1,293 research outputs found
Escalating The War On SPAM Through Practical POW Exchange
Proof-of-work (POW) schemes have been proposed in the past. One prominent
system is HASHCASH (Back, 2002) which uses cryptographic puzzles . However,
work by Laurie and Clayton (2004) has shown that for a uniform proof-of-work
scheme on email to have an impact on SPAM, it would also be onerous enough to
impact on senders of "legitimate" email. I suggest that a non-uniform
proof-of-work scheme on email may be a solution to this problem, and describe a
framework that has the potential to limit SPAM, without unduly penalising
legitimate senders, and is constructed using only current SPAM filter
technology, and a small change to the SMTP (Simple Mail Transfer Protocol).
Specifically, I argue that it is possible to make sending SPAM 1,000 times more
expensive than sending "legitimate" email (so called HAM). Also, unlike the
system proposed by Debin Liu and Jean Camp (2006), it does not require the
complications of maintaining a reputation system.Comment: To be presented at the IEEE Conference On Networking, Adelaide,
Australia, November 19-21, 200
System Analysis of SPAM
Increasing reliance on the electronic mail (e-mail) has attracted spammers to send more and more spam e-mails in order to maximizing their financial gains. These unwanted e-mails are not only clogging the Internet traffic but are also causing storage problems at the receiving servers. Besides these, spam e-mails also serve as a vehicle to a variety of online crimes and abuses. Although several anti-spam procedures are currently employed to distinguish spam e-mails from the legitimate e-mails yet spammers and phishes obfuscate their e-mail content to circumvent anti-spam procedures. Efficiency of anti-spam procedures to combat spam entry into the system greatly depend on their level of operation and a clear insight of various possible modes of spamming. In this paper we investigate directed graph model of Internet e-mail infrastructure and spamming modes used by spammers to inject spam into the system. The paper outlines the routes, system components, devices and protocols exploited by each spamming mode
GridEmail: A Case for Economically Regulated Internet-based Interpersonal Communications
Email has emerged as a dominant form of electronic communication between
people. Spam is a major problem for email users, with estimates of up to 56% of
email falling into that category. Control of Spam is being attempted with
technical and legislative methods. In this paper we look at email and spam from
a supply-demand perspective. We propose Gridemail, an email system based on an
economy of communicating parties, where participants? motivations are
represented as pricing policies and profiles. This system is expected to help
people regulate their personal communications to suit their conditions, and
help in removing unwanted messages.Comment: 15 pages, 10 figures, A Technical Report from Grid Computing and
Distributed Systems Laboratory, University of Melbourne, Australi
KeyForge: Mitigating Email Breaches with Forward-Forgeable Signatures
Email breaches are commonplace, and they expose a wealth of personal,
business, and political data that may have devastating consequences. The
current email system allows any attacker who gains access to your email to
prove the authenticity of the stolen messages to third parties -- a property
arising from a necessary anti-spam / anti-spoofing protocol called DKIM. This
exacerbates the problem of email breaches by greatly increasing the potential
for attackers to damage the users' reputation, blackmail them, or sell the
stolen information to third parties.
In this paper, we introduce "non-attributable email", which guarantees that a
wide class of adversaries are unable to convince any third party of the
authenticity of stolen emails. We formally define non-attributability, and
present two practical system proposals -- KeyForge and TimeForge -- that
provably achieve non-attributability while maintaining the important protection
against spam and spoofing that is currently provided by DKIM. Moreover, we
implement KeyForge and demonstrate that that scheme is practical, achieving
competitive verification and signing speed while also requiring 42% less
bandwidth per email than RSA2048
A security analysis of email communications
The objective of this report is to analyse the security and privacy risks of email communications and identify
technical countermeasures capable of mitigating them effectively. In order to do so, the report analyses from a
technical point of view the core set of communication protocols and standards that support email
communications in order to identify and understand the existing security and privacy vulnerabilities. On the basis
of this analysis, the report identifies and analyses technical countermeasures, in the form of newer standards,
protocols and tools, aimed at ensuring a better protection of the security and privacy of email communications.
