Spam Prevention using Spam Prevention using Access Code (AC) - - PowerPoint PPT Presentation

▶

Feb 21, 2024 431 likes •630 views

Spam Prevention using Spam Prevention using Access Code (AC) Access Code (AC) Akhtar H Khalil, David J. Parish Akhtar H Khalil, David J. Parish a.h.khalil@lboro.ac.uk , , d.j.parish@lboro.ac.uk d.j.parish@lboro.ac.uk a.h.khalil@lboro.ac.uk

SLIDE 1

Spam Prevention using Spam Prevention using Access Code (AC) Access Code (AC)

Akhtar H Khalil, David J. Parish Akhtar H Khalil, David J. Parish

a.h.khalil@lboro.ac.uk a.h.khalil@lboro.ac.uk , , d.j.parish@lboro.ac.uk d.j.parish@lboro.ac.uk

High Speed Networks Group High Speed Networks Group

MSN 2008, MSN 2008, Coseners Coseners July 10 July 10-

11, 2008

11, 2008

SLIDE 2

2 2

Introduction Introduction

Spam

Spam

Unsolicited message (Informally)

Unsolicited message (Informally)

No single technical definition

No single technical definition

SPIT (Spam over Internet Telephony)

SPIT (Spam over Internet Telephony)

SLIDE 3

3 3

Problems Caused Problems Caused

Worldwide financial losses caused by Worldwide financial losses caused by spam in 2005 were $50 billion [Ferris spam in 2005 were $50 billion [Ferris Research Analyzer] Research Analyzer] Impacts on business communication Exposure to Malware, Spyware, Adware Loss of Corporate Assets The Legal Risk of Spam Spam exceeds 4 times legitimate messages [Johnston and Piscitello, Understanding Voice

ver IP Security]

SLIDE 4

4 4

Impacts of the SOA Anti Impacts of the SOA Anti-

spam measures

spam measures

No effective solution against address spoofing, dictionary attacks, sybil attacks etc May prevent legitimate messages Example: Members of the British parliament did not receive messages related to “Sexual Offences Bill” under discussion. Assumed to be porn, these messages were filtered by Anti-spam filters.

SLIDE 5

5 5

“ “There is no panacea for the There is no panacea for the spam problem, as all spam problem, as all approaches come with some approaches come with some drawbacks drawbacks” ”

( (Rainer Baumann, Rainer Baumann, St St´ ´ephane ephane Cavin Cavin and Stefan and Stefan Schmid Schmid, , "Voice over IP "Voice over IP -

security and SPAM," page 10,September

security and SPAM," page 10,September 8, 2006 8, 2006) )

SLIDE 6

6 6

Access Code Mechanism Access Code Mechanism

Two Main Entities

Two Main Entities

User ID (ID)

User ID (ID)

Access Code (AC)

Access Code (AC) User ID: User ID:

Unique

Unique

Can be accessed by

Can be accessed by anyone anyone Fig: Basic operation

SLIDE 7

7 7

Access Code (AC) Access Code (AC)

A 5 digit changeable number

A 5 digit changeable number

Accessible by legitimate clients

Accessible by legitimate clients

Impossible or so

Impossible or so unpleasent unpleasent for a for a spammer to access it that he skips spammer to access it that he skips and goes away and goes away

Changing AC will not affect the

Changing AC will not affect the legitimate clients legitimate clients

Required by legitimate clients only

Required by legitimate clients only at the first time at the first time

SLIDE 8

8 8

Spammer Vs Legitimate Spammer Vs Legitimate Client Client

A legitimate client has some

A legitimate client has some knowledge about the recipient knowledge about the recipient

Transmission Cost of spam is

Transmission Cost of spam is almost zero almost zero

Spams are sent to thousands of

Spams are sent to thousands of users within a short time users within a short time

It is typically impossible to call a

It is typically impossible to call a spammer back spammer back

SLIDE 9

9 9

Data Base of a User on the Data Base of a User on the Server Server

Contains three types of lists: Contains three types of lists:

Trusted Persons List (TPL)

Trusted Persons List (TPL)

Blocked Persons List (BPL)

Blocked Persons List (BPL)

New Persons List (NPL)

New Persons List (NPL)

Fig: Data Base of a User on the Server

SLIDE 10

10 10

Call from an Unknown Call from an Unknown Legitimate Client Legitimate Client

TPL

Shah

BPL NPL

ID

Fig. An unknown person wants to make a call

Khalil

Prof. Parish

SLIDE 11

11 11

Caller Server Recipient

ID

Waiting for reply

AC?

