” architectural design. Even where technological “fixes” can be placed at the networks’ edges, the option remains to search for alternative, institutional mechanisms of governing conduct in cyberspace.

Advances in modern botnet understanding and the accurate enumeration of infected hosts

Botnets remain a potent threat due to evolving modern architectures, inadequate remediation methods, and inaccurate measurement techniques. In response, this re- search exposes the architectures and operations of two advanced botnets, techniques to enumerate infected hosts, and pursues the scientific refinement of infected-host enu- meration data by recognizing network structures which distort measurement. This effort is motivated by the desire to reveal botnet behavior and trends for future mit- igation, methods to discover infected hosts for remediation in real time and threat assessment, and the need to reveal the inaccuracy in population size estimation when only counting IP addresses. Following an explanation of theoretical enumeration techniques, the architectures, deployment methodologies, and malicious output for the Storm and Waledac botnets are presented. Several tools developed to enumerate these botnets are then assessed in terms of performance and yield. Finally, this study documents methods that were developed to discover the boundaries and impact of NAT and DHCP blocks in network populations along with a footprint measurement based on relative entropy which better describes how uniformly infections communi- cate through their IP addresses. Population data from the Waledac botnet was used to evaluate these techniqu

Using decoys to block SPIT in the IMS

Includes bibliographical references (leaves 106-111)In recent years, studies have shown that 80-85% of e-mails sent were spam. Another form of spam that has just surfaced is VoIP (Voice over Internet Telephony) spam. Currently, VoIP has seen an increasing numbers of users due to the cheap rates. With the introduction of the IMS (IP Multimedia Subsystem), the number of VoIP users are expected to increase dramatically. This calls for a cause of concern, as the tools and methods that have been used for blocking email spam may not be suitable for real-time voice calls. In addition, VoIP phones will have URI type addresses, so the same methods that were used to generate automated e-mail spam messages can be employed for unsolicited voice calls. Spammers will always be present to take advantage of and adapt to trends in communication technology. Therefore, it is important that IMS have structures in place to alleviate the problems of spam. Recent solutions proposed to block SPIT (Spam over Internet Telephony) have the following shortcomings: restricting the users to trusted senders, causing delays in voice call set-up, reducing the efficiency of the system by increasing burden on proxies which have to do some form of bayesian or statistical filtering, and requiring dramatic changes in the protocols being used. The proposed decoying system for the IMS fits well with the existing protocol structure, and customers are oblivious of its operation

A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

Multi-Dimensional-Personalization in mobile contexts

During the dot com era the word "personalisation” was a hot buzzword. With the fall of the dot com companies the topic has lost momentum. As the killer application for UMTS or the mobile internet has yet to be identified, the concept of Multi-Dimensional-Personalisation (MDP) could be a candidate. Using this approach, a recommendation of mobile advertisement or marketing (i.e., recommendations or notifications), online content, as well as offline events, can be offered to the user based on their known interests and current location. Instead of having to request or pull this information, the new service concept would proactively provide the information and services – with the consequence that the right information or service could therefore be offered at the right place, at the right time. The growing availability of "Location-based Services“ for mobile phones is a new target for the use of personalisation. "Location-based Services“ are information, for example, about restaurants, hotels or shopping malls with offers which are in close range / short distance to the user. The lack of acceptance for such services in the past is based on the fact that early implementations required the user to pull the information from the service provider. A more promising approach is to actively push information to the user. This information must be from interest to the user and has to reach the user at the right time and at the right place. This raises new requirements on personalisation which will go far beyond present requirements. It will reach out from personalisation based only on the interest of the user. Besides the interest, the enhanced personalisation has to cover the location and movement patterns, the usage and the past, present and future schedule of the user. This new personalisation paradigm has to protect the user’s privacy so that an approach supporting anonymous recommendations through an extended "Chinese Wall“ will be described