Spam and Anti-spam - Sudipta Bhattacharya


Published on

Published in: Technology, News & Politics
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Spam and Anti-spam - Sudipta Bhattacharya

  1. 1. SPAMS & ANTI SPAMS <ul><li>A PRESENTATION BY </li></ul><ul><li>SUDIPTA BHATTACHARYA </li></ul><ul><li>B-TECH(III) EXAMINATION,2008 </li></ul><ul><li>ROLL-91/CSE/ NO-060022 </li></ul>
  2. 2. AGENDA <ul><li>Spam definition </li></ul><ul><li>Origin </li></ul><ul><li>Classification </li></ul><ul><li>Cost </li></ul><ul><li>How spammers earns money </li></ul><ul><li>Spam sending techniques </li></ul><ul><li>Ill effects </li></ul><ul><li>Antispam techniques </li></ul><ul><li>Conclusion </li></ul>
  3. 3. SPAMDEFINITION & ORIGIN <ul><li>Definition: </li></ul><ul><li>Spam also called junk email or bulk email can be defined as unsolicited e-mail, often of a commercial nature, sent indiscriminately to multiple mailing lists, individuals, or newsgroups. The intention is to frustrate the receiver and also to income money. </li></ul><ul><li>Origin: </li></ul><ul><li>Due to the international nature of spam, the spammer, the hijacked spam-sending computer, the spamvertised server, and the user target of the spam are all often located in different countries. </li></ul>
  4. 4. CLASSIFICATION(W.R.T MEDIA) <ul><li>Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: </li></ul><ul><li>(1)Usenet newwsgroup spam </li></ul><ul><li>(2)Chat spams </li></ul><ul><li>(3)Search engine spam e.t.c </li></ul>
  5. 5. CLASSIFICATION <ul><li>E-MAIL SPAM: </li></ul><ul><li>E-mail spam, also known as unsolicited bulk email (UBE) or unsolicited commercial email (UCE), is the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients.Email spam targets individual users with direct mail messages. Email spam lists are often created by scanning Usenet postings , stealing Internet mailing lists, or searching the Web for addresses. </li></ul>
  6. 6. CLASSIFICATION <ul><li>USENET NEWSGROUP SPAM: </li></ul><ul><li>Usenet (a contraction of user network), is a world-wide distributed Internet discussion system. It was conceived by Duke University graduate students Tom Truscott and Ji Ellis in 1979. Users read and post public messages (called articles or posts, and collectively termed news) to one or more categories, known as newsgroup . Newsgroup spam is a type of spam where the targets are Usenet newsgroups. </li></ul>
  7. 7. CLASSIFICATION <ul><li>CHAT SPAMS: </li></ul><ul><li>can occur in any live chat environment like IRC and in-game multiplayer chat of online games, and in any other form of chat the masses are able to view. It consists of repeating the same word or sentence many times to get attention or to interfere with normal operations </li></ul><ul><li>WEB SEARCH ENGINE SPAM: </li></ul><ul><li>Spamdexing ( spamming and indexing ) refers to the practice on the World Wide Web of modifying HTML pages to increase the chances of them being placed high on search engine relevancy lists. </li></ul>
  8. 8. OTHER SPAMS <ul><li>Image spam </li></ul><ul><li>Image spam is an obfuscating method in which the text of the message is stored as a GIF or JPEG image and displayed in the email. Often, image spam contains nonsensical, computer-generated text which simply annoys the reader. </li></ul><ul><li>Blank spam </li></ul><ul><li>Blank spam is spam lacking a payload advertisement. Often the message body is missing altogether, as well as the subject line. Still, it fits the definition of spam because of its nature as bulk and unsolicited email.Blank spam may be originated in different ways, either intentional or unintentionally: </li></ul>
  9. 9. COST OF SPAM <ul><li>Spam is the curse of the Internet. </li></ul><ul><li>It clogs inboxes </li></ul><ul><li>Crashes servers </li></ul><ul><li>Wastes time and money </li></ul><ul><li>Loss of productivity and is an abuse of privacy. </li></ul>
  10. 10. HOW SPAMMERS EARNS MONEY: <ul><li>Some spammers have a business model that lets them make money as long as people simply visit their website. We don't need to sign up for a spammer's online site, for example, because just visiting their publicly available website will be enough to ensure that the spammer gets advertising revenue from banner ads displayed on those pages. </li></ul>
  11. 11. HOW SPAMMERS SEND SPAMS <ul><li>Gathering of Email address </li></ul><ul><li>this is called email address harvesting .A large set of email addresses are collected without the consent of the address owner. </li></ul><ul><li>Delivering spam messages </li></ul><ul><li>this can be done using the following alternatives </li></ul><ul><li>(1)Using web mail services </li></ul><ul><li>(2)Using other peoples computer </li></ul><ul><li>(3)Open relays </li></ul><ul><li>(4)Open proxies </li></ul>
