DOCSLIB.ORG

Shades of Grey: on the Effectiveness of Reputation-Based “Blacklists”

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Shades of Grey: on the Effectiveness of Reputation-Based “Blacklists” Shades of Grey: On the effectiveness of reputation-based “blacklists” Sushant Sinha, Michael Bailey, and Farnam Jahanian Electrical Engineering and Computer Science Department University of Michigan, Ann Arbor, MI 48109 sushant, mibailey, farnam @umich.edu { } Abstract computers infected with tens of thousands of malware variants in the second half of 2007 alone. Malicious code, or malware, executed on compro- This scale and diversity, along with an increased mised hosts provides a platform for a wide variety of number of advanced evasion techniques such as poly- attacks against the availability of the network and the morphism have hampered existing detection and re- privacy and confidentiality of its users. Unfortunately, moval tools. The most popular of these, host-based the most popular techniques for detecting and pre- anti-virus software, is falling woefully behind–with venting malware have been shown to be significantly detection rates as low as 40% [11]. Admitting this fail- flawed [11], and it is widely believed that a significant ure to completely prevent infections, defenders have fraction of the Internet consists of malware infected looked at new ways to defend against large numbers machines [17]. In response, defenders have turned to of persistently compromised computers and the attacks coarse-grained, reputation-based techniques, such as they perform. One technique becoming increasingly real time blackhole lists, for blocking large numbers popular, especially in the network operation commu- of potentially malicious hosts and network blocks. In nity, is that of reputation-based blacklists. In these this paper, we perform a preliminary study of a type of blacklists, URLs, hosts, or networks are identified as reputation-based blacklist, namely those used to block containing compromised hosts or malicious content. unsolicited email, or spam. We show that, for the net- Real-time feeds of these identified hosts, networks, or work studied, these blacklists exhibit non-trivial false URLs are provided to organizations who then use the positives and false negatives. We investigate a number information to block web access, emails, or all activity of possible causes for this low accuracy and discuss to and from the malicious hosts or networks. Currently the implications for other types of reputation-based a large number of organizations provide these ser- blacklists. vices for spam detection (e.g., NJABL [3], SORBS [6], SpamHaus [8] and SpamCop [7]) and for intrusion de- 1 Introduction tection (e.g., DShield [15]). While these techniques have gained prominence, little is known about their ef- Current estimates of the number of compromised fectiveness or potential draw backs. hosts on the Internet range into the hundreds of mil- In this paper, we present a preliminary study on the lions [17]. Malicious code, or malware, executed on effectiveness of reputation-based blacklists. In partic- these compromised hosts provides a platform for at- ular we examine the most prevalent of these systems, tackers to perform a wide variety of attacks against those used for spam detection. Using an oracle, a networks (e.g., denial of service attacks) and attacks spam detector called SpamAssassin [1], we identify that affect the privacy and confidentiality of the end the spam received by a large academic network con- users (e.g., key-logging, phishing, spam) [10]. This sisting of 7,000 unique hosts, with millions of email ecosystem of malware is both varied and numerous– messages, over a period 10 days in June of 2008. a recent Microsoft survey reported tens of millions of We examine the effectiveness, in terms of false posi- 1 tives and negatives, of four blacklists, namely NJABL, positives and that many critical mail servers were SORBS, SpamHaus and SpamCop and provide an in- blacklisted, especially by SORBS. This included vestigation into the sources of the reported inaccuracy. 6 Google mail servers that sent significant amount While a preliminary study, this work offers several of ham to our network. novel contributions: This paper is structured as follows: Section 2 An investigation of email, spam, and spam tool presents background and related work on blacklists • behavior in the context of a large academic and Section 3 presents our approach to evaluating network. We found that roughly 80% of the blacklist effectiveness. Section 2 presents a prelimi- email messages received by our network were nary evaluation of the blacklists and we conclude in spam. The network level characteristics of spam Section 5. were also quite different when compared to the observed ham. For example, individual sources 2 Related Work contributed significantly to overall ham but the spam was distributed in small quantities across a Access control devices like firewalls enforce rep- large number of