Fighting Internet Spam in Brazil Historical Overview and Reflections on Combating Spam and Managing Port 25, Coordinated by the Brazilian Internet Steering Committee

Total Page:16

File Type:pdf, Size:1020Kb

Fighting Internet Spam in Brazil Historical Overview and Reflections on Combating Spam and Managing Port 25, Coordinated by the Brazilian Internet Steering Committee 1 CGI.br BOOK SERIES Studies Fighting Internet spam in Brazil Historical overview and reflections on combating spam and managing port 25, coordinated by the Brazilian Internet Steering Committee Edited by Cristine Hoepers Henrique Faulhaber Klaus Steding-Jessen This work is licensed under a Creative Commons Attribution 4.0 International License. <http://creativecommons.org/licenses/by/4.0 Brazilian Network Information Center (NIC.br) Edited by Cristine Hoepers Henrique Faulhaber Klaus Steding-Jessen Report and interviews performed by Carlos Affonso Pereira de Souza Marilia de Aguiar Monteiro 1 CGI.BR BOOK SERIES Studies Fighting Internet spam in Brazil Historical overview and reflections on combating spam and managing port 25, coordinated by the Brazilian Internet Steering Committee Brazilian Internet Steering Committee (CGI.br) 2017 Brazilian Network Information Center (NIC.br) Chief Executive Officer Demi Getschko Chief Advisory Officer Hartmut Richard Glaser Chief Financial Officer Ricardo Narchi Chief Technology Officer Frederico Neves Director of Special Projects and Development Milton Kaoru Kashiwakura Advisory Team to the CGI.br Activities Administrative Advisors Paula Liebert, Salete Matias Technical Advisors Carlos Francisco Cecconi, Diego Rafael Canabarro, Jamila Venturini, Jean Carlos Ferreira dos Santos, Juliano Cappi, Marcelo Oliveira, Nathalia Sautchuk Patrício, Vinicius Wagner Oliveira Santos Concept & Production Coordinators Cristine Hoepers Henrique Faulhaber Klaus Steding-Jessen Report and interviews Carlos Affonso Pereira de Souza Marília de Aguiar Monteiro Executive and Editorial Coordination Carlos Francisco Cecconi and Juliano Cappi Editorial Production Caroline D’Avo and Everton Rodrigues (Comunicação NIC.br) Editorial support for this edition Jamila Venturini Jean Carlos Ferreira dos Santos Juliana Nolasco Translation to English Linnguagem Idiomas English revision Juliana Nolasco Desktop publishing and illustrations Papel Moderníssimo e Pilar Velloso Pictures Omar Paixão, Gettyimages e Istockphoto This publication is available in digital format at the URL <http://www.cgi.br> Dados Internacionais de Catalogação na Publicação (CIP) (Câmara Brasileira do Livro, SP, Brasil) Fighting Internet spam in Brazil - Historical overview and reflections on combating spam and managing port 25, coordinated by the Brazilian Internet Steering Committee / Núcleo de Informação e Coordenação do Ponto BR; [tradução Linguagem Idiomas]. –– São Paulo : Comitê Gestor da Internet no Brasil, 2017. -- (Cadernos CGI.br estudos) Título original: Combate ao spam na Internet no Brasil : histórico e reflexões sobre o combate ao spam e a gerência da porta 25 coordenados pelo Comitê Gestor da Internet no Brasil Vários colaboradores. Bibliografia. ISBN: 978-85-5559-036-8 1. Internet – Medidas de segurança 2. Políticas públicas – Brasil 3. Redes de computadores – Medidas de segurança 4. Spam (Mensagem eletrônica) – Combate I. Núcleo de Informação e Coordenação do Ponto BR. II. Série. 17-00738 CDD-005.8 Índices para catálogo sistemático: 1. Segurança de redes de computadores : Combate ao spam : políticas de Internet : Brasil 005.8 Brazilian Internet Steering Committee (CGI.br) Composition as per december 2016 Committee members Representatives from the Federal Government Carlos Roberto Fortner Francilene Procópio Garcia Franselmo Araújo Costa Igor Vilas Boas de Freitas Luiz Carlos de Azevedo Luiz Fernando Martins Castro Marcelo Daniel Pagotti Marcos Vinícius de Souza Maximiliano Salvadori Martinhão Representatives from the corporate sector Eduardo Fumes Parajo Eduardo Levy Cardoso Moreira Henrique Faulhaber Nivaldo Cleto Representatives from the third sector Carlos Alberto Afonso Flávia Lefèvre Guimarães Percival Henriques de Souza Neto Thiago Tavares Nunes de Oliveira Representatives from the scientific and technological community Flávio Rech Wagner Lisandro Zambenedetti Granville Marcos Dantas Loureiro Internet Expert