the problems of
play

The problems of The origins Variations on the theme spam The - PDF document

Aug 28, 2022 •121 likes •206 views

Introduction Introduction The problems of The origins Variations on the theme spam The rise of phishing and pharming Inter-governmental (in)activity Ewan Sutherland Conclusions and issues TMGT 632 TMGT 632 08.v.06

  1. Introduction • Introduction The problems of • The origins • Variations on the theme spam • The rise of phishing and pharming • Inter-governmental (in)activity Ewan Sutherland • Conclusions and issues TMGT 632 TMGT 632 08.v.06 1 08.v.06 2 Spam Monty Python’s Spam menu • Egg and spam • Commercialisation of the Internet • Egg, bacon and spam • Electronic mail is “free” • Egg, bacon, sausage and spam • Spam was originally a tinned meat product • Spam, bacon, sausage and spam • Spam, egg, spam, spam, bacon and spam from the USA, short for SPicy hAM • Spam, sausage, spam, Spam, spam, bacon, • Monty Python’s Flying Circus: spam, tomato and spam – The Green Midget Café • Spam, spam, spam, egg, and spam • Spam, spam, spam, spam, spam, spam, baked – Every meal included Spam beans, spam, spam, spam and spam – The Spam song TMGT 632 TMGT 632 08.v.06 3 08.v.06 4 Unsolicited advertisements Filtering at destination • Originally the Internet was non-commercial • Companies and individuals are expected • As commercial use grew, so did unsolicited to filter out spam on arrival electronic mail • Assumes that the cost are insignificant: • Addresses were freely available – carriage of spam • “spam” grew to unacceptable levels – filtering • Spam became a vector for viruses • Filtering is never totally effective: • Spam became a profitable business model: – false positives – even at minimal response rates – false negatives – infinitesimal cost http://www.email-policy.com/Spam-black-lists.htm TMGT 632 TMGT 632 08.v.06 5 08.v.06 6 1

  2. Open relays ORDB rankings of open relays • Electronic mail is transmitted by relays 1. USA 82,981 11.Spain 3,079 2. China 25,774 12.India 3,056 • Some SMTP relays are open for anyone 3. South Korea 16,421 13.France 2,969 • In this way spam enters the global system 4. Japan 9,921 14.Hong Kong 2,779 • SMTP relays should only allow mail from 5. Taiwan, China 8,468 15.Mexico 2,681 6. Germany 6,233 16.Australia 2,492 registered clients 7. United Kingdom 5,457 17.Russia 2,420 • ORDB currently reports 250,000 open 8. Canada 5,115 18.Poland 2,034 relays worldwide 9. Italy 3,661 19.Netherlands 1,559 10. Argentina 3,587 20.Sweden 1,306 http://www.ordb.org/ TMGT 632 TMGT 632 08.v.06 7 08.v.06 8 Spamhaus Spamhaus – countries and ISPs • An international non-profit organisation, based in the 1. United States 2,292 1. mci.com 214 UK, whose mission is: 2. China 392 2. sbc.com 90 – to track the Internet's Spam gangs 3. Russia 293 3. comcast.net 70 – to provide dependable real-time anti-spam protection for Internet networks 4. Japan 282 4. hinet.net 50 – to work with Law Enforcement Agencies to identify and pursue spammers worldwide 5. Taiwan 184 5. ocn.ne.jp 42 – to lobby governments for effective anti-spam legislation 6. Canada 169 6. nttpc.ne.jp 42 • It maintains the Register of Known Spam Operations (ROKSO) 7. South Korea 160 7. xo.com 39 8. UK 144 8. level3.net 38 80% of spam received by Internet users in North America and Europe can be traced via aliases and addresses, redirects, hosting locations 9. Netherlands 139 9. interbusiness.it 37 of sites and domains, to a hard-core group of around 200 known 10. Hong Kong 124 10.newworldtel.com 32 spam operations ("spam gangs") http://www.spamhaus.org/ TMGT 632 TMGT 632 08.v.06 9 08.v.06 10 Sophos rankings Zombie computers October to December, 2005 • A computer compromised by a security cracker, a virus or a trojan horse 1. United States 24.5 % • One of many computers in a "botnet", used to perform a 2. China (inc Hong Kong) 22.3 % malicious task under remote direction 3. South Korea 9.7 % • Owners are unconscious vectors and thus compared to 4. France 5.0 % a “zombie” 5. Canada 3.0 % • Infected computers — predominantly running Windows 6. Brazil 2.6 % — are the major delivery method of spam, between 50% 7. Spain 2.5 % and 80% 8. Austria 2.4 % 9. Taiwan 2.1 % • Zombie computers allow spammers to avoid detection 10. Poland 2.0 % and bandwidth costs 10. Japan 2.0 % • They are also used to commit “click fraud” against sites 12. Germany 1.8 % displaying pay-per-click advertising http://www.sophos.com http://www.microsoft.com/presspass/features/2005/oct05/10-27Zombie.mspx TMGT 632 TMGT 632 08.v.06 11 08.v.06 12 2