sources. Conversely, destinations utation that is statically decided. In recent years, of spam tend to be very targeted when compared more powerful dynamic reputation-based systems in to the ham. Using a small number of hand classi- the form of blacklists have evolved. A number of or- fied email mailboxes, we also evaluated our ora- ganizations support and generate dynamic blacklists. cle, SpamAssassin, to be quite effective with less These organizations include spam blacklist providers than 0.5% false positives and 5% false negatives like NJABL [3], SORBS [6], SpamHaus [8] and Spam- for the default threshold. Cop [7]. Ramachandran and Feamster [13] collected spam An analysis of the accuracy of four prevalent • by monitoring mails sent to an unused domain and per- spam blacklists. We found that the black lists formed a preliminary analysis of spammers. They ob- studied in our network exhibited a large false neg- served that the spamming sources are clustered within ative rate. NJABL had a false negative rate of the IP address space and some of these sources are 98%, SORBS had 65%, SpamCop had 35% and short lived. Instead of collecting spam on a single SpamHaus had roughly 36%. The false posi- domain, we monitored all emails on an academic net- tive rate of all blacklists were low except that of work, both spam and ham, using an accurate detector SORBS, which had an overall false positive rate SpamAssassin. of 10%. Spam blacklists providers set up a number of un- A preliminary study of the causes of inaccu- used email addresses called spamtraps. These spam- • racy and a discussion of the issues as they re- traps are not advertised to real users but are infiltrated late to reputation-based services. We found into spammer lists when they scrape the web look- that while blacklists agree significantly with each ing for email addresses. Then source IPs that have other over what is spam, a significant amount sent mails to more than a threshold number of spam- (21%) of the spam is not detected by any of these traps are blacklisted. Recently, new blacklist genera- lists, indicating that the blacklists may not have tion techniques have been proposed. Ramachandran visibility into a significant portion of spam space. et. al. [14] argue that blacklisting based on spamtraps Second, we found that many spamming sources is often late and incomplete. They proposed a new that went undetected sent very little spam to our method that blacklists source IPs based on their mail network and that 90% of the undetected sources sending patterns. DShield [15] aggregates intrusion were observed on the network for just 1 second. detection alerts and firewall logs from a large number This indicates that it is possible that these black- of organizations. It then publishes a common black- lists are not able to detect these low volume, short list that consists of source IPs and network blocks that lived spammers. Finally, we found that the black- cross a certain threshold of events. Zhang et. al. [20] lists rarely agreed with each other on their false argued that a common blacklist may contain entries 2 that are never used in an organization. So they pro- sulted with the blacklists. A number of spam detec- posed an approach to reduce the size of the black- tors can be used for our study. The two most popu- lists and possibly reduce the computational overhead lar and open source spam detectors are SpamAssas- in blacklist evaluation. Xie et. al. [19] have shown sin [1] and DSpam [4]. DSpam requires manual train- that a large number of IP addresses are dynamically ing of individual mail boxes and so we used SpamAs- assigned and mails from these IP addresses are mostly sassin in our experimental setup. SpamAssassin uses a spam. So they recommend adding dynamic IP ranges number of spam detectors and assigns scores for each into blacklists to reduce the false negatives. While detector. The total score for a message is computed these methods may be more effective, we only eval- by adding the score of all detectors that classified the uated production spam blacklists in our study. message as spam. If the total score exceeds the de- A number of papers have questioned the effective- fault threshold of 5.0, then the message is classified as ness of blacklists. Ramachandran et. al. [12] ana- spam. We used the default SpamAssassin configura- lyzed how quickly bobox infected hosts appeared in tion that came with the Gentoo Linux [2] distribution. the Spamhaus blacklists. They found that a large frac- We configured SpamAssassin with two additional de- tion of these hosts were not found in the blacklist. tection modules namely Pyzor [5] and Razor [9] for In this paper, we present the overall consequences of improving SpamAssassin accuracy. such incompleteness of blacklists. Finally, there has Blacklist lookups are done by reversing the IP been other innovative uses of blacklists. Venkatara- addressing, appending the blacklist zone (eg, com- man et. al. [16] presented a situation where spammers bined.njabl.org) and then making a DNS lookup.