Demi Getschko Coordinator Maximiliano Salvadori Martinhão Executive Secretary Hartmut Richard Glaser Preface by HENRIQUE FAULHABER “Initiatives to improve cybersecurity and address digital security threats should involve appropriate collaboration among governments, private sector, civil society, academia and technical community” NETmundial Multistakeholder Statement, São Paulo – 2014 Dear reader, his publication aims at reporting the efforts of the Brazilian Internet Steering Committee (CGI.br) and several people and organizations on fighting spam in Brazil since 2004. The unsolicited mass messages that reach our e-mail boxes represent a challenge Tfaced by users, companies and by the entire access infrastructure and Internet services value chain. The Anti-Spam Working Commission (CT-Spam), created within the scope of the Brazilian Internet Steering Committee (CGI.br) in 2004, aimed at the creation of a national strategy to address the problem of spam. Because spam is a major vehicle for malicious code distribution and a serious threat to the security of the Internet, CERT.br was a key player in the success of CT-Spam. The importance of this publication is not just because it is a documentary approach to the activities carried out over the last 10 years in the combat of a particular problem. This report is valuable not only for purposes related to the combat of SPAM; by unveiling the process behind CT-SPAM, it also uncovers one of the main tasks of CGI.br: the multistakeholder coordination of actors in the development of a national Internet policy. Many challenges still lie in the way of effective collaboration in the field. Education and engagement of decentralized groups, including governmental actors still go through obstacles. Among them, the difficulty of understanding the complexity of collaboration through various skills and of leaving behind en- 9 trenched management frameworks in favor of a multistakeholder mode of engagement that can be more innovative and inclusive. This work went far beyond removing Brazil from the top posi- tions of global lists of spammers. It is the result of a combination of security, freedom and network governance dynamics and col- laborative dialogue between different decision makers. Henrique Faulhaber Board Member at CGI.br 10 11 Contents 15 I Report: The brazilian experience of port 25 management 16 Introduction 25 Brief history of CT-Spam war on spam 35 Port 25 management 45 Legal and regulatory issues 57 A multistakeholder model for public policies management 64 Conclusions 69 II Interviews 70 Henrique Faulhaber 81 Cristine Hoepers Klaus Steding-Jessen 96 Demi Getschko 105 Carlos Afonso 111 Marcelo Bechara 120 Eduardo Parajo 126 Rubens Kuhl 129 Eduardo Levy 134 Danilo Doneda 143 Jaime Wagner 148 Marcelo Fernandes 14 I Report The brazilian experience of port 25 management 15 Introduction Issues related to communication networks security have assumed critical importance on a national and international scale, while com- munication and information technologies have become essential el- ements for the attainment of rights such as freedom of expression and the expansion of access, either in terms of public policies or as intrinsic processes to various productive chains. Given that networks significantly affect the Internet, and the daily affairs of citizens, businesses, and government, different ac- tors legitimately focus their efforts on ensuring network safety and confidence. None the less, such issues exhibit different levels of political, technical, regulatory, economic, and social complex- ity. Part of this complexity derives from the very nature of the Internet: regulatory choices, business, decisions and even legal actions on net safety should always take into account the global nature of the network, as well as considerations abo ut its interop- erability and the participation of different actors. The majority of threats to network security has a systemic com- plexity, involving different actors at the same time. Therefore, co- operation between such different actors stands as the best effort for detecting and mitigating the effects of these threats. Such complexity is not different from threats posed by spam, which, by in turn, also have peculiarities that do communicate, from time to time, with the development of network