“Your software would classify the message when it could, but when it couldn’t, it would query your ‘network of trust,’ in effect asking ‘do you know if this message is spam or not?’” Boykin said.
Boykin and Vwani Roychowdhury, an electrical engineering professor at UCLA, have co-authored two articles related to the proposal in recent months. The first appeared in April in the journal Computer, published by the Institute of Electrical and Electronics Engineers. The second, also co-authored by UCLA doctoral student Joseph Kong and available now at
http://www.arxiv.org, is slated for presentation at the Second Conference on Email and Anti-Spam at Stanford University this summer.
Spam constitutes more than two-thirds of all e-mail, accounting for billions of messages daily. An increasingly annoying and expensive time-waster, spam has also become more threatening in recent years with the advent of “phishing” -- when criminals use false e-mail to dupe people into revealing personal financial data. Such crimes accounted for $2.4 billion in fraud affecting nearly 2 million people in 2003-04, according to a 2004 survey by the research firm Gartner Inc.
Boykin said he got the idea for the social approach from an insight that his e-mail records contain consistent patterns that can distinguish friends and colleagues from spammers. For example, unlike spammers, normal users usually e-mail one or maybe several people, not hundreds or thousands, and they typically receive e-mails in reply. “There is a very striking difference in the parts of the e-mail network that were associated with spam versus those that were just normal communication,” he said.
He and Roychowdhury realized that software could be developed that takes a page from peer-to-peer networks to exploit these already established networks of friends and acquaintances. Unlike client-server models, in which a central computer serves a community of users, peer-to-peer networks link users directly with one another. Instead of sharing music -- perhaps the most well-known peer-to-peer activity -- the proposed software would silently share information with its “friends” on the network.
“Rather than searching for music, your software would send queries across the network in search of other trusted computers that have already identified a message as spam,” he said.
He and Roychowdhury created mathematical models and a computer simulation of the system. They found that the more users the system included, the more spam e-mail it could detect. Boykin said that points to the system’s main challenge: To be effective, it would have to be widely used, which would require extensive marketing and high public confidence. Developing the software to make the system a reality, on the other hand, is not a difficult challenge, Boykin said.
Bill Yerazunis, a senior research scientist at Mitsubishi Electronics Research Laboratories in Cambridge, Mass., and an expert on spam, said the UF/UCLA research is “well-founded” and that there is a “good chance” the system would work well.
He said a potential shortcoming is that sharing information about incoming e-mail might present a security problem.
“You have to trust your circle of friends’ computers to see your incoming mail stream but not compromise the possibly highly personal e-mail you get,” he said.
Source: UF
Related stories:
Internet law made simple
(PhysOrg.com) -- Internet law is a new frontier where SMEs fear to tread. Now European researchers have created a new internet law wiki designed to encourage more SMEs to go online. The internet has enabled a brave, new world of online commerce, pushing new ventures and large corporations to launch confidently into cyberspace.
Hackers hacked at infamous DefCon gathering
In the end, it was hackers at DefCon that got hacked. After three days of software cracking duels and hacking seminars, self-described computer ninjas at the infamous gathering in Las Vegas found out Sunday that their online activities were hijacked without them catching on.
Researchers fight phishing attacks with phishing tactics
Early findings by Carnegie Mellon University researchers suggest that people who are suckered by a spoof email into visiting a counterfeit Web site are also people who are ready to learn their lesson about “phishing” attacks.
94 percent of spam-advertised online scams are hosted on individual Web servers
Computer scientists from UC San Diego have found striking differences between the infrastructure used to distribute spam and the infrastructure used to host the online scams advertised in these unwanted email messages. This discovery should aid in the fight to reduce spam volume and shut down illegal online businesses and malware sites.
Microsoft-Yahoo: Which Products Would Win
While the chance of a Microsoft-Yahoo merger or acquisition is a remote one, it's still a possibility. In analysis compiled from several PC Magazine staff members and analysts, here's what a merger might mean to the products and technologies directly shared by each company. In each case, we've outlined the strengths and weaknesses of each, and attempted to predict what technologies would survive the backroom planning sessions, and what would be discarded. This story was written by Mark Hachman.
Latest weapons in spam battle are images
Like all wars, the campaign against junk e-mail -- spam -- is marked along the way with victories and casualties. It's an "ever-escalating battle," the senior director of marketing at anti-spam company Commtouch, Rebecca Herson, told United Press International in a telephone interview.
New weapons needed for the war on junk email
Today's spam filters are highly effective, but they may be no match for spammers seeking new ways to fool people into visiting commercial websites or downloading rogue software carrying viruses, worms, spyware, or other dangerous applications, says John Aycock, an assistant professor of computer science at the University of Calgary.
Asia, U.S. high on spam-relaying report
Asia has the worst record for helping to relay spam, according to a new report from a computer threat solution management firm. Abingdon, U.K.-based company Sophos released a report Thursday that looks at "spam relaying" in the first quarter of 2006.