On the use of Locality for Improving SVM-Based Spam Filtering

Recent growths in the use of email for communication and the corresponding growths in the volume of email received have made automatic processing of emails desirable. In tandem is the prevailing problem of Advance Fee fraud E-mails that pervades inboxes globally. These genres of e-mails solicit for financial transactions and funds transfers from unsuspecting users. Most modern mail-reading software packages provide some forms of programmable automatic filtering, typically in the form of sets of rules that file or otherwise dispose mails based on keywords detected in the headers or message body. Unfortunately programming these filters is an arcane and sometimes inefficient process. An adaptive mail system which can learn its users’ mail sorting preferences would therefore be more desirable. Premised on the work of Blanzieri & Bryl (2007), we proposes a framework dedicated to the phenomenon of locality in email data analysis of advance fee fraud e-mails which engages Support Vector Machines (SVM) classifier for building local decision rules into the classification process of the spam filter design for this genre of e-mails

KeyForge: Mitigating Email Breaches with Forward-Forgeable Signatures

Email breaches are commonplace, and they expose a wealth of personal, business, and political data that may have devastating consequences. The current email system allows any attacker who gains access to your email to prove the authenticity of the stolen messages to third parties -- a property arising from a necessary anti-spam / anti-spoofing protocol called DKIM. This exacerbates the problem of email breaches by greatly increasing the potential for attackers to damage the users' reputation, blackmail them, or sell the stolen information to third parties. In this paper, we introduce "non-attributable email", which guarantees that a wide class of adversaries are unable to convince any third party of the authenticity of stolen emails. We formally define non-attributability, and present two practical system proposals -- KeyForge and TimeForge -- that provably achieve non-attributability while maintaining the important protection against spam and spoofing that is currently provided by DKIM. Moreover, we implement KeyForge and demonstrate that that scheme is practical, achieving competitive verification and signing speed while also requiring 42% less bandwidth per email than RSA2048

Towards secure message systems

Message systems, which transfer information from sender to recipient via communication networks, are indispensable to our modern society. The enormous user base of message systems and their critical role in information delivery make it the top priority to secure message systems. This dissertation focuses on securing the two most representative and dominant messages systems---e-mail and instant messaging (IM)---from two complementary aspects: defending against unwanted messages and ensuring reliable delivery of wanted messages.;To curtail unwanted messages and protect e-mail and instant messaging users, this dissertation proposes two mechanisms DBSpam and HoneyIM, which can effectively thwart e-mail spam laundering and foil malicious instant message spreading, respectively. DBSpam exploits the distinct characteristics of connection correlation and packet symmetry embedded in the behavior of spam laundering and utilizes a simple statistical method, Sequential Probability Ratio Test, to detect and break spam laundering activities inside a customer network in a timely manner. The experimental results demonstrate that DBSpam is effective in quickly and accurately capturing and suppressing e-mail spam laundering activities and is capable of coping with high speed network traffic. HoneyIM leverages the inherent characteristic of spreading of IM malware and applies the honey-pot technology to the detection of malicious instant messages. More specifically, HoneyIM uses decoy accounts in normal users\u27 contact lists as honey-pots to capture malicious messages sent by IM malware and suppresses the spread of malicious instant messages by performing network-wide blocking. The efficacy of HoneyIM has been validated through both simulations and real experiments.;To improve e-mail reliability, that is, prevent losses of wanted e-mail, this dissertation proposes a collaboration-based autonomous e-mail reputation system called CARE. CARE introduces inter-domain collaboration without central authority or third party and enables each e-mail service provider to independently build its reputation database, including frequently contacted and unacquainted sending domains, based on the local e-mail history and the information exchanged with other collaborating domains. The effectiveness of CARE on improving e-mail reliability has been validated through a number of experiments, including a comparison of two large e-mail log traces from two universities, a real experiment of DNS snooping on more than 36,000 domains, and extensive simulation experiments in a large-scale environment