security practices. Fighting spam has been currently discussed in forums on In- ternet governance and regulation for the past 15 years. Factors leading to such a persistent theme are as varied as the ways to investigate the problem, once efforts to discourage spamming can be implemented through perspectives of technological, legal, po- litical and social natures. The aim of this paper is to present the coordinating work performed by the Brazilian Internet Steering Committee (CGI.br) in a project known as “Port 25 Management” as a successful case study in which initiatives pointing to multis- takeholder collaboration are referred to as the best strategy for facing cyber security themes. Various initiatives on the national and international level, as well as in the international forums, advocate cooperation among different actors as a means for combating outbreaks and mini- 16 mizing threats. The Netherlands have the Dutch Cyber Security Council, comprising 15 members from the government, scientif- ic community, private sector, and industry. The Council acts by itself or on behest of civil society or the government, and is re- sponsible for implementing the Dutch Domestic Cyber Security Strategy. In 2013, the Dutch Council published a best-practices recommendation
Recommended publications
  • Glossary of Spam Terms
    white paper Glossary of Spam terms The jargon of The spam indusTry table of Contents A Acceptable Use Policy (AUP) . 5 Alias . 5 Autoresponder . 5 B Ban on Spam . 5 Bayesian Filtering . 5 C CAN-SPAM . 5 Catch Rate . 5 CAUSe . 5 Challenge Response Authentication . 6 Checksum Database . 6 Click-through . 6 Content Filtering . 6 Crawler . 6 D Denial of Service (DoS) . 6 Dictionary Attack . 6 DNSBL . 6 e eC Directive . 7 e-mail Bomb . 7 exploits Block List (XBL) (from Spamhaus org). 7 F False Negative . 7 False Positive . 7 Filter Scripting . 7 Fingerprinting . 7 Flood . 7 h hacker . 8 header . 8 heuristic Filtering . 8 honeypot . 8 horizontal Spam . 8 i internet Death Penalty . 8 internet Service Provider (iSP) . 8 J Joe Job . 8 K Keyword Filtering . 9 Landing Page . 9 LDAP . 9 Listwashing . 9 M Machine-learning . 9 Mailing List . 9 Mainsleaze . 9 Malware . 9 Mung . 9 N Nigerian 419 Scam . 10 Nuke . 10 O Open Proxy . 10 Open Relay . 10 Opt-in . 10 Opt-out . 10 P Pagejacking . 10 Phishing . 10 POP3 . 11 Pump and Dump . 11 Q Quarantine . 11 R RBLs . 11 Reverse DNS . 11 ROKSO . 11 S SBL . 11 Scam . 11 Segmentation . 11 SMtP . 12 Spam . 12 Spambot . 12 Spamhaus . 12 Spamming . 12 Spamware . 12 SPewS . 12 Spider . 12 Spim . 12 Spoof . 12 Spyware . 12 t training Set . 13 trojan horse . 13 trusted Senders List . 13 U UCe . 13 w whack-A-Mole . 13 worm . 13 V Vertical Spam . 13 Z Zombie . 13 Glossary of Spam terms A acceptable use policy (AUP) A policy statement, made by an iSP, whereby the company outlines its rules and guidelines for use of the account .
    [Show full text]
  • Impact of Time on Detecting Spammers in Twitter Mahdi Washha, Aziz Qaroush, Florence Sèdes
    Impact of Time on Detecting Spammers in Twitter Mahdi Washha, Aziz Qaroush, Florence Sèdes To cite this version: Mahdi Washha, Aziz Qaroush, Florence Sèdes. Impact of Time on Detecting Spammers in Twitter. 32ème Conférence Gestion de Données : Principes, Technologies et Applications (BDA 2016), Labora- toire d’Informatique et d’Automatique pour les Systèmes (LIAS) - Université de Poitiers et ENSMA, Nov 2016, Poitiers, France. hal-03159076 HAL Id: hal-03159076 https://hal.archives-ouvertes.fr/hal-03159076 Submitted on 5 Mar 2021 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Distributed under a Creative Commons Attribution - NonCommercial - NoDerivatives| 4.0 International License Impact of Time on Detecting Spammers in Twitter Mahdi Washha Aziz Qaroush Florence Sedes IRIT Laboratory Birzeit University IRIT Laboratory University of Toulouse Birzeit, Palestine University of Toulouse Toulouse, France [email protected] Toulouse, France [email protected][email protected] ABSTRACT events, news, and jokes, through a messaging mechanism al- Twitter is one of the most popular microblogging social sys- lowing 140 characters maximum. Statistics states that, in tems, which provides a set of distinctive posting services November 2015, the number of active users that use Twitter operating in real time manner.
