DOCSLIB.ORG

Emai1 Security Annua1 Review & Threat Report 2005

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Emai1 Security Annua1 Review & Threat Report 2005 bã~áä=pÉÅìêáíó ^ååì~ä=oÉîáÉï=C qÜêÉ~í=oÉéçêí= OMMR REPORT PUBLISHED BY POSTINI, INC. JANUARY 2005 PREEMPTIVE EMAIL PROTECTION As the leading provider of secure email boundary services, Postini is in a unique position to describe email security activity and trends because of the scale of our global email processing. Currently processing more than 3 billion email messages per week for 6.6 million email users worldwide, Postini sits between the email gateway and the Internet, preventing spam, viruses, phishing and other email attacks from impacting our customers email systems and networks. More than 4,000 customers now route their emails through Postini's redundant bã~áä data centers to remove unwanted emails and threats, and instantly deliver legitimate emails to recipients. Because all customer email flows through Postini's ^Çãáåáëíê~íçêë= processing centers, Postini is able to directly monitor and collect statistics in real time. The hundreds of millions of emails passing through Postini's managed service on a daily basis constitute approximately 1% of the world's business C pÉÅìêáíó email traffic, and therefore provide a unique opportunity to accurately view worldwide email activity and trends. The data provided in this report, unless mêçÑÉëëáçå~äëW specifically stated otherwise, is based upon direct measurements of mail flowing through Postini's systems, and is not the result of extrapolation, estimation, or subjective analysis. The Postini Email Security Annual Review & Threat Report provides a summary of how spam and other email threats have evolved over the course of the past year; changes in the regulatory climate that impact email communications; how organizations have responded to changes in email threats and regulations; and what to expect in email security trends in 2005. The Email Security Annual Review & Threat Report offers email and security professionals a concise and convenient resource to: z Gain a brief, yet comprehensive overview of 2004 in terms of changes in email threats and the regulatory environment. z Review the latest tactics and trends in spam, virus and email attacks, and get an overview of how organizations are responding to these threats. z Get a sneak preview from analysts and experts into emerging issues and concerns that may help inform email security strategies and/or implementations in 2005. Please note that the opinions expressed in this report are those of Postini unless indicated in references or direct attribution. To monitor email security statistics and trends from Postini throughout the coming year, visit our website at www.postini.com. Current email threat activity statistics are updated daily on our website. Postini Redwood City, California January 2005 2 1. EXECUTIVE SUMMARY PAGE 4 2. 2004: THE YEAR IN REVIEW PAGE 6 3. 2004 EMAIL THREAT STATISTICAL HIGHLIGHTS PAGE 9 Spam Viruses q~ÄäÉ=çÑ Directory Harvest Attacks `çåíÉåíë Phishing 4. 2004 MILESTONES IN EMAIL SECURITY & PAGE 19 REGULATORY ENVIRONMENT 5. BEST PRACTICE RESPONSE TO PAGE 22 EMAIL SECURITY THREATS & REGULATIONS Intrusion Prevention Encryption Policy Compliance & Enforcement Archiving Authentication Administrator/User Flexibility Reporting & Security Management Email Disaster Recovery 6. EXPECTATIONS FOR EMAIL SECURITY IN 2005 PAGE 27 7. APPENDICES PAGE 29 Appendix A - References Appendix B - Postini Real-time IP Analysis Appendix C - About Postini 3 Even as attention to spam and its harmful impact on worker productivity reached a high point in 2004, threats to email systems grew worse as the incidence of spam, virus attacks, and directory harvest attacks have all increased in frequency and/or severity over the course of the year. Email Threat Highlights from 2004: z Despite new laws and regulations, the proportion of spam compared to total email remained consistently high—between 75% and 80% throughout 2004. z Smaller companies such as those with 100 users or less received up to 10 times more bã~áä=pÉÅìêáíó=OMMQ spam per user than large companies (10,000 users or more). bñÉÅìíáîÉ=pìãã~êó z Different types of organizations received different amounts of spam. The publishing industry, for example, leads with more spam per user than any other industry. z The average company experienced 150 directory harvest attacks (DHAs) per day in 2004, with each attack averaging 234 invalid address lookups. These figures make DHAs the least visible and most underreported threat of 2004. z Virus infected emails were more widespread, encompassing 1.5% (about 1 in 67) of all emails in 2004. This is significanly higher than in 2003 when .5% (1 in 200) of emails were infected. z Email viruses significantly increased the propagation of spam through highjacked computers (known as zombies) that unknowingly serve as conduits for spreading spam. z As email threats continue to escalate and become more sophisticated, small businesses with limited IT resources that often rely on first-generation or open source anti-spam solutions were vulnerable. 