- Security '12 Home
- Registration Information
- Registration Discounts
- Organizers
- At a Glance
- Calendar
- Technical Sessions
- Workshops
- Hotel & Travel Information
- Poster Session
- Rump Session
- Birds-of-a-Feather Sessions
- Sponsors
- Activities
- Students
- Questions?
- For Participants
- Help Promote
- Call for Papers
- Past Proceedings
sponsors
usenix conference policies
B@bel: Leveraging Email Delivery for Spam Mitigation
Gianluca Stringhini and Manuel Egele, University of California, Santa Barbara; Apostolis Zarras and Thorsten Holz, Ruhr-University Bochum; Christopher Kruegel and Giovanni Vigna, University of California, Santa Barbara
Traditional spam detection systems either rely on content analysis to detect spam emails, or attempt to detect spammers before they send a message, (i.e., they rely on the origin of the message). In this paper, we introduce a third approach: we present a system for filtering spam that takes into account how messages are sent by spammers. More precisely, we focus on the email delivery mechanism, and analyze the communication at the SMTP protocol level.
We introduce two complementary techniques as concrete instances of our new approach. First, we leverage the insight that different mail clients (and bots) implement the SMTP protocol in slightly different ways. We automatically learn these SMTP dialects and use them to detect bots during an SMTP transaction. Empirical results demonstrate that this technique is successful in identifying (and rejecting) bots that attempt to send emails. Second, we observe that spammers also take into account server feedback (for example to detect and remove non-existent recipients from email address lists). We can take advantage of this observation by returning fake information, thereby poisoning the server feedback on which the spammers rely. The results of our experiments show that by sending misleading information to a spammer, it is possible to prevent recipients from receiving subsequent spam emails from that same spammer.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Gianluca Stringhini and Manuel Egele and Apostolis Zarras and Thorsten Holz and Christopher Kruegel and Giovanni Vigna},
title = {{B@bel}: Leveraging Email Delivery for Spam Mitigation},
booktitle = {21st USENIX Security Symposium (USENIX Security 12)},
year = {2012},
isbn = {978-931971-95-9},
address = {Bellevue, WA},
pages = {16--32},
url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/stringhini},
publisher = {USENIX Association},
month = aug
}
connect with us