    [Show full text]
  • RESPONSE to the GROWING SPAM PROBLEM B Ly Zbang
    CYBERLAW THE CAN-SPAM ACT: AN INSUFFICIENT RESPONSE TO THE GROWING SPAM PROBLEM B Ly Zbang Although "Spam"' is tasty in a can, it is never tasty when it lands in our e-mail inboxes. Spam is an especially pernicious form of advertising because of its low cost, high-volume nature. Traditional advertisers, such as telemarketers and junk mailers, incur significant costs by employing workers, paying long-distance telephone bills, and buying envelopes and paper. In contrast, spammers expend significantly less and even shift costs to recipients, who must sort through the voluminous span they receive. Thus, spam's attractive nature has led to many abusive uses, which all contribute to the growing spam problem. As spam becomes a daily nuisance, various responses are being util- ized to combat it. Earlier methods employed vigilantism in the forms of self-regulation and self-help, but more sophisticated methods quickly emerged. Those methods included suits against spanmers under both common and state law doctrines and technological responses such as fil- tering. Then in December 2003, the federal government enacted the Con- trolling the Assault of Non-Solicited Pornography and Marketing Act of a uniform federal body of 2003 (CAN-SPAM Act2 or "the Act") to provide law against spamming. While the Act attempts to curb the spain problem, it still has some shortcomings. Some of the criticism heaped upon the Act centers around its preemptive effects on stricter state sparn laws, the severity of the penal- ties, and its alleged attempt to curb spammers' constitutional rights. Much of the criticism also accuses the Act of potentially increasing the amount of spain because the Act merely provides a set of guidelines for spammers on how to spain legally-in effect legitimizing span.
    [Show full text]
  • A Survey on Adversarial Information Retrieval on the Web
    A Survey on Adversarial Information Retrieval on the Web Saad Farooq CS Department FAST-NU Lahore [email protected] Abstract—This survey paper discusses different forms of get the user to divulge their personal information or financial malicious techniques that can affect how an information details. Such pages are also referred to as spam pages. retrieval model retrieves documents for a query and their remedies. In the end, we discuss about spam in user-generated content, including in blogs and social media. Keywords—Information Retrieval, Adversarial, SEO, Spam, Spammer, User-Generated Content. II. WEB SPAM I. INTRODUCTION Web spamming refers to the deliberate manipulation of The search engines that are available on the web are search engine indexes to increase the rank of a site. Web frequently used to deliver the contents to users according to spam is a very common problem in search engines, and has their information need. Users express their information need existed since the advent of search engines in the 90s. It in the form of a bag of words also called a query. The search decreases the quality of search results, as it wastes the time engine then analyzes the query and retrieves the documents, of users. Web spam is also referred to as spamdexing (a images, videos, etc. that best match the query. Generally, all combination of spam and indexing) when it is done for the search engines retrieve the URLs, also simply referred to as sole purpose of boosting the rank of the spam page. links, of contents. Although, a search engine may retrieve thousands of links against a query, yet users are only There are three main categories of Web Spam [1] [2].
    [Show full text]
  • CPA's Guide to Understanding and Controlling Spam Roman H
    University of Mississippi eGrove American Institute of Certified Public Accountants Guides, Handbooks and Manuals (AICPA) Historical Collection 1-1-2004 CPA's guide to understanding and controlling spam Roman H. Kepczyk American Institute of Certified Public Accountants. Information Technology Section Follow this and additional works at: https://egrove.olemiss.edu/aicpa_guides Part of the Accounting Commons, and the Taxation Commons Recommended Citation Kepczyk, Roman H. and American Institute of Certified Public Accountants. Information Technology Section, "CPA's guide to understanding and controlling spam" (2004). Guides, Handbooks and Manuals. 199. https://egrove.olemiss.edu/aicpa_guides/199 This Article is brought to you for free and open access by the American Institute of Certified Public Accountants (AICPA) Historical Collection at eGrove. It has been accepted for inclusion in Guides, Handbooks and Manuals by an authorized administrator of eGrove. For more information, please contact [email protected]. ISO Certified 091015 AMERICAN INSTITUTE OF CERTIFIED P UBLIC ACCOUNTANTS Information Spam and Controlling to Understanding A CPA’sGuide Technology Section Roman H . Kepczyk, CPA, CITP CPA, . Kepczyk, AMERICAN INSTITUTE OF CERTIFIED P UBLIC ACCOUNTANTS Information Spam and Controlling to Understanding A CPA’sGuide Technology Section Roman H . Kepczyk, CPA, CITP CPA, . Kepczyk, Controlling Spam.qxd 8/24/2004 9:41 AM Page ii Notice to Readers A CPA’s Guide to Understanding and Controlling Spam does not represent an official position of the American Institute of Certi- fied Public Accountants, and it is distributed with the under- standing that the author and the publisher are not rendering accounting or other professional services in the publication.
