A Trust Overlay Architecture and Protocol for Enhanced Protection against Spam

The effectiveness of current anti-spam systems is limited by the ability of spammers to adapt to new filtering techniques and the lack of incentive for mail domains to filter outgoing spam. This paper describes a new approach to spam protection based on distributed trust management. This is motivated by the fact that the SMTP mail infrastructure is managed in a distributed way by a community of mail domain administrators. A trust overlay architecture and a new protocol are presented. The TOPAS protocol specifies how experiences and recommendations are communicated between a spam filter at each mail domain and its associated trust manager, and between trust managers of different mail servers. A technique for improving mail filtering using these trust measures is also described. Initial simulations indicate the potential of this approach to improve rates of false positives and false negatives in anti-spam systems

System and Methods for Detecting Unwanted Voice Calls

Voice over IP (VoIP) is a key enabling technology for the migration of circuit-switched PSTN architectures to packet-based IP networks. However, this migration is successful only if the present problems in IP networks are addressed before deploying VoIP infrastructure on a large scale. One of the important issues that the present VoIP networks face is the problem of unwanted calls commonly referred to as SPIT (spam over Internet telephony). Mostly, these SPIT calls are from unknown callers who broadcast unwanted calls. There may be unwanted calls from legitimate and known people too. In this case, the unwantedness depends on social proximity of the communicating parties. For detecting these unwanted calls, I propose a framework that analyzes incoming calls for unwanted behavior. The framework includes a VoIP spam detector (VSD) that analyzes incoming VoIP calls for spam behavior using trust and reputation techniques. The framework also includes a nuisance detector (ND) that proactively infers the nuisance (or reluctance of the end user) to receive incoming calls. This inference is based on past mutual behavior between the calling and the called party (i.e., caller and callee), the callee's presence (mood or state of mind) and tolerance in receiving voice calls from the caller, and the social closeness between the caller and the callee. The VSD and ND learn the behavior of callers over time and estimate the possibility of the call to be unwanted based on predetermined thresholds configured by the callee (or the filter administrators). These threshold values have to be automatically updated for integrating dynamic behavioral changes of the communicating parties. For updating these threshold values, I propose an automatic calibration mechanism using receiver operating characteristics curves (ROC). The VSD and ND use this mechanism for dynamically updating thresholds for optimizing their accuracy of detection. In addition to unwanted calls to the callees in a VoIP network, there can be unwanted traffic coming into a VoIP network that attempts to compromise VoIP network devices. Intelligent hackers can create malicious VoIP traffic for disrupting network activities. Hence, there is a need to frequently monitor the risk levels of critical network infrastructure. Towards realizing this objective, I describe a network level risk management mechanism that prioritizes resources in a VoIP network. The prioritization scheme involves an adaptive re-computation model of risk levels using attack graphs and Bayesian inference techniques. All the above techniques collectively account for a domain-level VoIP security solution

Combating Spam with TEA

Abstract — It has been observed that the underlying reasons for the continuing growth of the “spam ” problem are a lack of reliable sender authentication and the near-zero cost of sending huge volumes of marketing material worldwide, via email. Previous attempts to address these problems either change the fundamental properties of email, reducing its usefulness to legitimate senders, or require an infeasible move to new system architectures. In this paper we present two new techniques for increasing the level of sender authentication for legacy-system plain text email addresses. We then show how these Trustworthy Email Addresses (TEA) can be used in conjunction with a trust and risk-based security framework as an effective anti-spam tool. Our prototype Java implementation is then evaluated in the context of a spammer threat model with an economic analysis of the viability of each threat. Index Terms — email spam, computational trust engine, security cost/benefit analysis, anti-spoofin