The practical implementation of each countermeasure is evaluated in order to understand its limitations and
identify potential technical and organisational constrains that could limit its effectiveness in practice. The outcome
of the above mentioned analysis is a set of recommendations regarding technical and organisational measures that
when combined properly have the potential of more effectively mitigating the privacy and security risks of today's
email communications.JRC.G.6-Digital Citizen Securit
Clustering and classification methods for spam analysis
Spam emails are a major tool for criminals to distribute malware, conduct fraudulent activity, sell counterfeit products, etc. Thus, security companies are interested in researching spam. Unfortunately, due to the spammers' detection-avoidance techniques, most of the existing tools for spam analysis are not able to provide accurate information about spam campaigns. Moreover, they are not able to link together campaigns initiated by the same sender.
F-Secure, a cybersecurity company, collects vast amounts of spam for analysis. The threat intelligence collection from these messages currently involves a lot of manual work. In this thesis we apply state-of-the-art data-analysis techniques to increase the level of automation in the analysis process, thus enabling the human experts to focus on high-level information such as campaigns and actors.
The thesis discusses a novel method of spam analysis in which email messages are clustered by different characteristics and the clusters are presented as a graph. The graph representation allows the analyst to see evolving campaigns and even connections between related messages which themselves have no features in common. This makes our analysis tool more powerful than previous methods that simply cluster emails to sets.
We implemented a proof of concept version of the analysis tool to evaluate the usefulness of the approach. Experiments show that the graph representation and clustering by different features makes it possible to link together large and complex spam campaigns that were previously not detected. The tools also found evidence that different campaigns were likely to be organized by the same spammer. The results indicate that the graph-based approach is able to extract new, useful information about spam campaigns
Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy
The critical role played by email has led to a range of extension protocols (e.g., SPF, DKIM, DMARC) designed to protect against the spoofing of email sender domains. These protocols are complex as is, but are further complicated by automated email forwarding — used by individual users to manage multiple accounts and by mailing lists to redistribute messages. In this paper, we explore how such email forwarding and its implementations can break the implicit assumptions in widely deployed anti-spoofing protocols. Using large-scale empirical measurements of 20 email forwarding services (16 leading email providers and four popular mailing list services), we identify a range of security issues rooted in forwarding behavior and show how they can be combined to reliably evade existing anti-spoofing controls. We further show how these issues allow attackers to not only deliver spoofed email messages to prominent email providers (e.g., Gmail, Microsoft Outlook, and Zoho), but also reliably spoof email on behalf of tens of thousands of popular domains including sensitive domains used by organizations in government (e.g., state.gov), finance (e.g., transunion.com), law (e.g., perkinscoie.com)and news (e.g., washingtonpost.com) among others
Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy
The critical role played by email has led to a range of extension protocols
(e.g., SPF, DKIM, DMARC) designed to protect against the spoofing of email
sender domains. These protocols are complex as is, but are further complicated
by automated email forwarding -- used by individual users to manage multiple
accounts and by mailing lists to redistribute messages. In this paper, we
explore how such email forwarding and its implementations can break the
implicit assumptions in widely deployed anti-spoofing protocols. Using
large-scale empirical measurements of 20 email forwarding services (16 leading
email providers and four popular mailing list services), we identify a range of
security issues rooted in forwarding behavior and show how they can be combined
to reliably evade existing anti-spoofing controls. We show how this allows
attackers to not only deliver spoofed email messages to prominent email
providers (e.g., Gmail, Microsoft Outlook, and Zoho), but also reliably spoof
email on behalf of tens of thousands of popular domains including sensitive
domains used by organizations in government (e.g., state.gov), finance (e.g.,
transunion.com), law (e.g., perkinscoie.com) and news (e.g.,
washingtonpost.com) among others
- …