Load more

Recommended publications
  • Prospects, Leads, and Subscribers
    PAGE 2 YOU SHOULD READ THIS eBOOK IF: You are looking for ideas on finding leads. Spider Trainers can help You are looking for ideas on converting leads to Marketing automation has been shown to increase subscribers. qualified leads for businesses by as much as 451%. As You want to improve your deliverability. experts in drip and nurture marketing, Spider Trainers You want to better maintain your lists. is chosen by companies to amplify lead and demand generation while setting standards for design, You want to minimize your list attrition. development, and deployment. Our publications are designed to help you get started, and while we may be guilty of giving too much information, we know that the empowered and informed client is the successful client. We hope this white paper does that for you. We look forward to learning more about your needs. Please contact us at 651 702 3793 or [email protected] . ©2013 SPIDER TRAINERS PAGE 3 TAble Of cOnTenTS HOW TO cAPTure SubScriberS ...............................2 HOW TO uSe PAiD PrOGrAMS TO GAin Tipping point ..................................................................2 SubScriberS ...........................................................29 create e mail lists ...........................................................3 buy lists .........................................................................29 Pop-up forms .........................................................4 rent lists ........................................................................31 negative consent
    [Show full text]
  • Presentations Made by Senders
    SES ���� ��� � �� � � � � � � � ������������� DomainKeys ��������� SPF ��������������������� ���������� ����������������� ������������������������������������������������ Contents Introduction 3 Deployment: For Email Receivers 6 Audience 3 Two Sides of the Coin 6 How to Read this White Paper 3 Recording Trusted Senders Who Passed Authentication 6 A Vision for Spam-Free Email 4 Whitelisting Incoming Forwarders 6 The Problem of Abuse 4 What To Do About Forgeries 6 The Underlying Concept 4 Deployment: For ISPs and Enterprises 7 Drivers; or, Who’s Buying It 4 Complementary considerations for ISPs 7 Vision Walkthrough 5 Deployment: For MTA vendors 8 About Sender Authentication 8 Which specification? 8 An Example 8 Conformance testing 8 History 8 Perform SRS and prepend headers when forwarding 8 How IP-based Authentication Works 9 Add ESMTP support for Submitter 8 The SPF record 9 Record authentication and policy results in the headers 8 How SPF Classic Works 9 Join the developers mailing list 8 How Sender ID works 9 Deployment: For MUA vendors 9 How Cryptographic Techniques Work 0 Displaying Authentication-Results 9 Using Multiple Approaches Automatic switching to port 587 9 Reputation Systems Deployment: For ESPs 20 Deployment: For Email Senders 2 Don’t look like a phisher! 20 First, prepare. 2 Delegation 20 Audit Your Outbound Mailstreams 2 Publish Appropriately 20 Construct the record 2 Deployment: For Spammers 2 Think briefly about PRA and Mail-From contexts. 3 Two Types of Spammers 2 Test the record, part 3 Publish SPF and sign with DomainKeys. 2 Put the record in DNS 3 Stop forging random domains. 2 Test the record, part 2 4 Buy your own domains. 2 Keep Track of Violations 4 Reuse an expired domain.
    [Show full text]
  • That Ain't You: Detecting Spearphishing Emails Before They
    That Ain't You: Blocking Spearphishing Emails Before They Are Sent Gianluca Stringhinix and Olivier Thonnardz xUniversity College London z Amadeus [email protected] [email protected] Abstract 1 Introduction Companies and organizations are constantly under One of the ways in which attackers try to steal sen- attack by cybercriminals trying to infiltrate corpo- sitive information from corporations is by sending rate networks with the ultimate goal of stealing sen- spearphishing emails. This type of emails typically sitive information from the company. Such an attack appear to be sent by one of the victim's cowork- is often started by sending a spearphishing email. At- ers, but have instead been crafted by an attacker. tackers can breach into a company's network in many A particularly insidious type of spearphishing emails ways, for example by leveraging advanced malware are the ones that do not only claim to come from schemes [21]. After entering the network, attackers a trusted party, but were actually sent from that will perform additional activities aimed at gaining party's legitimate email account that was compro- access to more computers in the network, until they mised in the first place. In this paper, we pro- are able to reach the sensitive information that they pose a radical change of focus in the techniques used are looking for. This process is called lateral move- for detecting such malicious emails: instead of look- ment. Attackers typically infiltrate a corporate net- ing for particular features that are indicative of at- work, gain access to internal machines within a com- tack emails, we look for possible indicators of im- pany and acquire sensitive information by sending personation of the legitimate owners.