  3. Ipswitch – current view Variations on a theme • 62% of all e-mail received is spam, • SPIM – spam on Instant Messaging compared to 57% in the previous quarter • SPIT – spam on Internet Telephony • Pornography was the most common spam (24% of total) • Second place was offers of mortgages and loans (18%) • SPLOG – spam in weblogs • Third place was offers of “medication” (17%) • mobile Spam: • Fourth was electronics and pirated software (16%) • Fifth was attempts to ‘phish’ recipients' banking details – SMS with claims of lottery wins and online gambling accounts – MMS (10%) http://www.ipswitch.com/ TMGT 632 TMGT 632 08.v.06 13 08.v.06 14 Can Spam Act of USA (2003) China • Internet Society of China (ISC) and leading service • Delayed by efforts at technical solutions providers are to build a unified electronic mail • Delayed by industry lobbying, especially management platform • They will cooperate with international anti-spam by direct marketing companies organizations • Enabled ISPs to sue spammers • They will create a common blacklist of spam senders • An anti-spam reporting hotline received 5000 complaints • Some legal cases have been concluded in a few weeks, of which 70% were spam and 28% junk SMS • Has had no discernible effect in reducing • Growing problems with SMS the volume of spam originating from the • Government has announced the obligation to register all USA mail servers http://www.onguardonline.gov/ http://www.anti-spam.cn/ TMGT 632 TMGT 632 08.v.06 15 08.v.06 16 Australia Australia – code of conduct Networks Customers • Passed specific legislation • not to have open relay or open • to provide spam filtering proxy servers, and to impose • Bi-lateral inter-governmental agreements: options the same obligations on their customers • to explain their default filtering – e.g., Republic of Korea and Australia • to scan their own networks for of electronic mail subscribers’ misconfigured • Also a mandated Code of Conduct for • to advise how to deal with, and mail and proxy servers report, spam. • to allow for immediate operators termination of connections • to ensure they prohibit the use where it has become an open of their networks for spamming relay due to intentional and to inform their customers misconfiguration or a zombie • if notified that a customer’s computer is a zombie to warn them and suggest how to correct the problem http://www.spam.acma.gov.au/ TMGT 632 TMGT 632 08.v.06 17 08.v.06 18 3

  4. ENISA report Mobile spam • European Network and Information Security Agency • A major problem in Japan, but spreading • There is no 100% protection against spam • Protection against incoming spam can only be improved marginally • NTT DoCoMo worked very hard to • Unless economic models for spam change dramatically, there is probably not much more that providers can do next to applying the variety of suppress it countermeasures to the largest extent possible • Most spam originates outside of the EU • Text messages from dating services • A major problem is that spammers often hide their true identity • The relationship between those national entities who control electronic communications and those who control transmission of unsolicited emails • SMS to call premium services should also be clarified and simplified • The terms opt-in and opt-out and the scenarios in which they are applicable • Devices are too small for firewalls and could be further clarified • Providers in Europe are more concerned about spam emails that their anti-virus software customers receive than they are concerned with spam that their customers send • Enforcement could be further improved to also prevent spam originating from Europe. http://www.gsmworld.com/documents/public_policy/digital_divide/mobile_spam.pdf http://www.enisa.eu.int/doc/pdf/deliverables/enisa_security_spam.pdf TMGT 632 TMGT 632 08.v.06 19 08.v.06 20 419 scams Phishing • Pronounced “fishing” • Derived from the Nigerian legal code • Phishing for or stealing personal identity and financial account details • Advanced fee scam • Mail messages and associated websites • Abuse and hi-jacking of brand names and logos • A request for personal information • 'spoofed' electronic mails to lead consumers to counterfeit websites designed to trick recipients into divulging • Based on promise of a share in an illegal – credit card numbers – account usernames and passwords scheme to access money in banks • Technical subterfuge is used to plant crimeware on PCs to steal credentials directly, e.g., Trojan keylogger spyware • Names used include the children and • The Bank of America example uses the genuine web site with redirection to the phishing site spouses of many former African leaders • The PayPal example uses a web site with a name similar to a genuine domain name http://www.ultrascan.nl/ TMGT 632 TMGT 632 08.v.06 21 08.v.06 22 Example – Bank of America Example – PayPal TMGT 632 TMGT 632 08.v.06 23 08.v.06 24 4