4 Regulatory Highlights Email Security Expectations for 2005: from 2004: z Email threats will continue to evolve at a faster pace as spammers z The CAN-SPAM Act went in to effect on become more sophisticated and counter measures designed to January 1, 2004 in the U.S. and did not combat these threats will become available much more quickly. demonstrate any significant impact in z Companies will move from first generation single function "point" decreasing spam during 2004. email security products/services to next-generation solutions that z Microsoft, America Online, Earthlink, and offer broader scope of protection from a single vendor/source. Yahoo! filed the first major industry lawsuits z Email security will see an increased focus on sender IP address under the CAN-SPAM Act in March 2004. and "reputation" or behavior analysis of email messages in addition The lawsuits named hundreds of to content filtering as a critical component of "multi-layer" email defendants, with more than 90 percent of intrusion prevention. them identified only as "John Doe." z Increased consolidation among email security software and "point z On the first anniversary of Britain's Privacy product" vendors will continue as appliance and managed service and Electronic Communications regulations email security solutions grow in popularity and expand their share (December 2003) aimed at stopping of the market. unsolicited email, not a single offender has been prosecuted. z Email authentication efforts will continue despite setbacks, but will have only minimal effect on solving the spam problem. z As email threats continue to escalate and become more sophisticated, small businesses that often rely on first-generation or open source anti-spam solutions will remain particularly vulnerable to spam, viruses and email attacks. 5 Spam Levels Consistently High Throughout 2004, Postini observed that 75 to 80 percent of all emails were spam, with the statistics showing consistently high levels throughout the year. Richi Jennings of Ferris Research (www.ferris.com) argues that the economic incentive for sending spam versus the risks continues to favor spammers. Ferris Research reports the type of spam generated in 2004 according to the following categories: Other 10% Discounted software, Pornography drugs, herbal 15% alternatives bã~áä=pÉÅìêáíóW 35% Fraud & scams Financial OMMQ=áå=oÉîáÉï 20% Services 20% Spammers Get More Sophisticated, Shift Tactics By mid-2004, spammers were observed using new tactics designed to fool conventional anti- spam content filters. The logic behind these new spamming techniques was simple: take away or reduce the content of a message to confuse filtering methods just enough to allow a message to get through. Because anti-spam filters on enterprise servers must handle messages for hundreds or even thousands of users, it is difficult for the IT department to increase the sensitivity of filters to catch these techniques. Increasing content filter sensitivity too much increases the risk of false positives. 6 During 2004, spammers and hackers also shifted techniques to launch more of what are known as directory harvest attacks (DHAs). DHAs are designed to steal valid email addresses from corporate email directories so they can send more spam or sell the harvested addresses to other spammers. DHAs cannot be stopped by conventional content filtering since there is no message content, nor can new spam techniques that reduce or eliminate content in a message be reliably blocked with content filtering. DHAs and minimal content spam must be detected at the SMTP connection point in real time, in order to prevent these threats from reaching the enterprise email gateway. Battle Against Email Threats Moves To The Front Lines Of IP And Behavior Analysis Because spammer techniques have shifted to minimizing or removing content from spam messages, conventional content filtering alone proved insufficient in stopping spam and email attacks in 2004. This has put increased focus on multiple layer protection from email security providers such as Postini, specifically, with its patent- pending IP analysis and threat detection. Postini estimates that it currently blocks 35 to 50 percent of email messages at the SMTP connection point, prior to examining the message content, based on the actual behavior patterns of the sending computer over the previous seconds, minutes, or hours. Anti-Spam Legislation Largely Ineffective So Far The CAN-SPAM law in the United States, and anti-spam regulations based on the Privacy and Electronic Communication directive from the European Union, have thus far failed to stem the growing tide of spam throughout the world. Despite fines and jail time penalties under the CAN-SPAM law, prosecutions have been limited to only a few high profile cases. While the United Kingdom was among the first European countries to introduce its own version of the Privacy and Electronic Communication Directive (nearly half the EU member states had failed to implement any laws by the end of 2004), the UK law protects only personal email addresses, and the government agency in charge of enforcing the law lacks the funds and clout to pursue prosecutions.