    [Show full text]
  • the Spam-Ish Inquisition
    :: The Spam-ish Inquisition Tired of spam with everything? Don’t fritter away your time and energy on junk mail1 David Harley Andrew Lee Table of Contents Introduction 2 Defi ning Spam 2 Professional versus Amateur Spam 3 Deceptive Elements 3 Amateur Hour 5 Why “Spam”? 6 Spam and Pornography 6 Spam Attacks 7 Bombs Away 7 Address Harvesting 8 Spam Through the Ages 8 First Sightings 8 Newsgroup Spam 9 Spreading Spam 10 Spam Economics 11 Other Spam Channels 11 SPIM 12 Text Messaging Spam 12 Blog Spam 13 Index Hijacking 14 Junk Faxes 14 Spam and Scams 14 Make Money Fast 14 Advance Fee Fraud 15 Phishing Scams 16 Mule Train 18 Pump and Dump Scams 19 Chain Letters and Hoaxes 20 Spam and the Law 21 CAN-SPAM 21 European Directive 22 Spam Countermeasures 23 Blocklists 23 Reputation Services 23 Greylisting 23 Whitelisting 24 Text Filtering 24 Heuristics 24 Commercial Anti-Spam 25 Conclusion: Living Spam-Free 26 References 27 Glossary 29 White Paper: Who Will Test the Testers? 1 Introduction Spam looks like a simple enough issue until you have to try to defi ne it: after all, we all think we know it when we see it. Most people have a working defi nition along the lines of “email I don’t want.” While that’s perfectly understandable, it is diffi cult to implement technical solutions based on such a subjective defi nition. (Actually, not all spam is email based, but we’ll get back to that in a little while.) A fractionally less subjective defi nition is “email I didn’t ask for.” However, this doesn’t really meet the case either.
    [Show full text]
  • The Email Has Landed: How Understanding and Improving Deliverability Can Help Your Messages Get Through
    THE EMAIL HAS LANDED: HOW UNDERSTANDING AND IMPROVING DELIVERABILITY CAN HELP YOUR MESSAGES GET THROUGH JANUARY 2018 TABLE OF CONTENTS 03 EXECUTIVE SUMMARY 05 THE REVOLUTION AND EVOLUTION OF EMAIL 12 PROTECT YOUR REPUTATION 16 SMART STRATEGIES 20 CONCLUSION TABLE OF CONTENTS | 02 THE EMAIL HAS LANDED EXECUTIVE SUMMARY Email marketing turns 40 years old in 2018. When Digital Equipment Corporation's Gary Thuerk1 sent a unsolicited sales pitch to 397 Arpanet users on May 3, 1978, a new type of selling was born. And so was spam. Thuerk's stunt annoyed many of his recipients. It crashed some systems. Thuerk was reprimanded and told not to do it again. Still, his pitch led to millions in computer equipment sales.2 Four decades later, email remains the top vessel for business communication. In 2017, 3.7 billion worldwide email accounts sent an estimated 269 billion emails every day.3 That's a lot of inboxes -- and a lot of messages competing for attention. Yet one in five emails won't land in an inbox at all4 , getting bounced or detoured into a spam folder instead. Even the sharpest message won't generate a single sale if the intended recipient never sees it. Understanding deliverability -- getting your message where it needs to go -- is essential for today's marketers. 1 Julia De Simone, "Meet the 'Father of Spam', a Goodyear Resident," Arizona Republic, March 31, 2016. Web. 2 Kate Stoodly, "Father of Spam Speaks Out on His Legacy," eSecurity Planet.com, November 19, 2004. Web. 3 "Email Market 2017-2021," The Radicati Group, June 2017.
