SlideShare une entreprise Scribd logo

Spam and Anti Spam Techniques

Télécharger en tant que PPT, PDF
Mạnh Nguyễn Văn
Mạnh Nguyễn Văn

See my FB: https://www.facebook.com/KingAmongThePig This is about spam and anit spam techniques. I hope it is helpfull.

Technologie
1  sur  21
This presentation uses some slides from lecture slides of Associate Prof. Tran Quang Anh from FIT - HANU && Anti-spamAnti-spam Group No 2C12Group No 2C12
Contents 1.Background knowledge 2.Spam 3.Anti spam techniques 4.An introduction to Gmail anti-spam 5.Q&A
1. Background knowledge 1.1 Email format: 2 components • Header • Body Separated by a free line.
1. Background knowledge PRIMARY FIELDS SECONDARY FIELDS MIME FIELDS 1. From 2. To 3. Subject 4. Date 5. Message-ID 6. Bcc (Blind Carbon Copy) 7. Cc (Carbon copy) 8. Content-Type 9. Importance 10.In-Reply-To 11.Precedence 12.Received 13.Return-Path 14.Sender 15. X-Originating-IP 16.MIME format 17.Content encoding 18.Content type 19.Content- Disposition
1. Background knowledge 1.2 Email sending steps If server Gmail wants to send an email to manhnv@hanu.edu.vn, it will Step 1: Check MX record (IP) of hanu.edu.vn Step 2: Connect to port 25 in that IP address Step 3: Follow SMTP protocol
2. Email Spam 2.1 What is email spam? UBE (Unsolicited Bulk Email) Same content but lots of mails Purposes: Advertisement, phishing, spreading malware, etc.
2. Email Spam 2.2 Why is email spam? o Technical consideration o Sender is anonymous o Internet (email, ADSL) is prevalent o Economical consideration o Low cost to send an email o Demand of advertisement
2. Email Spam 2.3 Problems caused by email spam: o Denied of service (full mail box, wrong delete)
2. Email Spam 2.3 Problems caused by email spam: oVirus
2. Email Spam 2.3 Problems caused by email spam: oPhishing
3. Anti-spam 3.1 Anti-spam framework:
3. Anti - spam 3.2 Anti-spam techniques  Content-based method  Header-based method  Protocol-based method  Sender authentication  Social network
3. Anti - spam Content-based method o Analyze the frequency of top keywords in email (SpamAssassin) o Effective algorithm: Bayesian filtering algorithm o Example: giá, c h i, siêu, mi n phí (Vietnamese keywords), free, like,ơ ộ ễ subscribe, Facebook, hot deal, sale off (English keywords)
3. Anti - spam  Header-based method o Examines the headers of email messages to detect spam o Approaches: o Whitelist: email addresses of legitimate email in a database o Blacklist schemes collect the IP addresses of all known spammer
3. Anti - spam Source: http://www.mcafee.com/threat-intelligence/ip/spam-senders.aspx
3. Anti – spam  Protocol-based method
3. Anti - spam  Sender authentication o Spammer can fake identity (they can claim who they are). o Sender authentication treat this way. o How does SA work? 1. SA adds a “marker” to the DNS server, which inform the designated email servers for a specific domain. 2. A server verify if a received email message actually came from on these email servers. o Example: Sender Policy Framework (AOL, HANU), SenderID (Microsoft), DomainKeys (Yahoo)
3. Anti-spam  Social network o PageRank (Google) o Graph theory: • Consider an email network with nodes are users and links are email transaction activities • Coefficient: low (do not exchange email frequently), high
4. Gmail anti-spam 4.1 Gmail anti-spam technique o Gmail uses multiple techniques: o SPF (Sender Policy Framework), o DomainKeys o DKIM (DomainKeys Identified Mail)
4. Gmail anti-spam 4.2 Gmail header format o How to read a header? (Demonstration with web browser)
Spam and Anti Spam Techniques

Recommandé

Email spam detection
Email spam detectionEmail spam detection
Email spam detection
PratisthaSingh5
 
Xss attack
Xss attackXss attack
Xss attack
Manjushree Mashal
 
Spam Email identification
Spam Email identificationSpam Email identification
Spam Email identification
Partnered Health
 
vishal_sharma: python email sending software
vishal_sharma: python email sending software vishal_sharma: python email sending software
vishal_sharma: python email sending software
vishal sharma
 
Cryptography for Penetration Testers (PDF version)
Cryptography for Penetration Testers (PDF version)Cryptography for Penetration Testers (PDF version)
Cryptography for Penetration Testers (PDF version)
ceng
 
XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)
XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)
XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)
Beat Signer
 
A Survey: SMS Spam Filtering
A Survey: SMS Spam FilteringA Survey: SMS Spam Filtering
A Survey: SMS Spam Filtering
ijtsrd
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Abdul Wahid
 