Load more

Recommended publications
  • Secure Email Gateway - Market Quadrant 2016 ∗
    . The Radicati Group, Inc. Palo Alto, CA 94301 . Phone: (650) 322-8059 . www.radicati.com . THE RADICATI GROUP, INC. Secure Email Gateway - Market Quadrant 2016 ∗ ......... An Analysis of the Market for Secure Email Gateway Solutions, Revealing Top Players, Trail Blazers, Specialists and Mature Players. November 2016 SM ∗ Radicati Market Quadrant is copyrighted November 2016 by The Radicati Group, Inc. Reproduction in whole or in part is prohibited without expressed written permission of the Radicati Group. Vendors and products depicted in Radicati Market QuadrantsSM should not be considered an endorsement, but rather a measure of The Radicati Group’s opinion, based on product reviews, primary research studies, vendor interviews, historical data, and other metrics. The Radicati Group intends its Market Quadrants to be one of many information sources that readers use to form opinions and make decisions. Radicati Market QuadrantsSM are time sensitive, designed to depict the landscape of a particular market at a given point in time. The Radicati Group disclaims all warranties as to the accuracy or completeness of such information. The Radicati Group shall have no liability for errors, omissions, or inadequacies in the information contained herein or for interpretations thereof. Secure Email Gateway - Market Quadrant 2016 TABLE OF CONTENTS RADICATI MARKET QUADRANTS EXPLAINED .................................................................................. 2 MARKET SEGMENTATION – SECURE EMAIL GATEWAYS .................................................................
    [Show full text]
  • Account Administrator's Guide
    ePrism Email Security Account Administrator’s Guide - V10.4 4225 Executive Sq, Ste 1600 Give us a call: Send us an email: For more info, visit us at: La Jolla, CA 92037-1487 1-800-782-3762 [email protected] www.edgewave.com © 2001—2016 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The Email Security software and its documentation are copyrighted materials. Law prohibits making unauthorized copies. No part of this software or documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into another language without prior permission of EdgeWave. 10.4 Contents Chapter 1 Overview 1 Overview of Services 1 Email Filtering (EMF) 2 Archive 3 Continuity 3 Encryption 4 Data Loss Protection (DLP) 4 Personal Health Information 4 Personal Financial Information 5 Document Conventions 6 Other Conventions 6 Supported Browsers 7 Reporting Spam to EdgeWave 7 Contacting Us 7 Additional Resources 7 Chapter 2 Portal Overview 8 Navigation Tree 9 Work Area 10 Navigation Icons 10 Getting Started 11 Logging into the portal for the first time 11 Logging into the portal after registration 12 Changing Your Personal Information 12 Configuring Accounts 12 Chapter 3 EdgeWave Administrator
    [Show full text]
  • Index Images Download 2006 News Crack Serial Warez Full 12 Contact
    index images download 2006 news crack serial warez full 12 contact about search spacer privacy 11 logo blog new 10 cgi-bin faq rss home img default 2005 products sitemap archives 1 09 links 01 08 06 2 07 login articles support 05 keygen article 04 03 help events archive 02 register en forum software downloads 3 security 13 category 4 content 14 main 15 press media templates services icons resources info profile 16 2004 18 docs contactus files features html 20 21 5 22 page 6 misc 19 partners 24 terms 2007 23 17 i 27 top 26 9 legal 30 banners xml 29 28 7 tools projects 25 0 user feed themes linux forums jobs business 8 video email books banner reviews view graphics research feedback pdf print ads modules 2003 company blank pub games copyright common site comments people aboutus product sports logos buttons english story image uploads 31 subscribe blogs atom gallery newsletter stats careers music pages publications technology calendar stories photos papers community data history arrow submit www s web library wiki header education go internet b in advertise spam a nav mail users Images members topics disclaimer store clear feeds c awards 2002 Default general pics dir signup solutions map News public doc de weblog index2 shop contacts fr homepage travel button pixel list viewtopic documents overview tips adclick contact_us movies wp-content catalog us p staff hardware wireless global screenshots apps online version directory mobile other advertising tech welcome admin t policy faqs link 2001 training releases space member static join health