    [Show full text]
  • Busting Blocks: Revisiting 47 U.S.C. §230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters
    Digital Commons @ Touro Law Center Scholarly Works Faculty Scholarship 2011 Busting Blocks: Revisiting 47 U.S.C. §230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters Jonathan I. Ezor Touro Law Center, [email protected] Follow this and additional works at: https://digitalcommons.tourolaw.edu/scholarlyworks Part of the Commercial Law Commons, Communications Law Commons, and the Science and Technology Law Commons Recommended Citation Jonathan I. Ezor, Busting Blocks: Revisiting 47 U.S.C. § 230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters, XVII Rich. J.L. & Tech. 7 (2011), http://jolt.richmond.edu/ v17i2/article7.pdf. This Article is brought to you for free and open access by the Faculty Scholarship at Digital Commons @ Touro Law Center. It has been accepted for inclusion in Scholarly Works by an authorized administrator of Digital Commons @ Touro Law Center. For more information, please contact [email protected]. Richmond Journal of Law and Technology Vol. XVII, Issue 2 BUSTING BLOCKS: REVISITING 47 U.S.C. § 230 TO ADDRESS THE LACK OF EFFECTIVE LEGAL RECOURSE FOR WRONGFUL INCLUSION IN SPAM FILTERS By Jonathan I. Ezor∗ Cite as: Jonathan I. Ezor, Busting Blocks: Revisiting 47 U.S.C. § 230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters, XVII Rich. J.L. & Tech. 7 (2011), http://jolt.richmond.edu/v17i2/article7.pdf. I. INTRODUCTION: E-MAIL, BLOCK LISTS, AND THE LAW [1] Consider a company that uses e-mail to conduct a majority of its business, including customer and vendor communication, marketing, and filing official documents.
    [Show full text]
  • Asian Anti-Spam Guide 1
    Asian Anti-Spam Guide 1 © MediaBUZZ Pte Ltd January 2009 Asian Anti-SpamHighlights Guide 2 • Combating the latest inbound threat: Spam and dark traffic, Pg. 13 • Secure Email Policy Best Practices, Pg. 17 • The Continuous Hurdle of Spam, Pg. 29 • Asian Anti Spam Acts, Pg. 42 Contents: • Email Spam: A Rising Tide 4 • What everyone should know about spam and privacy 7 • Scary Email Issues of 2008 12 • Combating the latest inbound threat: Spam and dark 13 • Proofpoint survey viewed spam as an increasing threat 16 • Secure Email Policy Best Practices 17 • Filtering Out Spam and Scams 24 • The Resurgence of Spam 26 • 2008 Q1 Security Threat landscape 27 • The Continuous Hurdle of Spam 29 • Spam Filters are Adaptive 30 • Liberating the inbox: How to make email safe and pro- 31 ductive again • Guarantee a clear opportunity to opt out 33 • The Great Balancing Act: Juggling Collaboration and 34 Authentication in Government IT Networks • The Not So Secret Cost of Spam 35 • How to Avoid Spam 36 • How to ensure your e-mails are not classified as spam 37 • Blue Coat’s Top Security Trends for 2008 38 • The Underground Economy 40 • Losing Email is No Longer Inevitable 42 • Localized malware gains ground 44 • Cyber-crime shows no signs of abating 45 MEDIABUZZ PTE LTD • Asian Anti-Spam Acts 47 ASIAN ANTI-SPAM GUIDE © MediaBUZZ Pte Ltd January 2009 Asian Anti-SpamHighlights Guide 3 • Frost & Sullivan: Do not underestimate spam, Pg. 65 • Unifying email security is key, Pg. 71 • The many threats of network security, Pg. 76 • The UTM story, Pg.