Recommandé

Email spam detection
Email spam detectionEmail spam detection
Email spam detection
PratisthaSingh5
 
Xss attack
Xss attackXss attack
Xss attack
Manjushree Mashal
 
Spam Email identification
Spam Email identificationSpam Email identification
Spam Email identification
Partnered Health
 
vishal_sharma: python email sending software
vishal_sharma: python email sending software vishal_sharma: python email sending software
vishal_sharma: python email sending software
vishal sharma
 
Cryptography for Penetration Testers (PDF version)
Cryptography for Penetration Testers (PDF version)Cryptography for Penetration Testers (PDF version)
Cryptography for Penetration Testers (PDF version)
ceng
 
XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)
XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)
XML and XML Applications - Lecture 04 - Web Information Systems (WE-DINF-11912)
Beat Signer
 
A Survey: SMS Spam Filtering
A Survey: SMS Spam FilteringA Survey: SMS Spam Filtering
A Survey: SMS Spam Filtering
ijtsrd
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Abdul Wahid
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
Daniel Miessler
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
Haltdos
 
Lecture 3: Servlets - Session Management
Lecture 3: Servlets - Session ManagementLecture 3: Servlets - Session Management
Lecture 3: Servlets - Session Management
Fahad Golra
 
Web servers – features, installation and configuration
Web servers – features, installation and configurationWeb servers – features, installation and configuration
Web servers – features, installation and configuration
webhostingguy
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
Kannan Subbiah
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
Anoop T
 
Sql injections - with example
Sql injections - with exampleSql injections - with example
Sql injections - with example
Prateek Chauhan
 
Spam and Anti-spam - Sudipta Bhattacharya
Spam and Anti-spam - Sudipta BhattacharyaSpam and Anti-spam - Sudipta Bhattacharya
Spam and Anti-spam - Sudipta Bhattacharya
sankhadeep
 
Common Gateway Interface ppt
Common Gateway Interface pptCommon Gateway Interface ppt
Common Gateway Interface ppt
OECLIB Odisha Electronics Control Library
 
Message authentication
Message authenticationMessage authentication
Message authentication
CAS
 
Sending Email
Sending EmailSending Email
Sending Email
primeteacher32
 
Sql injection
Sql injectionSql injection
Sql injection
Nikunj Dhameliya
 
E Mail & Spam Presentation
E Mail & Spam PresentationE Mail & Spam Presentation
E Mail & Spam Presentation
newsan2001
 
Sms spam-detection
Sms spam-detectionSms spam-detection
Sms spam-detection
Tanvirul Islam
 
Email security
Email securityEmail security
Email security
Baliram Yadav
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Expanding the control over the operating system from the database
Expanding the control over the operating system from the databaseExpanding the control over the operating system from the database
Expanding the control over the operating system from the database
Bernardo Damele A. G.
 
Email security
Email securityEmail security
Email security
Indrajit Sreemany
 
Spamming and Spam Filtering
Spamming and Spam FilteringSpamming and Spam Filtering
Spamming and Spam Filtering
iNazneen
 
Spam Filtering
Spam FilteringSpam Filtering
Spam Filtering
Umar Alharaky
 

Contenu connexe

Tendances

Web servers – features, installation and configuration
Web servers – features, installation and configurationWeb servers – features, installation and configuration
Web servers – features, installation and configuration
webhostingguy
 
Spam and Anti-spam - Sudipta Bhattacharya
Spam and Anti-spam - Sudipta BhattacharyaSpam and Anti-spam - Sudipta Bhattacharya
Spam and Anti-spam - Sudipta Bhattacharya
sankhadeep
 
E Mail & Spam Presentation
E Mail & Spam PresentationE Mail & Spam Presentation
E Mail & Spam Presentation
newsan2001
 

Tendances (20)

Wireshark
WiresharkWireshark
Wireshark
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
 
Lecture 3: Servlets - Session Management
Lecture 3: Servlets - Session ManagementLecture 3: Servlets - Session Management
Lecture 3: Servlets - Session Management
 
Web servers – features, installation and configuration
Web servers – features, installation and configurationWeb servers – features, installation and configuration
Web servers – features, installation and configuration
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
Sql injections - with example
Sql injections - with exampleSql injections - with example
Sql injections - with example
 
Spam and Anti-spam - Sudipta Bhattacharya
Spam and Anti-spam - Sudipta BhattacharyaSpam and Anti-spam - Sudipta Bhattacharya
Spam and Anti-spam - Sudipta Bhattacharya
 
Common Gateway Interface ppt
Common Gateway Interface pptCommon Gateway Interface ppt
Common Gateway Interface ppt
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
Sending Email
Sending EmailSending Email
Sending Email
 