    [Show full text]
  • Spam: History, Perceptions, Solutions
    Spam: History, Perceptions, Solutions Report written by Geneviève Reed and submitted to Industry Canada, Office of Consumer Affairs 2004 Spam: History, Perceptions and Solutions OPTION CONSOMMATEURS MISSION Option consommateurs is a nonprofit association whose mission is to defend and promote consumers’ rights by assisting them both individually and collectively, by providing them with information, and by advocating on their behalf to decision-makers. HISTORY The association has existed since 1983. In 1999, it merged with the Association des consommateurs du Québec (ACQ), an organization with a 50-year history and a mission similar to that of Option consommateurs. PRINCIPAL ACTIVITIES Option consommateurs’s staff of 20 are grouped into four departments: the Budgeting Department, the Legal Affairs Department, the Media Relations Department, and the Research and Representation Department. Over the years, Option consommateurs has developed expertise in the areas of financial services, health, agri-food, energy, travel, access to justice, trade practices, indebtedness, and protection of privacy. Each year, we reach 7,000–10,000 consumers directly and many more through our extensive media coverage. We participate in working groups and sit on boards of directors, carry out large-scale projects with important partners, and produce research reports, policy papers, buyer’s guides, and a consumer information and action magazine called Consommation. MEMBERSHIP Option consommateurs pursues a variety of activities aimed at making change, including research, class-action lawsuits, and lobbying of public- and private-sector bodies. You can help us do more for you by becoming a member of Option consommateurs at www.option-consommateurs.org. Report by Option consommateurs, 2004 ii Spam: History, Perceptions and Solutions ACKNOWLEDGMENTS This research report was written by Geneviève Reed, Director of Research and Representation, Option consommateurs, with the support of Annie Hudon, attorney, for the legislative analysis section.
    [Show full text]
  • How Hosted Email Security – Inbound Filtering Adds Value to Your Existing Environment
    How Trend MicroTM Hosted Email Security – Inbound Filtering Adds Value to Your Existing Environment Trend Micro Hosted Email Security Stop Spam. Save Time. How Hosted Email Security – Inbound Filtering Adds Value to Your Existing Environment A Trend Micro White Paper l March 2010 1 How Trend MicroTM Hosted Email Security – Inbound Filtering Adds Value to Your Existing Environment Table of Contents Introduction ............................................................................................................................3 Solution Overview ..................................................................................................................3 Industry-Leading Quality of Service—or Money Back..........................................................4 How Inbound Filtering Works ................................................................................................4 What is reputation-based filtering? ..................................................................................................................4 What is content-based filtering? ......................................................................................................................5 Best Practice Defaults for Hosted Email Security – Inbound Filtering.................................5 Rule Type 1: Antivirus ......................................................................................................................................6 Rule Type 2: Exceeding Message Size or Allowed Number of Recipients ...................................................6
    [Show full text]
  • Studienbriefe-Spam.Pdf