    [Show full text]
  • A Multi-Faceted Approach Towards Spam-Resistible Mail ♣
    A Multi-Faceted Approach towards Spam-Resistible Mail ♣ Ming-Wei Wu* Yennun Huang † Shyue-Kung Lu‡ Ing-Yi Chen§ Sy-Yen Kuo* * Department of Electrical Engineering, National Taiwan University, Taipei, Taiwan ABSTRACT Jupiter Research estimates the average e-mail user As checking SPAM became part of our daily life, will receive more than 3,900 spam mails per year by unsolicited bulk e-mails (UBE) have become 2007, up from just 40 in 1999, and Ferris Research unmanageable and intolerable. Bulk volume of spam estimates spam costs U.S. companies 10 billion in e-mails delivering to mail transfer agents (MTAs) is 2003 and a user spends on the average 4 seconds to similar to the effect of denial of services (DDoS) process a SPAM mail. As bulk volume of spam mails attacks as it dramatically reduces the dependability overtakes legitimate mails, as reported by ZDNet and efficiency of networking systems and e-mail Australia, the effect of spam mails is similar to denial servers. Spam mails may also be used to carry viruses of service attacks (DOS) on computer servers as the and worms which could significantly affect the dependability and efficiency of networking systems availability of computer systems and networks. There and e-mail servers are dramatically reduced. Spam is have been many solutions proposed to filter spam in also used to disseminate virus and spyware which the past. Unfortunately there is no silver bullet to may severely affect the dependability of computer deter spammers and eliminate spam mails. That is, in systems and networks. isolation, each of existing spam protection There is no silver bullet, unfortunately, to deter mechanisms has its own advantages and spammers and eliminate spam as each of existing disadvantages.
    [Show full text]
  • Download Links for Viruses/Malware
    International Journal of Information Technology Convergence and Services (IJITCS) Vol.2, No.4, August 2012 A NOVEL APPROACH AGAINST E-MAIL ATTACKS DERIVED FROM USER-AWARENESS BASED TECHNIQUES Gaurav Ojha 1 and Gaurav Kumar Tak 2 1Department of Information Technology, Indian Institute of Information Technology and Management, Gwalior - 474010, India [email protected] 2School of Computer Science & Information Technology, Lovely Professional University, Phagwara, Punjab – 144402, India [email protected] ABSTRACT A large part of modern day communications are carried out through the medium of E-mails, especially corporate communications. More and more people are using E-mail for personal uses too. Companies also send notifications to their customers in E-mail. In fact, in the Multinational business scenario E-mail is the most convenient and sought-after method of communication. Important features of E-mail such as its speed, reliability, efficient storage options and a large number of added facilities make it highly popular among people from all sectors of business and society. But being largely popular has its negative aspects too. E-mails are the preferred medium for a large number of attacks over the internet. Some of the most popular attacks over the internet include spams, and phishing mails. Both spammers and phishers utilize E-mail services quite efficiently in spite of a large number of detection and prevention techniques already in place. Very few methods are actually good in detection/prevention of spam/phishing related mails but they have higher false positives. A variety of filters such as Bayesian filters, Checksum-based filters, machine learning based filters and memory-based filters are usually used in order to identify spams.
    [Show full text]
  • Representing Botnet-Enabled Cyber-Attacks and Botnet-Takedowns Using Club Theory
    Representing Botnet-enabled Cyber-attacks and Botnet-takedowns using Club Theory Olukayode Adegboyega A thesis submitted to the Faculty of Graduate Studies and Research in partial fulfillment of the requirements for the degree of Master of Applied Science in Technology Innovation Management Faculty of Engineering and Design Carleton University Copyright © May 2015, Olukayode Adegboyega ABSTRACT The literature on botnet-enabled cyber-attacks and the literature on botnet takedowns have progressed independently from each other. In this research, these two literature streams are brought together. Botnet-enabled cyber-attacks and botnet takedowns are conceptualized as collective actions carried out by individuals, groups, and organizations that are linked by the Internet and club theory is used to examine the inner workings of these collective actions. This research examines five scenarios of botnet-enabled cyber-attacks and five scenarios of botnet takedowns to develop a representation of cyber-attacks and infer capabilities of four club types: Attacker, Defender, Botnet beheader, and Botnet operator. The representation developed identifies the dimensions of the three constructs of club theory: club membership size; size of the facility that club members share; and arrangements to operate, purchase/rent and grow the shared facility. Club capabilities were organized into five types: relationships, attack infrastructure, skills, learning, and others. The results of applying club theory suggest that two club types, Attacker and Botnet operator have the ability to massively scale; whereas, for the other two club types, Defender and Botnet beheader, scalability is not evident. The implication is that clubs that fit the Attacker and Botnet operator types can bring significantly more technical resources to achieve their goals than the clubs that fit the Defender and Botnet beheader types.