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Solving Percent Problems Word Problems Find a Pattern Estimation Problems Fraction Problems

Solving Percent Problems Word Problems Find a Pattern Estimation Problems Fraction Problems

Slide 1 / 142 Slide 2 / 142 Table of Contents Strategies & Plans for Problem Solving Rate Problems Solving Percent Problems Word Problems Find a Pattern Estimation Problems Fraction Problems Pre-Algebra LCM / GCF Problems Combination

477 views • 24 slides
5. Network flow problems Example: Sailco Minimum-cost flow problems Transportation

5. Network flow problems Example: Sailco Minimum-cost flow problems Transportation

CS/ECE/ISyE 524 Introduction to Optimization Spring 201718 5. Network flow problems Example: Sailco Minimum-cost flow problems Transportation problems Shortest/longest path problems Max-flow problems Integer solutions

541 views • 30 slides
Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for the legal users, but are very difficult to the eavesdroppers. Public Key Cryptography 1 Such problems are called trapdoor problems . They allow to

379 views • 5 slides
Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for the legal users, but are very difficult to the eavesdroppers. Public Key Cryptography 1 Such problems are called trapdoor problems .

345 views • 3 slides
Hard Problems Some problems are hard to solve. No polynomial time algorithm is known.

Hard Problems Some problems are hard to solve. No polynomial time algorithm is known.

Hard Problems Some problems are hard to solve. No polynomial time algorithm is known. E.g., NP-hard problems such as machine scheduling, bin packing, 0/1 knapsack. Is this necessarily bad? Data encryption relies on difficult

721 views • 15 slides
MA/CSSE 473 Day 40 Problems Decision Problems P and NP MA/CSSE 473 Day 40 HW 15 Due at

MA/CSSE 473 Day 40 Problems Decision Problems P and NP MA/CSSE 473 Day 40 HW 15 Due at

MA/CSSE 473 Day 40 Problems Decision Problems P and NP MA/CSSE 473 Day 40 HW 15 Due at 11:59 PM tonight (it's a little different!); late day until 11:59 PM Saturday. Fill out the Course evaluation form If everybody in a section

323 views • 17 slides
Introduction to Data Science: Common observation to be religion, income, frequency where sex and

Introduction to Data Science: Common observation to be religion, income, frequency where sex and

Tidying data Common problems in messy data Tidy data and the ER model Common problems in messy data Common problems in messy data Common problems in messy data Common problems in messy data Common problems in messy data Common problems in

680 views • 21 slides
Boundary value problems What problems does boundary value testing have? ECT2 Boundary

Boundary value problems What problems does boundary value testing have? ECT2 Boundary

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value testing have? ECT2 Boundary value problems 2 Boundary Value Testing derives test cases with Serious gaps Massive redundancy

696 views • 36 slides
Engineering Problems Identifying problems appropriate for engineering solutions Some Examples of

Engineering Problems Identifying problems appropriate for engineering solutions Some Examples of

Engineering Problems Identifying problems appropriate for engineering solutions Some Examples of Engineering Problems and Projects that follow the Design Process Identify Problem -> Define Requirements -> Design a Solution (PSU

590 views • 25 slides
Our thesis is all of our problems ultimately are theological ones. To some degree, our problems

Our thesis is all of our problems ultimately are theological ones. To some degree, our problems

Our thesis is all of our problems ultimately are theological ones. To some degree, our problems always stem from either not knowing or seeing who God is or forgetting who he is at the moment. Elisabeth Elliot has a wonderful, realistic, both

290 views • 10 slides
Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value testing have? ECT2 Boundary value problems 2 Generates test cases with Serious gaps Massive redundancy ECT3 Motivation for

752 views • 44 slides
Satisfiability Solvers So far, weve been dealing with SAT problems that encode other

Satisfiability Solvers So far, weve been dealing with SAT problems that encode other

Structured vs. Random Problems Satisfiability Solvers So far, weve been dealing with SAT problems that encode other problems Most not as hard as # of variables & clauses suggests Small crossword grid + medium-sized dictionary

419 views • 4 slides
4. Minimax and planning problems Optimizing piecewise linear functions Minimax problems

4. Minimax and planning problems Optimizing piecewise linear functions Minimax problems

CS/ECE/ISyE 524 Introduction to Optimization Spring 201718 4. Minimax and planning problems Optimizing piecewise linear functions Minimax problems Example: Chebyshev center Multi-period planning problems Example: building a

411 views • 25 slides
Sample Graph Problems Path problems. Graph Operations And Connectedness problems.

Sample Graph Problems Path problems. Graph Operations And Connectedness problems.