Sql injection
Sql injectionSql injection
Sql injection
 
E Mail & Spam Presentation
E Mail & Spam PresentationE Mail & Spam Presentation
E Mail & Spam Presentation
 
Sms spam-detection
Sms spam-detectionSms spam-detection
Sms spam-detection
 
Email security
Email securityEmail security
Email security
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Expanding the control over the operating system from the database
Expanding the control over the operating system from the databaseExpanding the control over the operating system from the database
Expanding the control over the operating system from the database
 
Email security
Email securityEmail security
Email security
 

En vedette

Spamming Ict
Spamming IctSpamming Ict
Spamming Ict
siewying
 

En vedette (7)

Spamming and Spam Filtering
Spamming and Spam FilteringSpamming and Spam Filtering
Spamming and Spam Filtering
 
Spam Filtering
Spam FilteringSpam Filtering
Spam Filtering
 
Spam
SpamSpam
Spam
 
10 tips to promote your content without spamming people
10 tips to promote your content without spamming people10 tips to promote your content without spamming people
10 tips to promote your content without spamming people
 
E mail image spam filtering techniques
E mail image spam filtering techniquesE mail image spam filtering techniques
E mail image spam filtering techniques
 
Spamming Ict
Spamming IctSpamming Ict
Spamming Ict
 
What is SPAM?
What is SPAM?What is SPAM?
What is SPAM?
 

Similaire à Spam and Anti Spam Techniques

Identification of Spam Emails from Valid Emails by Using Voting
Identification of Spam Emails from Valid Emails by Using VotingIdentification of Spam Emails from Valid Emails by Using Voting
Identification of Spam Emails from Valid Emails by Using Voting
Editor IJCATR
 
Network paperthesis1
Network paperthesis1Network paperthesis1
Network paperthesis1
Dhara Shah
 
NetworkPaperthesis1
NetworkPaperthesis1NetworkPaperthesis1
NetworkPaperthesis1
Dhara Shah
 
A New Method to Stop Spam Emails in Sender Side
A New Method to Stop Spam Emails in Sender SideA New Method to Stop Spam Emails in Sender Side
A New Method to Stop Spam Emails in Sender Side
IDES Editor
 
Identifying Valid Email Spam Emails Using Decision Tree
Identifying Valid Email Spam Emails Using Decision TreeIdentifying Valid Email Spam Emails Using Decision Tree
Identifying Valid Email Spam Emails Using Decision Tree
Editor IJCATR
 
Analysis of an image spam in email based on content analysis
Analysis of an image spam in email based on content analysisAnalysis of an image spam in email based on content analysis
Analysis of an image spam in email based on content analysis
ijnlc
 
Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008
Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008
Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008
ClubHack
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
Detecting Spambot as an Antispam Technique for Web Internet BBS
Detecting Spambot as an Antispam Technique for Web Internet BBSDetecting Spambot as an Antispam Technique for Web Internet BBS
Detecting Spambot as an Antispam Technique for Web Internet BBS
ijsrd.com
 

Similaire à Spam and Anti Spam Techniques (20)

spam.ppt
spam.pptspam.ppt
spam.ppt
 
Identification of Spam Emails from Valid Emails by Using Voting
Identification of Spam Emails from Valid Emails by Using VotingIdentification of Spam Emails from Valid Emails by Using Voting
Identification of Spam Emails from Valid Emails by Using Voting
 
Network paperthesis1
Network paperthesis1Network paperthesis1
Network paperthesis1
 
NetworkPaperthesis1
NetworkPaperthesis1NetworkPaperthesis1
NetworkPaperthesis1
 
What is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email AnatomyWhat is Email Header - Understanding Email Anatomy
What is Email Header - Understanding Email Anatomy
 
A New Method to Stop Spam Emails in Sender Side
A New Method to Stop Spam Emails in Sender SideA New Method to Stop Spam Emails in Sender Side
A New Method to Stop Spam Emails in Sender Side
 
miniproject.ppt.pptx
miniproject.ppt.pptxminiproject.ppt.pptx
miniproject.ppt.pptx
 
Identifying Valid Email Spam Emails Using Decision Tree
Identifying Valid Email Spam Emails Using Decision TreeIdentifying Valid Email Spam Emails Using Decision Tree
Identifying Valid Email Spam Emails Using Decision Tree
 
Analysis of an image spam in email based on content analysis
Analysis of an image spam in email based on content analysisAnalysis of an image spam in email based on content analysis
Analysis of an image spam in email based on content analysis
 
Jt3616901697
Jt3616901697Jt3616901697
Jt3616901697
 
Email
EmailEmail
Email
 
Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008
Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008
Aseem - AntiSpam - Understanding the good, the bad and the ugly - ClubHack2008
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Blockmail Technical White Paper
Blockmail Technical White PaperBlockmail Technical White Paper
Blockmail Technical White Paper
 