Promoting global Internet freedom: policy and technology

This report provides information about US government and private sector efforts to promote and support global Internet freedom and a description of Internet freedom legislation and hearings from the 112th Congress. Modern communication tools such as the Internet provide a relatively inexpensive, accessible, easy-entry means of sharing ideas, information, and pictures around the world. In a political and human rights context, in closed societies when the more established, formal news media is denied access to or does not report on specified news events, the Internet has become an alternative source of media, and sometimes a means to organize politically. The openness and the freedom of expression allowed through social networking sites, as well as the blogs, video sharing sites, and other tools of today’s communications technology, have proven to be an unprecedented and often disruptive force in some closed societies. Governments that seek to maintain their authority and control the ideas and information their citizens receive are often caught in a dilemma: they feel that they need access to the Internet to participate in commerce in the global market and for economic growth and technological development, but fear that allowing open access to the Internet potentially weakens their control over their citizens. Internet freedom can be promoted in two ways, through legislation that mandates or prohibits certain activities, or through industry self regulation. Current legislation under consideration by Congress, the Global Online Freedom Act of 2011 (H.R. 3605), would prohibit or require reporting of the sale of Internet technologies and provision of Internet services to “Internetrestricting countries” (as determined by the State Department). Some believe, however, that technology can offer a complementary and, in some cases, better and more easily implemented solution to ensuring Internet freedom. They argue that hardware and Internet services, in and of themselves, are neutral elements of the Internet; it is how they are implemented by various countries that is repressive. Also, Internet services are often tailored for deployment to specific countries; however, such tailoring is done to bring the company in line with the laws of that country, not with the intention of allowing the country to repress and censor its citizenry. In many cases, that tailoring would not raise many questions about free speech and political repression. This report provides information about federal and private sector efforts to promote and support global Internet freedom and a description of Internet freedom legislation and hearings from the 112th Congress. Three appendixes suggest further reading on this topic and describe censorship and circumvention technologies

Design and Evaluation of a Bayesian-filter-based Image Spam Filtering Method

In recent years, with the spread of the Internet, the number of spam e-mail has become one of the most serious problems. A recent report reveals that 91% of all e-mail exchanged in 2006 was spam. Using the Bayesian filter is a popular approach to distinguish between spam and legitimate e-mails. It applies the Bayes theory to identify spam. This filter proffers high filtering precision and is capable of detecting spam as per personal preferences. However, the number of image spam, which contains the spam message as an image, has been increasing rapidly. The Bayesian filter is not capable of distinguishing between image spam and legitimate e-mails since it learns from and examines only text data. Therefore, in this study, we propose an anti- image spam technique that uses image information such as file size. This technique can be easily implemented on the existing Bayesian filter. In addition, we report the results of the evaluations of this technique

Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy

Most of the actions that fall under the trilogy of cyber crime, terrorism,and war exploit pre-existing weaknesses in the underlying technology.Because these vulnerabilities that exist in the network are not themselvesillegal, they tend to be overlooked in the debate on cyber security. A UKreport on the cost of cyber crime illustrates this approach. Its authors chose to exclude from their analysis the costs in anticipation of cyber crime, such as insurance costs and the costs of purchasing anti-virus software on the basis that "these are likely to be factored into normal day-to-day expenditures for the Government, businesses, and individuals. This article contends if these costs had been quantified and integrated into the cost of cyber crime, then the analysis would have revealed that what matters is not so much cyber crime, but the fertile terrain of vulnerabilities that unleash a range of possibilities to whomever wishes to exploit them. By downplaying the vulnerabilities, the threats represented by cyber war, cyber terrorism, and cyber crime are conversely inflated. Therefore, reassessing risk as a strategy for security in cyberspace must include acknowledgment of understated vulnerabilities, as well as a better distributed knowledge about the nature and character of the overhyped threats of cyber crime, cyber terrorism, and cyber war

Achieve Secure Handover Session Key Management via Mobile Relay in LTE-Advanced Networks

Internet of Things is increasing the network by group action immense quantity of close objects which needs the secure and reliable transmission of the high volume knowledge generation, and also the mobile relay technique is one among the economical ways in which to satisfy the on-board knowledge explosion in LTE-Advanced (LTE-A) networks. However, the observe of the mobile relay can cause potential threats to the knowledge security throughout the relinquishing method. Therefore, to handle this challenge, during this paper, we have a tendency to propose a secure relinquishing session key management theme via mobile relay in LTE-A networks. Specifically, within the planned theme, to realize forward and backward key separations, the session key shared between the on-board user instrumentality (UE) and also the connected donor evolved node B (DeNB) is initial generated by the on-board UE then firmly distributed to the DeNB. moreover, to cut back the communication overhead and also the process complexness, a unique proxy re-encryption technique is used, wherever the session keys at the start encrypted with the general public key of the quality management entity (MME) are going to be re-encrypted by a mobile relay node (MRN), so alternative DeNB will later rewrite the session keys with their own non-public keys whereas while not the direct involvement of the MME. elaborated security analysis shows that the planned theme will with success establish session keys between the on-board UEs and their connected DeNB, achieving backward and forward key separations, and resisting against the collusion between the MRN and also the DeNB because the same time. Additionally, performance evaluations via in depth simulations area unit applied to demonstrate the potency and effectiveness of the planned theme