    [Show full text]
  • Discussion Paper Countering Spam: How to Craft an Effective Anti-Spam
    DISCUSSION PAPER COUNTERING SPAM: HOW TO CRAFT AN EFFECTIVE ANTI-SPAM LAW International Telecommunication Union This paper has been prepared for the ITU World Summit on the Information Society (WSIS) thematic workshop on Countering Spam, organized under the ITU New Initiatives Programme by the Strategy and Policy Unit (SPU). The paper was written by Matthew B. Prince, CEO and co-founder of Unspam, LLC, a Chicago-based business and government consulting company helping to draft and enforce effective anti-spam laws. He is a member of the Illinois Bar and an Adjunct Professor at the John Marshall Law School. He received his J.D. from the University of Chicago Law School and his B.A. from Trinity College, Hartford, Connecticut. For more information visit: http://www.unspam.com/. The meeting project is managed by Robert Shaw ([email protected]) and Claudia Sarrocco ([email protected]) of the Strategy and Policy Unit (SPU) and the series is organized under the overall responsibility of Tim Kelly, Head, SPU. This and the other papers in the series are edited by Joanna Goodrick. The views expressed in this paper are those of the author and do not necessarily represent those of ITU or its membership. 1 Introduction Since the first anti-spam law worldwide was passed in 1997, at least 75 governments around the world have passed anti-spam laws.1 That first anti-spam law was in fact passed at state-level in the United States, by the state of Nevada.2 The anti-spam laws in existence today take the form of so-called “opt-in” or “opt-out” regulations.
    [Show full text]
  • Characterizing Spam Traffic and Spammers
    2007 International Conference on Convergence Information Technology Characterizing Spam traffic and Spammers Cynthia Dhinakaran and Jae Kwang Lee , Department of Computer Engineering Hannam University, South Korea Dhinaharan Nagamalai Wireilla Net Solutions Inc, Chennai, India, Abstract upraise of Asian power houses like China and India, the number of email users have increased tremendously There is a tremendous increase in spam traffic [15]. These days spam has become a serious problem these days [2]. Spam messages muddle up users inbox, to the Internet Community [8]. Spam is defined as consume network resources, and build up DDoS unsolicited, unwanted mail that endangers the very attacks, spread worms and viruses. Our goal is to existence of the e-mail system with massive and present a definite figure about the characteristics of uncontrollable amounts of message [4]. Spam brings spam and spammers. Since spammers change their worms, viruses and unwanted data to the user’s mode of operation to counter anti spam technology, mailbox. Spammers are different from hackers. continues evaluation of the characteristics of spam and Spammers are well organized business people or spammers technology has become mandatory. These organizations that want to make money. DDoS attacks, evaluations help us to enhance the existing technology spy ware installations, worms are not negligible to combat spam effectively. We collected 400 thousand portion of spam traffic. According to research [5] most spam mails from a spam trap set up in a corporate spam originates from USA, South Korea, and China mail server for a period of 14 months form January respectively. Nearly 80% of all spam are received from 2006 to February 2007.
