This presentation uses some slides from lecture slides of Associate Prof. Tran Quang Anh from FIT - HANU & & Anti-spam Anti-spam Group No 2C12 Group No 2C12
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
This presentation uses some slides from lecture slides of Associate Prof. Tran Quang Anh from FIT - HANU
&&
Anti-spam Anti-spamGroup No 2C12Group No 2C12
Contents
1.Background knowledge
2.Spam
3.Anti spam techniques
4.An introduction to Gmail anti-spam
5.Q&A
1. Background knowledge
1.1 Email format: 2 components• Header• BodySeparated by a free line.
1. Background knowledge
PRIMARY FIELDS SECONDARY FIELDS MIME FIELDS
1. From2. To3. Subject4. Date5. Message-ID
6. Bcc (Blind Carbon Copy)
7. Cc (Carbon copy)8. Content-Type9. Importance10.In-Reply-To11.Precedence12.Received13.Return-Path14.Sender15. X-Originating-IP
16.MIME format17.Content
encoding18.Content type19.Content-
Disposition
1. Background knowledge
1.2 Email sending steps
If server Gmail wants to send an email to [email protected], it will
Step 1: Check MX record (IP) of hanu.edu.vn
Step 2: Connect to port 25 in that IP address
Step 3: Follow SMTP protocol
2. Email Spam
2.1 What is email spam?
UBE (Unsolicited Bulk Email)
Same content but lots of mails
Purposes: Advertisement, phishing, spreading malware, etc.
2. Email Spam
2.2 Why is email spam?o Technical consideration
o Sender is anonymous
o Internet (email, ADSL) is prevalent
o Economical consideration
o Low cost to send an email
o Demand of advertisement
2. Email Spam
2.3 Problems caused by email spam:
oDenied of service (full mail box, wrong delete)
2. Email Spam
2.3 Problems caused by email spam:
oVirus
2. Email Spam
2.3 Problems caused by email spam:
oPhishing
3. Anti-spam
3.1 Anti-spam framework:
3. Anti - spam
3.2 Anti-spam techniques Content-based method
Header-based method
Protocol-based method
Sender authentication
Social network
3. Anti - spam
Content-based method
o Analyze the frequency of top keywords in email (SpamAssassin)
o Effective algorithm: Bayesian filtering algorithm
o Example: giá, cơ hội, siêu, miễn phí (Vietnamese keywords), free, like, subscribe, Facebook, hot deal, sale off (English keywords)
3. Anti - spam
Header-based method
o Examines the headers of email messages to detect spam
o Approaches:
o Whitelist: email addresses of legitimate email in a database
o Blacklist schemes collect the IP addresses of all known spammer
3. Anti - spam
Source: http://www.mcafee.com/threat-intelligence/ip/spam-senders.aspx
3. Anti – spam Protocol-based method
3. Anti - spam Sender authenticationo Spammer can fake identity (they can claim who they are). o Sender authentication treat this way. o How does SA work?
1. SA adds a “marker” to the DNS server, which inform the designated email servers for a specific domain.
2. A server verify if a received email message actually came from on these email servers.
o Example: Sender Policy Framework (AOL, HANU), SenderID (Microsoft), DomainKeys (Yahoo)
3. Anti-spam
Social networko PageRank (Google)o Graph theory:
• Consider an email network with nodes are users and links are email transaction activities
• Coefficient: low (do not exchange email frequently), high
4. Gmail anti-spam
4.1 Gmail anti-spam techniqueo Gmail uses multiple techniques:
o SPF (Sender Policy Framework), o DomainKeyso DKIM (DomainKeys Identified Mail)
4. Gmail anti-spam
4.2 Gmail header formato How to read a header? (Demonstration with web
browser)
Related Documents
