b@bel: leveraging email delivery for spam mitigation

Report

Post on 20-Jan-2016

229 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

GIANLUCA STRINGHINI, MANUEL EGELE, AAPOSTOLIS ZARRAS, THORSTEN HOLZ, CHRISTOPHER KRUEGEL, AND GIOVANNI

VIGNA

PRESENTED BY RUI XIE

B@BEL: Leveraging Email Delivery for Spam Mitigation

Problems on Spam

Wealthy economy behind spam 77% of emails are spam 85% of spam are sent by botnets

Traditional Spam Detection Content Analysis Origin Analysis

Approach in Article

Focusing on the way that client interact with SMTP server

Overview

Techniques System design Evaluation Limitations

Techniques

SMTP dialects Feedback manipulation

SMTP dialects

Feedback Manipulation

Botnet also use feedback Botmaster sends spam to bot Bot sends spam to SMTP server SMTP server sends spam to user or

replies bot no such user exists Bot replies bot master no such user

exists Bot master delete address of the user

from user list

Importance

SMTP dialectsSpam detection Malware classification

Feedback manipulationSuccessful botnets are using bot feedback35% of the email addresses were

nonexistent

System design

Learning SMTP dialects Build a decision model Making a decision

SMTP dialects state

D =< Σ,S,s0,T, Fg,Fb >Σ: input alphabetS : set of statess0: initial stateT : transitions Fg : good final statesFb : bad final states

Learning SMTP dialects

Collecting SMTP conversations

Passive observationTwo dialects might look the same!

Active probing Intentionally sending incorrect replies, error

messages

Build a decision model

Making a decision

Passive matching Detect dialects by observing conversations

Active probing Send specific replies to “expose” differences

Evaluation

Experiment has 621,919 SMTP conversations

Results260,074 as spam218,675 as ham143,170 could not decide

Result in real life

Limitations

Evading dialects detection Implement a “faithful” SMTP engine Making spammers to look like a legitimate

client

Evading feedback manipulation

Conclusion

Focusing on the way that client interact with SMTP serverSMTP dialects Feedback manipulation

Valuable tool for spam mitigation

top related

leveraging the 5 pedagogical stances
Documents
leveraging continuous improvement
Documents
lums leveraging the stylo shoes experience
Documents
leveraging talent networks for optimized recruiting
Business
radware attack mitigation solution
Devices & Hardware
seismic mitigation final
Education
spam ! spam ! spam - le blog andsi
Documents
leveraging linkedin for good
Technology
forest mitigation strategy: redd
Documents
leveraging sustainable - idx.co.id
Documents
mitigation actions)...
Documents
pp_no_122_2015 spam
Documents
leveraging mobile technologies for maternal, newborn ... ·...
Documents
leveraging smart phones to reduce mobility...
Documents
impacts, adaptation, mitigation
Documents
leveraging transitive relations for crowdsourced joins
Documents
leveraging the serverlessarchitecture for securing linux...
Documents
mitigation for roosts in buildings ps final.ppt [read...
Documents
ddos mitigation software solutions
Documents
unit of mitigation
Technology