Sample Graph Problems Path problems. Graph Operations And Connectedness problems. Representation Spanning tree problems. Path Finding Another Path Between 1 and 8 Path between 1 and 8. 2 2 4 3 4 3 8 8 8 8 1 1 6 10

95 views • 9 slides
More NP-Complete Problems NP-Hard Problems Tautology Problem Node Cover Knapsack 1 Next Steps

More NP-Complete Problems NP-Hard Problems Tautology Problem Node Cover Knapsack 1 Next Steps

More NP-Complete Problems NP-Hard Problems Tautology Problem Node Cover Knapsack 1 Next Steps We can now reduce 3SAT to a large number of problems, either directly or indirectly. Each reduction must be polytime. Usually we focus

871 views • 49 slides
E4.1 Graph Problems P, NP Automata Theory Theory Polynomial Reductions Turing Computability

E4.1 Graph Problems P, NP Automata Theory Theory Polynomial Reductions Turing Computability

Theory of Computer Science May 18, 2020 E4. Some NP-Complete Problems, Part I Theory of Computer Science E4. Some NP-Complete Problems, Part I E4.1 Graph Problems Gabriele R oger E4.2 Routing Problems University of Basel May 18, 2020

145 views • 10 slides
www.BamGroups.com 1 Where BAM! stands "Both sexes suffer when one is not

www.BamGroups.com 1 Where BAM! stands "Both sexes suffer when one is not

How do we see boys as something other than problems? How do we help boys address the challenges we know they face? www.BamGroups.com 1 Where BAM! stands "Both sexes suffer when one is not understoodthe remarkable transformation in

256 views • 24 slides
Key Export Markets for U.S. Defense Suppliers A quantitative analysis of Vietnam Prepared for:

Key Export Markets for U.S. Defense Suppliers A quantitative analysis of Vietnam Prepared for:

EDITED FOR PUBLIC RELEASE PRIVATE & CONFIDENTIAL Key Export Markets for U.S. Defense Suppliers A quantitative analysis of Vietnam Prepared for: August 2016 Vietnam: Budget Transparency Prioritization of maritime deterrence spurs

451 views • 5 slides
ZipLite light that is focused on you Mockup Review Conrad, Katie, Bassey, Emad, Chris PINK

ZipLite light that is focused on you Mockup Review Conrad, Katie, Bassey, Emad, Chris PINK

ZipLite light that is focused on you Mockup Review Conrad, Katie, Bassey, Emad, Chris PINK B Automa,c Follow Spot Theatrical Equipment Rental $800 Million Market Chauvet DJ LED Lycian Midget H.P.

315 views • 9 slides
Title SDVs in support of Special Operations Subtitle Anders Magnerfelt JFD Sweden Managing

Title SDVs in support of Special Operations Subtitle Anders Magnerfelt JFD Sweden Managing

Title SDVs in support of Special Operations Subtitle Anders Magnerfelt JFD Sweden Managing Director confidence under pressure SDVs in support of Special Operations AGENDA The human torpedo A brief history The payload

792 views • 22 slides
image motion Thurs. Jan. 31, 2018 1 Time varying images (XYT)

image motion Thurs. Jan. 31, 2018 1 Time varying images (XYT)

COMP 546 Lecture 7 image motion Thurs. Jan. 31, 2018 1 Time varying images (XYT) 2 Motion in XYT e.g. translating vertical edge 3 Motion in XYT e.g.

607 views • 34 slides
Challenges and opportunities in statistical neuroscience Liam Paninski Department of Statistics

Challenges and opportunities in statistical neuroscience Liam Paninski Department of Statistics

Challenges and opportunities in statistical neuroscience Liam Paninski Department of Statistics and Center for Theoretical Neuroscience Columbia University http://www.stat.columbia.edu/ liam liam@stat.columbia.edu June 2, 2011 Support:

628 views • 20 slides
Challenges and opportunities in statistical neuroscience Liam Paninski Department of Statistics

Challenges and opportunities in statistical neuroscience Liam Paninski Department of Statistics

Challenges and opportunities in statistical neuroscience Liam Paninski Department of Statistics and Center for Theoretical Neuroscience Columbia University http://www.stat.columbia.edu/ liam liam@stat.columbia.edu October 5, 2012 Support:

478 views • 26 slides
Surgical Problems in Primary Care Ronald H. Labuguen, MD Clinical Professor UCSF Department of

Surgical Problems in Primary Care Ronald H. Labuguen, MD Clinical Professor UCSF Department of

Surgical Problems in Primary Care Ronald H. Labuguen, MD Clinical Professor UCSF Department of Family and Community Medicine -o- UCSF Family Medicine Board Review Course March 8, 2016 Faculty Disclosure I have nothing to disclose The

2.3k views • 179 slides

More recommend