B@bel: Leveraging Email Delivery for Spam Mitigation
نویسندگان
چکیده
Traditional spam detection systems either rely on content analysis to detect spam emails, or attempt to detect spammers before they send a message, (i.e., they rely on the origin of the message). In this paper, we introduce a third approach: we present a system for filtering spam that takes into account how messages are sent by spammers. More precisely, we focus on the email delivery mechanism, and analyze the communication at the SMTP protocol level. We introduce two complementary techniques as concrete instances of our new approach. First, we leverage the insight that different mail clients (and bots) implement the SMTP protocol in slightly different ways. We automatically learn these SMTP dialects and use them to detect bots during an SMTP transaction. Empirical results demonstrate that this technique is successful in identifying (and rejecting) bots that attempt to send emails. Second, we observe that spammers also take into account server feedback (for example to detect and remove non-existent recipients from email address lists). We can take advantage of this observation by returning fake information, thereby poisoning the server feedback on which the spammers rely. The results of our experiments show that by sending misleading information to a spammer, it is possible to prevent recipients from receiving subsequent spam emails from that same spammer.
منابع مشابه
Introducing Social Trust to Collaborative Spam Mitigation
We propose SocialFilter, a trust-aware collaborative spam mitigation system. SocialFilter enables nodes with no email classification functionality to query the network on whether a host is a spammer. It employs Sybil-resilient trust inference to weigh the reports concerning spamming hosts that collaborating spam-detecting nodes (reporters) submit to the system. It weighs the spam reports accord...
متن کاملSocialFilter: Collaborative Spam Mitigation using Social Networks
Spam mitigation can be broadly classified into two main approaches: a) centralized security infrastructures that rely on a limited number of trusted monitors to detect and report malicious traffic; and b) highly distributed systems that leverage the experiences of multiple nodes within distinct trust domains. The first approach offers limited threat coverage and slow response times, and it is o...
متن کاملiSATS: Leveraging Identity based Sender Authentication for Spam Mitigation
A vast majority of spam emails today are sent from botnets with forged sender addresses. This has attracted researchers over the years to develop email sender authentication mechanism as a promising way to verify identity of the senders. In this paper we introduce iSATS, a new email sender authentication system based on Identity-based public key cryptography. iSATS leverages an identity based s...
متن کاملFaceTrust: Collaborative Threat Mitigation Using Social Networks
Unwanted traffic mitigation can be broadly classified into two main approaches: a) centralized security infrastructures that rely on a limited number of trusted monitors to detect and report malicious traffic; and b) highly distributed systems that leverage the experiences of multiple nodes within distinct trust domains. The first approach offers limited threat coverage and slow response times....
متن کاملThe Spammer, the Botmaster, and the Researcher: on the Arms Race in Spamming Botnet Mitigation - Major Area Exam
Spam, or Unsolicited Bulk Email, is a big problem in nowadays internet. Recent studies report that spam accounts for more than 90% of the worldwide email traffic [40]. Spam is not only annoying for users, who receive content they did not request, but is also a burden for the whole email delivery infrastructure, that needs to keep delivering legitimate emails with a short delays, but also make s...
متن کامل