    Spam [Spam] Autoren: Dr. Christopher Wolf Sebastian Uellenbeck Ruhr-Universität Bochum Modul Spam [Spam] Studienbrief 1: Grundlagen Studienbrief 2: Spam-Techniken Studienbrief 3: Anti-Spam-Techniken Autoren: Dr. Christopher Wolf Sebastian Uellenbeck 1. Auflage Ruhr-Universität Bochum © 2017 Ruhr-Universität Bochum Universitätsstraße 150 44801 Bochum 1. Auflage (30. Mai 2017) Didaktische und redaktionelle Bearbeitung: Bärbel Wolf-Gellatly Das Werk einschließlich seiner Teile ist urheberrechtlich geschützt. Jede Ver- wendung außerhalb der engen Grenzen des Urheberrechtsgesetzes ist ohne Zustimmung der Verfasser unzulässig und strafbar. Das gilt insbesondere für Vervielfältigungen, Übersetzungen, Mikroverfilmungen und die Einspei- cherung und Verarbeitung in elektronischen Systemen. Um die Lesbarkeit zu vereinfachen, wird auf die zusätzliche Formulierung der weiblichen Form bei Personenbezeichnungen verzichtet. Wir weisen des- halb darauf hin, dass die Verwendung der männlichen Form explizit als geschlechtsunabhängig verstanden werden soll. Das diesem Bericht zugrundeliegende Vorhaben wurde mit Mitteln des Bun- desministeriums für Bildung, und Forschung unter dem Förderkennzeichen 16OH12026 gefördert. Die Verantwortung für den Inhalt dieser Veröffentli- chung liegt beim Autor. Inhaltsverzeichnis Seite3 Inhaltsverzeichnis Einleitung zu den Studienbriefen5 I. Abkürzungen der Randsymbole und Farbkodierungen......... 5 II. Zu den Autoren.............................. 6 III. Modullehrziele.............................. 7 Studienbrief 1 Grundlagen9
    [Show full text]
  • Anti-Spam Methods – State-Of-The-Art
    Anti-Spam Methods – State-of-the-Art W. Gansterer, M. Ilger, P. Lechner, R. Neumayer, J. Strauß Institute of Distributed and Multimedia Systems Faculty of Computer Science University of Vienna, Austria March 2005 This report summarizes the results of Phase 1 of the project FA 384018 “Spamabwehr” of the Institute of Distributed and Multimedia Systems at the University of Vienna, funded by Mobilkom Austria, UPC Telekabel and Internet Service Providers Austria (ISPA). We would like to thank Mobilkom Austria, UPC Telekabel and Internet Service Providers Austria (ISPA) for their support which made this research project possible. We also would like to express our gratitude to all those commercial vendors of antispam tools who provided us with their products for experimental investigations as well as to the volunteers who provided us private e-mail messages for testing purposes. Copyright: © 2005 by University of Vienna. All rights reserved. No part of this publication may be reproduced or distributed in any form or by any means without the prior permission of the authors. The Institute of Distributed and Multimedia Systems at the University of Vienna does not guarantee the accuracy, adequacy or completeness of any information and is not responsible for any errors or omissions or the result obtained from the use of such information. Note: Experimental data not to be used for ranking purposes Since the objective of this report was the analysis of existing methodology and not a comprehensive and detailed evaluation or comparison of available anti-spam products/tools, the results of our experiments must not be interpreted as a “ranking”.
    [Show full text]
  • Spam Project, Forum Day 1, Transcipt of Testimony, 04-30-03, Matter No
    1 OFFICIAL TRANSCRIPT PROCEEDING FEDERAL TRADE COMMISSION MATTER NO. P024407 TITLE SPAM PROJECT PLACE FEDERAL TRADE COMMISSION 600 PENNSYLVANIA AVENUE, N.W. WASHINGTON, D.C. 20580 DATE APRIL 30, 2003 PAGES 1 THROUGH 309 FTC SPAM FORUM -- DAY ONE SECOND VERSION FOR THE RECORD, INC. 603 POST OFFICE ROAD, SUITE 309 WALDORF, MARYLAND 20602 (301)870-8025 1 FEDERAL TRADE COMMISSION 2 I N D E X For The Record, Inc. Waldorf, Maryland (301)870-8025 2 1 2 Introduction to Spam Page 2 3 E-mail Address Gathering Page 78 4 Falsity in Sending of Spam Page 173 5 Open Relays/Open Proxies/FromMail Scripts Page 226 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 P R O C E E D I N G S 25 - - - - - For The Record, Inc. Waldorf, Maryland (301)870-8025 3 1 MS. HARRINGTON: Good morning. I'm Eileen 2 Harrington, and I'm very happy to welcome all of you to 3 this Spam forum. Before I turn this over to the 4 Chairman, we have some housekeeping announcements. 5 First of all, how many have one of these? Turn 6 them off right now. We have a special honing device in 7 this room that will capture your wireless address and 8 Spam it incessantly -- 9 (Group laughter.) 10 MS. HARRINGTON: -- if you don't turn it off 11 right now -- right now -- right now -- right now -- right 12 now -- turn it off. 13 Secondly, we've got some refreshments in the 14 hall for breaks, and they were very generously provided 15 by AOL, AT&T Wireless, Brightmail, Earthlink, EPrivacy 16 Group, SpamCon Foundation, Word to the Wise and YAHOO, 17 and we appreciate that a lot.