  12. 12. ILL EFFECTS OF SPAM <ul><li>The ocean of spam problem </li></ul><ul><li>Spams are growing larger in size. Our mailbox will not be able to accommodate real mails </li></ul><ul><li>Deception and fraud </li></ul><ul><li>Spammers often use false names, addresses, phone numbers, and other contact information to set up &quot;disposable&quot; accounts at various Internet service providers. </li></ul><ul><li>Theft of service </li></ul><ul><li>SMTP often being compromised by spammers. </li></ul><ul><li>It might be illegal </li></ul>
  13. 13. ANTISPAM TECHNIQUES <ul><li>Actions by individual </li></ul><ul><li>Automated by email administrator </li></ul><ul><li>Automated by senders </li></ul><ul><li>Employed by researches and law enforcement </li></ul>
  14. 14. ACTIONS BY INDIVIDUAL: <ul><li>Detecting spam </li></ul><ul><li>Detecting spam based on the content of the e-mail, either by detecting keywords such or by statistical means, is very popular </li></ul><ul><li>End user techniques </li></ul><ul><li>There are a number of techniques that individuals can use to restrict the availability of their e-mail addresses, reducing or preventing their attractiveness to spam. </li></ul><ul><li>(1)Address munging </li></ul><ul><li>(2)Avoid responding to spam </li></ul><ul><li>(3)Disabling HTML in email </li></ul><ul><li>(4)Spamming the spammers etc. </li></ul>
  15. 15. AUTOMATED BY EMAIL ADMINISTRATORS <ul><li>There are a number of appliances, services and software systems that e-mail administrators can use to reduce the load of spam on their systems and mailboxes. </li></ul><ul><li>Some of these depend upon rejecting email from Internet sites known or likely to send spam. This technique is called BLOCKING. </li></ul><ul><li>Others rely on automatically analyzing the content of email messages and weeding out those which resemble spam. This is called FILTERING. </li></ul>
  16. 16. AUTOMATED TECHNIQUES BY EMAIL ADMINISTRATORS <ul><li>Authentication and reputation. </li></ul><ul><li>Challenge response systems. </li></ul><ul><li>Checksum based filtering </li></ul><ul><li>Country based filtering. </li></ul><ul><li>Hybrid filtering. </li></ul><ul><li>Rule based filtering. </li></ul><ul><li>Statistical filtering. </li></ul><ul><li>Enforcing RFC standard. </li></ul>
  17. 17. AUTOMATED BY EMAIL SENDORS <ul><li>There are a variety of techniques that e-mail senders use to try to make sure that they do not send spam. </li></ul><ul><li>Techniques : </li></ul><ul><li>Background check on new customer or user </li></ul><ul><li>Since spammers are frequently kicked off the network, they are constantly trying to create new accounts. As a result, manISPs and web –email providers try to verify the credit cards are not stolen before accepting new customers </li></ul><ul><li>Confirmed opt in for mailing list: </li></ul><ul><li>If a user wants to be a subscriber of a product in the mailing list then the latter (the mailing s/w) sends a confirmation message to the user and after getting the response adds the user mail address to the list. </li></ul>
  18. 18. NEW RESEARCH & LAW ENFORCEMENT <ul><li>Ham password: </li></ul><ul><li>Association of email and password together with the filtering mechanism provides a better technique to protect against spams. </li></ul><ul><li>Cost based systems: </li></ul><ul><li>Sender should pay some cost in order to send Email. </li></ul><ul><li>Proof of the work: </li></ul><ul><li>Proof-of-work systems such as hashcash require that a sender pay a computational cost by performing a calculation that the receiver can later verify. </li></ul>
  19. 19. OTHER TECHNIQUES <ul><li>There are a number of proposals for sideband protocols that will assist SMTP operation.The Anti-Spam Research Group (ASRG) of the Internet Research Task Force(IRTF) isworking on a number of E-mail authentication andother proposals for providing simple source authentication that is flexible, lightweight, and scalable. </li></ul>
  20. 20. CONCLUTION <ul><li>To prevent e-mail spam, both end users and administrators of e-mail systems use various </li></ul><ul><li>anti-spam techniques. Some of these techniques </li></ul><ul><li>have been embedded in products, services and software to ease the burden on users and administrators. No one technique is a complete solution to the spam problem, and each has trade- </li></ul><ul><li>-offs between incorrectly rejecting legitimate e-mail vs. not rejecting all spam, and the associated costs </li></ul><ul><li>in time and effort. </li></ul>
  21. 21. REFERENCES <ul><li>(1)E-mail spam - Wikipedia, the free encyclopedia </li></ul><ul><li>(2)Anti-spam techniques (e-mail) - Wikipedia, the free encyclopedia </li></ul><ul><li>(3)Spam (electronic) from wikipedia(for classification) </li></ul><ul><li>(4)Economics of spam- Joe St Sauver, Ph.D. Director, User Services and Network Applications [email_address] . </li></ul>
  22. 22. THANKYOU