B0940509
B0940509B0940509
B0940509
 
402 406
402 406402 406
402 406
 
CoLabora - Exchange Online Protection - June 2015
CoLabora - Exchange Online Protection - June 2015 CoLabora - Exchange Online Protection - June 2015
CoLabora - Exchange Online Protection - June 2015
 
La seguridad sí importa: Windows Live & IE9
La seguridad sí importa: Windows Live & IE9La seguridad sí importa: Windows Live & IE9
La seguridad sí importa: Windows Live & IE9
 
Technical Background Overview Ppt
Technical Background Overview PptTechnical Background Overview Ppt
Technical Background Overview Ppt
 
Detecting Spambot as an Antispam Technique for Web Internet BBS
Detecting Spambot as an Antispam Technique for Web Internet BBSDetecting Spambot as an Antispam Technique for Web Internet BBS
Detecting Spambot as an Antispam Technique for Web Internet BBS
 

Dernier

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Dernier (20)

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 

Spam and Anti Spam Techniques

  • 1. This presentation uses some slides from lecture slides of Associate Prof. Tran Quang Anh from FIT - HANU && Anti-spamAnti-spam Group No 2C12Group No 2C12
  • 2. Contents 1.Background knowledge 2.Spam 3.Anti spam techniques 4.An introduction to Gmail anti-spam 5.Q&A
  • 3. 1. Background knowledge 1.1 Email format: 2 components • Header • Body Separated by a free line.
  • 4. 1. Background knowledge PRIMARY FIELDS SECONDARY FIELDS MIME FIELDS 1. From 2. To 3. Subject 4. Date 5. Message-ID 6. Bcc (Blind Carbon Copy) 7. Cc (Carbon copy) 8. Content-Type 9. Importance 10.In-Reply-To 11.Precedence 12.Received 13.Return-Path 14.Sender 15. X-Originating-IP 16.MIME format 17.Content encoding 18.Content type 19.Content- Disposition
  • 5. 1. Background knowledge 1.2 Email sending steps If server Gmail wants to send an email to manhnv@hanu.edu.vn, it will Step 1: Check MX record (IP) of hanu.edu.vn Step 2: Connect to port 25 in that IP address Step 3: Follow SMTP protocol
  • 6. 2. Email Spam 2.1 What is email spam? UBE (Unsolicited Bulk Email) Same content but lots of mails Purposes: Advertisement, phishing, spreading malware, etc.
  • 7. 2. Email Spam 2.2 Why is email spam? o Technical consideration o Sender is anonymous o Internet (email, ADSL) is prevalent o Economical consideration o Low cost to send an email o Demand of advertisement
  • 8. 2. Email Spam 2.3 Problems caused by email spam: o Denied of service (full mail box, wrong delete)
  • 9. 2. Email Spam 2.3 Problems caused by email spam: oVirus
  • 10. 2. Email Spam 2.3 Problems caused by email spam: oPhishing
  • 12. 3. Anti - spam 3.2 Anti-spam techniques  Content-based method  Header-based method  Protocol-based method  Sender authentication  Social network
  • 13. 3. Anti - spam Content-based method o Analyze the frequency of top keywords in email (SpamAssassin) o Effective algorithm: Bayesian filtering algorithm o Example: giá, c h i, siêu, mi n phí (Vietnamese keywords), free, like,ơ ộ ễ subscribe, Facebook, hot deal, sale off (English keywords)
  • 14. 3. Anti - spam  Header-based method o Examines the headers of email messages to detect spam o Approaches: o Whitelist: email addresses of legitimate email in a database o Blacklist schemes collect the IP addresses of all known spammer
  • 15. 3. Anti - spam Source: http://www.mcafee.com/threat-intelligence/ip/spam-senders.aspx
  • 16. 3. Anti – spam  Protocol-based method
  • 17. 3. Anti - spam  Sender authentication o Spammer can fake identity (they can claim who they are). o Sender authentication treat this way. o How does SA work? 1. SA adds a “marker” to the DNS server, which inform the designated email servers for a specific domain. 2. A server verify if a received email message actually came from on these email servers. o Example: Sender Policy Framework (AOL, HANU), SenderID (Microsoft), DomainKeys (Yahoo)
  • 18. 3. Anti-spam  Social network o PageRank (Google) o Graph theory: • Consider an email network with nodes are users and links are email transaction activities • Coefficient: low (do not exchange email frequently), high
  • 19. 4. Gmail anti-spam 4.1 Gmail anti-spam technique o Gmail uses multiple techniques: o SPF (Sender Policy Framework), o DomainKeys o DKIM (DomainKeys Identified Mail)
  • 20. 4. Gmail anti-spam 4.2 Gmail header format o How to read a header? (Demonstration with web browser)