278 research outputs found
Using Spammers\u27 Computing Resources for Volunteer Computing
Spammers are continually looking to circumvent counter-measures seeking to slow them down. An immense amount of time and money is currently devoted to hiding spam, but not enough is devoted to effectively preventing it. One approach for preventing spam is to force the spammer\u27s machine to solve a computational problem of varying difficulty before granting access. The idea is that suspicious or problematic requests are given difficult problems to solve while legitimate requests are allowed through with minimal computation. Unfortunately, most systems that employ this model waste the computing resources being used, as they are directed towards solving cryptographic problems that provide no societal benefit. While systems such as reCAPTCHA and FoldIt have allowed users to contribute solutions to useful problems interactively, an analogous solution for non-interactive proof-of-work does not exist. Towards this end, this paper describes MetaCAPTCHA and reBOINC, an infrastructure for supporting useful proof-of-work that is integrated into a web spam throttling service. The infrastructure dynamically issues CAPTCHAs and proof-of-work puzzles while ensuring that malicious users solve challenging puzzles. Additionally, it provides a framework that enables the computational resources of spammers to be redirected towards meaningful research. To validate the efficacy of our approach, prototype implementations based on OpenCV and BOINC are described that demonstrate the ability to harvest spammer\u27s resources for beneficial purposes
An approach to preventing spam using Access Codes with a combination of anti-spam mechanisms
Spam is becoming a more and more severe problem for individuals, networks,
organisations and businesses. The losses caused by spam are billions of dollars every
year. Research shows that spam contributes more than 80% of e-mails with an increased
in its growth rate every year. Spam is not limited to emails; it has started affecting other
technologies like VoIP, cellular and traditional telephony, and instant messaging services.
None of the approaches (including legislative, collaborative, social awareness and
technological) separately or in combination with other approaches, can prevent sufficient
of the spam to be deemed a solution to the spam problem.
The severity of the spam problem and the limitations of the state-of-the-Art solutions
create a strong need for an efficient anti-spam mechanism that can prevent significant
volumes of spam without showing any false positives. This can be achieved by an
efficient anti-spam mechanism such as the proposed anti-spam mechanism known as
"Spam Prevention using Access Codes", SPAC. SPAC targets spam from two angles i.e.
to prevent/block spam and to discourage spammers by making the infrastructure
environment very unpleasant for them.
In addition to the idea of Access Codes, SPAC combines the ideas behind some of the
key current technological anti-spam measures to increase effectiveness. The difference in
this work is that SPAC uses those ideas effectively and combines them in a unique way
which enables SPAC to acquire the good features of a number of technological anti-spam
approaches without showing any of the drawbacks of these approaches. Sybil attacks,
Dictionary attacks and address spoofing have no impact on the performance of SPAC. In
fact SPAC functions in a similar way (i.e. as for unknown persons) for these sorts of
attacks.
An application known as the "SPAC application" has been developed to test the
performance of the SPAC mechanism. The results obtained from various tests on the
SPAC application show that SPAC has a clear edge over the existing anti-spam
technological approaches
Library Blogs and User Participation: A Survey about Comment Spam in Library Blogs
The purpose of this research is to identify and describe the impact of comment spam in library blogs. Three research questions guided the study: current level of commenting in library blogs; librarians' perception of comment spam; and techniques used to address the comment spam problem
Definition of Spam 2.0: New Spamming Boom
The most widely recognized form of spam is e-mail spam, however the term âspamâ is used to describe similarabuses in other media and mediums. Spam 2.0 (or Web 2.0 Spam) is refereed to as spam content that is hosted on online Web 2.0 applications. In this paper: we provide a definition of Spam 2.0, identify and explain different entities within Spam 2.0, discuss new difficulties associated with Spam 2.0, outline its significance, and list possible countermeasure. The aim of this paper is to provide the reader with a complete understanding of this new form of spamming
Foundations, Properties, and Security Applications of Puzzles: A Survey
Cryptographic algorithms have been used not only to create robust ciphertexts
but also to generate cryptograms that, contrary to the classic goal of
cryptography, are meant to be broken. These cryptograms, generally called