    [Show full text]
  • Draft Transcript Day1.Pdf (461.92
    1 1 FEDERAL TRADE COMMISSION 2 I N D E X 3 4 PAGE: 5 6 Introduction by Ms. Chriss 3 7 8 Remarks of Chairman Majoras 4 9 10 Defining the Problem 14 11 12 Evolving Methods for Sending Spam 13 and Malware 79 14 15 Uncovering the Malware Economy 150 16 17 Emerging Threats 211 18 19 20 21 22 23 24 25 For The Record, Inc. (301) 870-8025 - www.ftrinc.net - (800) 921-5555 2 1 2 3 4 5 6 FTC SPAM SUMMIT: 7 8 THE NEXT GENERATION OF THREATS AND SOLUTIONS 9 10 11 12 FEDERAL TRADE COMMISSION 13 601 NEW JERSEY AVENUE, N.W. 14 WASHINGTON, D.C. 15 16 17 18 DAY 1 19 WEDNESDAY, JULY 11, 2007 20 21 22 23 24 25 For The Record, Inc. (301) 870-8025 - www.ftrinc.net - (800) 921-5555 3 1 P R O C E E D I N G S 2 - - - - - 3 WELCOME 4 MS. CHRISS: Good morning, everyone. Hi there. 5 Please take your seats, we are about to begin. This is 6 it. Spam Summit, the Next Generation of Threats and 7 Solutions. I am so pleased and delighted to see all of 8 you here. This is wonderful. I see that we are going 9 to have some very good debate, just by the faces in the 10 audience. I recognize a lot of you from our past 11 events. So, thank you for being here. 12 Before we get started, I do have a few 13 housekeeping announcements.
    [Show full text]
  • Download Chapter
    TThhee DDeeffiinniittiivvee GGuuiiddeett m mTToo Email Management and Security Kevin Beaver Chapter 3 Chapter 3: Understanding and Preventing Spam...........................................................................44 What’s the Big Deal about Spam?.................................................................................................45 Scary Spam Statistics.........................................................................................................46 Example Estimated Cost of Spam......................................................................................46 Additional Spam Costs ......................................................................................................47 Unintended Side Effects ....................................................................................................47 Security Implications of Spam...........................................................................................48 What’s in it for Spammers? ...........................................................................................................48 Spam Laws.....................................................................................................................................49 State Anti-Spam Laws .......................................................................................................50 Tricks Spammers Use ....................................................................................................................51 Identifying Spam................................................................................................................52
    [Show full text]
  • Trustwave SEG User Guide
    USER GUIDE Trustwave Secure Email Gateway Formerly MailMarshal April 2020 Trustwave Secure Email Gateway User Guide - April 1, 2020 Legal Notice Copyright © 2020 Trustwave Holdings, Inc. All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice. While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages. The most current version of this document may be obtained from: www.trustwave.com/support/ Trademarks Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.
    [Show full text]
  • CLASSIFICATION of IMAGE SPAM a Thesis Presented to the Graduate
    CLASSIFICATION OF IMAGE SPAM A Thesis Presented to The Graduate Faculty of The University of Akron In Partial Fulfillment of the Requirements for the Degree Master of Computer Science Shruti Wakade August, 2011 CLASSIFICATION OF IMAGE SPAM Shruti Wakade Thesis Approved: Accepted: _______________________________ _______________________________ Advisor Department Chair Dr. Kathy J. Liszka Dr. Chien-Chung Chan _______________________________ _______________________________ Committee Member Dean of the College Dr. Zhong-Hui Duan Dr. Chand Midha _______________________________ ______________________________ Committee Member Dean of the Graduate School Dr. Chein–Chung Chan Dr. George R. Newkome ________________________________ Date ii ABSTRACT Image spam is one of the most prevalent forms of spam ever since its inception. Spammers have refined their spamming techniques to use smaller, more colorful and photo quality images as spam. In spite of numerous efforts to build efficient spam filters against e-mail spam by researchers and free-mailing services like yahoo mail, Gmail etc spam filters still fail to arrest image spam. This research is an attempt to understand the techniques used in spamming and identifying a set of features that can help in classification of image spam from photographs. A set of eight features were identified based on observations and existing research in this area. Among the eight features, six features have been introduced by us and two other features have been included from previous research. Data mining techniques were then applied to classify image spam from photographs. Identifying a set of efficient yet computationally inexpensive features was the objective that guided this research work. We achieved classification accuracy of 89% for the test samples.
    [Show full text]