    [Show full text]
  • A Content-Agnostic Comment Spam Inference System
    NEIGHBORWATCHER: A Content-Agnostic Comment Spam Inference System Jialong Zhang and Guofei Gu SUCCESS Lab, Department of Computer Science & Engineering Texas A&M University, College Station, TX fjialong,[email protected] Abstract the search rank of a target website than it should have. The rise of such spam causes unnecessary work for search en- Comment spam has become a popular means for spam- gine crawlers, annoys search engine users with poor search mers to attract direct visits to target websites, or to manip- results, and even often leads to phishing websites or mal- ulate search ranks of the target websites. Through posting ware drive-by downloads. In a recent study [15], Google a small number of spam messages on each victim website reports about 95,000 new malicious websites every day, (e.g., normal websites such as forums, wikis, guestbooks, which results in 12-14 million daily search-related warnings and blogs, which we term as spam harbors in this paper) but and 300,000 download alerts. spamming on a large variety of harbors, spammers can not To boost the ranking of the target websites, spammers only directly inherit some reputations from these harbors have already developed lots of spamdexing techniques [25] but also avoid content-based detection systems deployed on in the past few years, most of which also called Black Hat these harbors. To find such qualified harbors, spammers SEO (Search Engine Optimization). Text and Link manipu- always have their own preferred ways based on their avail- lations are two main SEO techniques frequently abused by able resources and the cost (e.g., easiness of automatic post- spammers to exploit the incorrect application of page rank ing, chances of content sanitization on the website).
    [Show full text]
  • Background Paper for the OECD Workshop on Spam”, OECD Digital Economy Papers, No
    Please cite this paper as: OECD (2004-01-22), “Background Paper for the OECD Workshop on Spam”, OECD Digital Economy Papers, No. 78, OECD Publishing, Paris. http://dx.doi.org/10.1787/232784860063 OECD Digital Economy Papers No. 78 Background Paper for the OECD Workshop on Spam OECD Unclassified DSTI/ICCP(2003)10/FINAL Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 22-Jan-2004 ___________________________________________________________________________________________ English - Or. English DIRECTORATE FOR SCIENCE, TECHNOLOGY AND INDUSTRY COMMITTEE FOR INFORMATION, COMPUTER AND COMMUNICATIONS POLICY Unclassified DSTI/ICCP(2003)10/FINAL BACKGROUND PAPER FOR THE OECD WORKSHOP ON SPAM English - Or. English JT00157096 Document complet disponible sur OLIS dans son format d'origine Complete document available on OLIS in its original format DSTI/ICCP(2003)10/FINAL FOREWORD This paper was presented to the Working Party on Telecommunications and Information Services Policy (TISP), the Working Party on Information Security and Privacy (WPISP) and the Committee on Consumer Policy during their meetings in 2003. It was declassified by the Committee for Information, Computer and Communications Policy and the Committee on Consumer Policy in January 2004. The report was prepared by Mr. Sung-il Ahn of the OECD’s Directorate for Science, Technology and Industry. It is published on the responsibility of the Secretary-General of the OECD. Copyright OECD, 2004. Applications for permission to reproduce or translate all or part of this material should be made to: Head of Publications Service, OECD, 2 rue André-Pascal, 75775 Paris Cedex 16, France. 2 DSTI/ICCP(2003)10/FINAL BACKGROUND PAPER FOR THE OECD WORKSHOP ON SPAM TABLE OF CONTENTS INTRODUCTION .........................................................................................................................................
    [Show full text]