Qs/As Session

AC AC

Accepted

Update the Database

Fig. Accessing AC from the server

Links 12, 13, 15, 16, 18, 19, 24

SLIDE 12

12 12

Spammer who Accesses the AC Spammer who Accesses the AC

TPL

Shah Khalil

BPL NPL

Eve

ID Eve

Prof. Parish
Fig. Eve successfully accesses the AC

SLIDE 13

13 13

Eve Gives Up and Goes Away Eve Gives Up and Goes Away

TPL

Shah Khalil

BPL

Eve

NPL

Fig. Data Base of Prof. Parish after receiving spit

SLIDE 14

14 14

Analysis Analysis

Charging Mechanism

Charging Mechanism

Free tokens to each user

Free tokens to each user

Enough for legitimate clients

Enough for legitimate clients

For obtaining AC from the server one

For obtaining AC from the server one token is subtracted token is subtracted

If sender is not added to BPL list then

If sender is not added to BPL list then the token is returned the token is returned

SLIDE 15

15 15

Dealing With Address Spoofing Dealing With Address Spoofing

Two cases of Address Spoofing Two cases of Address Spoofing

Spoofed Address not in the TPL

Spoofed Address not in the TPL

TPL

Shah Khalil

BPL

Eve

NPL

PN Mark

Prof. Parish

Fig: Server functions as for unknown persons

SLIDE 16

16 16

TPL

Khalil Shah

BPL

Eve

NPL

PN Khalil

TPL

Jin Wang

BPL

Mev

NPL TPL

Kostas Yaqoob

BPL

Eve

NPL

Prof. Parish

Akhtar John

Spoofed Address is in the TPL Spoofed Address is in the TPL

Knowledge about the TPL list of the recipient

Knowledge about the TPL list of the recipient

Time factor

Time factor

SLIDE 17

17 17

Conclusion Conclusion

The only Anti

The only Anti-

spam mechanism that

spam mechanism that prevents all types of spam attacks prevents all types of spam attacks

The only technique that prevents spam in

The only technique that prevents spam in all its forms (spam email, spit, all its forms (spam email, spit, spim spim etc). etc). The most suitable for converged networks The most suitable for converged networks

No introduction problem of new

No introduction problem of new callers/users callers/users

Does not show any false positive or false

Does not show any false positive or false negative negative

Provides the desired degree of

Provides the desired degree of convenience to legitimate clients convenience to legitimate clients

SLIDE 18

Spam Prevention using Spam Prevention using Access Code (AC) Access Code (AC)

Akhtar H Khalil, David J. Parish Akhtar H Khalil, David J. Parish

High Speed Networks Group High Speed Networks Group

MSN 2008, MSN 2008, Coseners Coseners July 10 July 10-

11, 2008

Introduction Introduction

Spam

Unsolicited message (Informally)

No single technical definition

SPIT (Spam over Internet Telephony)

Problems Caused Problems Caused

Impacts of the SOA Anti Impacts of the SOA Anti-

spam measures

“ “There is no panacea for the There is no panacea for the spam problem, as all spam problem, as all approaches come with some approaches come with some drawbacks drawbacks” ”

Access Code Mechanism Access Code Mechanism

Two Main Entities

User ID (ID)

Access Code (AC) User ID: User ID:

Unique

Can be accessed by anyone anyone Fig: Basic operation

Access Code (AC) Access Code (AC)

A 5 digit changeable number

Accessible by legitimate clients

Impossible or so unpleasent unpleasent for a for a spammer to access it that he skips spammer to access it that he skips and goes away and goes away

Changing AC will not affect the legitimate clients legitimate clients

Required by legitimate clients only at the first time at the first time

Spammer Vs Legitimate Spammer Vs Legitimate Client Client

A legitimate client has some knowledge about the recipient knowledge about the recipient

Transmission Cost of spam is almost zero almost zero

Spams are sent to thousands of users within a short time users within a short time

It is typically impossible to call a spammer back spammer back

Data Base of a User on the Data Base of a User on the Server Server

Contains three types of lists: Contains three types of lists:

Trusted Persons List (TPL)

Blocked Persons List (BPL)

New Persons List (NPL)

Call from an Unknown Call from an Unknown Legitimate Client Legitimate Client

TPL

BPL NPL

ID

Khalil

Caller Server Recipient

ID

AC?

AC AC

Accepted

Links 12, 13, 15, 16, 18, 19, 24

Spammer who Accesses the AC Spammer who Accesses the AC

TPL

BPL NPL

ID Eve

Eve Gives Up and Goes Away Eve Gives Up and Goes Away

TPL

BPL

NPL

Analysis Analysis

Charging Mechanism

Free tokens to each user

Enough for legitimate clients

For obtaining AC from the server one token is subtracted token is subtracted

If sender is not added to BPL list then the token is returned the token is returned

Dealing With Address Spoofing Dealing With Address Spoofing

Two cases of Address Spoofing Two cases of Address Spoofing

Spoofed Address not in the TPL

PN Mark

Fig: Server functions as for unknown persons

PN Khalil

Akhtar John

Spoofed Address is in the TPL Spoofed Address is in the TPL

Knowledge about the TPL list of the recipient

Time factor

Conclusion Conclusion

The only Anti-

spam mechanism that prevents all types of spam attacks prevents all types of spam attacks

The only technique that prevents spam in all its forms (spam email, spit, all its forms (spam email, spit, spim spim etc). etc). The most suitable for converged networks The most suitable for converged networks

No introduction problem of new callers/users callers/users

Does not show any false positive or false negative negative

Provides the desired degree of convenience to legitimate clients convenience to legitimate clients

QUESTIONS QUESTIONS AND AND ANSWER ANSWERS S