puzzles, require the use of a certain amount of resources to be solved, hence
introducing a cost that is often regarded as a time delay---though it could
involve other metrics as well, such as bandwidth. These powerful features have
made puzzles the core of many security protocols, acquiring increasing
importance in the IT security landscape. The concept of a puzzle has
subsequently been extended to other types of schemes that do not use
cryptographic functions, such as CAPTCHAs, which are used to discriminate
humans from machines. Overall, puzzles have experienced a renewed interest with
the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In
this paper, we provide a comprehensive study of the most important puzzle
construction schemes available in the literature, categorizing them according
to several attributes, such as resource type, verification type, and
applications. We have redefined the term puzzle by collecting and integrating
the scattered notions used in different works, to cover all the existing
applications. Moreover, we provide an overview of the possible applications,
identifying key requirements and different design approaches. Finally, we
highlight the features and limitations of each approach, providing a useful
guide for the future development of new puzzle schemes.Comment: This article has been accepted for publication in ACM Computing
Survey
AN INTEGRATED SYSTEM FOR DETECTION AND IDENTIFICATION OF SPAMBOT WITH ACTION SESSION AND LENGTH FREQUENCY
We propose an integrated system for detection and identification of spambot with action session and length frequency basedon the notion of control-flow graph, which models interactions of the end-userâs machine and browser with the Web site,and assists a lot in detecting possible anomalies. Userâs interaction with the web is premised on Document Object Model(DOM) Events since the DOM forms a representation of the Web page which shows acceptance of asynchronous input fromthe user. The DOM is a platform-independent, event-driven interface which accepts input from the user and allows programsand scripts to access and update the content of the page. Proof of concept will be established by deploying the DOMantiSpambot as an add-on for Mozilla Firefox using JavaScript.Keywords: Antispam, DOM, detection, frequency, Action Session, Browsers and Web
BlogForever: D2.5 Weblog Spam Filtering Report and Associated Methodology
This report is written as a first attempt to define the BlogForever spam detection strategy. It comprises a survey of weblog spam technology and approaches to their detection. While the report was written to help identify possible approaches to spam detection as a component within the BlogForver software, the discussion has been extended to include observations related to the historical, social and practical value of spam, and proposals of other ways of dealing with spam within the repository without necessarily removing them. It contains a general overview of spam types, ready-made anti-spam APIs available for weblogs, possible methods that have been suggested for preventing the introduction of spam into a blog, and research related to spam focusing on those that appear in the weblog context, concluding in a proposal for a spam detection workflow that might form the basis for the spam detection component of the BlogForever software
Addressing the new generation of spam (Spam 2.0) through Web usage models
New Internet collaborative media introduce new ways of communicating that are not immune to abuse. A fake eye-catching profile in social networking websites, a promotional review, a response to a thread in online forums with unsolicited content or a manipulated Wiki page, are examples of new the generation of spam on the web, referred to as Web 2.0 Spam or Spam 2.0. Spam 2.0 is defined as the propagation of unsolicited, anonymous, mass content to infiltrate legitimate Web 2.0 applications.The current literature does not address Spam 2.0 in depth and the outcome of efforts to date are inadequate. The aim of this research is to formalise a definition for Spam 2.0 and provide Spam 2.0 filtering solutions. Early-detection, extendibility, robustness and adaptability are key factors in the design of the proposed method.This dissertation provides a comprehensive survey of the state-of-the-art web spam and Spam 2.0 filtering methods to highlight the unresolved issues and open problems, while at the same time effectively capturing the knowledge in the domain of spam filtering.This dissertation proposes three solutions in the area of Spam 2.0 filtering including: (1) characterising and profiling Spam 2.0, (2) Early-Detection based Spam 2.0 Filtering (EDSF) approach, and (3) On-the-Fly Spam 2.0 Filtering (OFSF) approach. All the proposed solutions are tested against real-world datasets and their performance is compared with that of existing Spam 2.0 filtering methods.This work has coined the term âSpam 2.0â, provided insight into the nature of Spam 2.0, and proposed filtering mechanisms to address this new and rapidly evolving problem
- âŠ