    [Show full text]
  • Index Images Download 2006 News Crack Serial Warez Full 12 Contact
    index images download 2006 news crack serial warez full 12 contact about search spacer privacy 11 logo blog new 10 cgi-bin faq rss home img default 2005 products sitemap archives 1 09 links 01 08 06 2 07 login articles support 05 keygen article 04 03 help events archive 02 register en forum software downloads 3 security 13 category 4 content 14 main 15 press media templates services icons resources info profile 16 2004 18 docs contactus files features html 20 21 5 22 page 6 misc 19 partners 24 terms 2007 23 17 i 27 top 26 9 legal 30 banners xml 29 28 7 tools projects 25 0 user feed themes linux forums jobs business 8 video email books banner reviews view graphics research feedback pdf print ads modules 2003 company blank pub games copyright common site comments people aboutus product sports logos buttons english story image uploads 31 subscribe blogs atom gallery newsletter stats careers music pages publications technology calendar stories photos papers community data history arrow submit www s web library wiki header education go internet b in advertise spam a nav mail users Images members topics disclaimer store clear feeds c awards 2002 Default general pics dir signup solutions map News public doc de weblog index2 shop contacts fr homepage travel button pixel list viewtopic documents overview tips adclick contact_us movies wp-content catalog us p staff hardware wireless global screenshots apps online version directory mobile other advertising tech welcome admin t policy faqs link 2001 training releases space member static join health
    [Show full text]
  • Taxonomy of Email Reputation Systems (Invited Paper)
    Taxonomy of Email Reputation Systems (Invited Paper) Dmitri Alperovitch, Paul Judge, and Sven Krasser Secure Computing Corporation 4800 North Point Pkwy Suite 400 Alpharetta, GA 30022 678-969-9399 {dalperovitch, pjudge, skrasser}@securecomputing.com Abstract strong incentive for people to act maliciously without paying reputational consequences [1]. While this Today a common goal in the area of email security problem can be solved by disallowing anonymity on is to provide protection from a wide variety of threats the Internet, email reputation systems are able to by being more predictive instead of reactive and to address this problem in a much more practical fashion. identify legitimate messages in addition to illegitimate By assigning a reputation to every email entity, messages. There has been previous work in the area of reputation systems can influence agents to operate email reputation systems that can accomplish these responsibly for fear of getting a bad reputation and broader goals by collecting, analyzing, and being unable to correspond with others [2]. distributing email entities' past behavior The goal of an email reputation system is to monitor characteristics. In this paper, we provide taxonomy activity and assign a reputation to an entity based on its that examines the required properties of email past behavior. The reputation value should be able to reputation systems, identifies the range of approaches, denote different levels of trustworthiness on the and surveys previous work. spectrum from good to bad. In 2000, Resnick et al. described Internet reputation system as having three 1. Introduction required properties [3]: • Entities are long lived, As spam volumes have continued to increase with • feedback about current interactions is high rates, comprising 90% of all email by the end of captured and distributed, and 2006 as determined by Secure Computing Research, • past feedback guides buyer decisions.
    [Show full text]
  • Criminals Become Tech Savvy
    Attack Trends Elias Levy, [email protected] Ivan Arce, [email protected] Criminals Become Tech Savvy n this installment of Attack Trends, I’ll look at the growing 2003 alone. Fraud schemes are usu- ELIAS LEVY ally peddled by individuals who Symantec convergence of technically savvy computer crackers with spam potential victims (www. brightmail.com/brc_fraud-stats. financially motivated criminals. Historically, most com- html), such as the Nigerian, or 419, scam (see the 419 Coalition’s Web puter crime on the Internet has not been financially moti- site at http://home.rica.net/alphae/ I 419coal/). But as the number of vated: it was the result of either curious or malicious technical fraud cases has increased, so has the public’s awareness of them; fraudsters attackers, called crackers. This changed Increasingly on the defensive, are increasingly forced to resort to as the Internet became more com- spammers are fighting back by be- more intricate schemes. mercialized and more of the public has coming more sophisticated, generat- We’re now seeing the practice of gone online. Financially motivated ing unique messages, and finding new “phishing” gaining popularity with actors in the fauna of the Internet’s open proxies or SMTP relays to send fraudsters. Using this scheme, crimi- seedy underbelly—spammers and messages and hide their true sources. nals create email messages with re- fraudsters—soon joined crackers to turn addresses, links, and branding exploit this new potential goldmine. Fraud that seem to come from trusted, Internet fraud has also become a se- well-known organizations; the hope Spam rious problem.
    [Show full text]
  • WHITE PAPER Email Deliverability Review
    WHITE PAPER Email DELIVeraBility REView dmawe are the White Paper Email Deliverability Review Published by Deliverability Hub of the Email Marketing Council Sponsored by 1 COPYRIGHT: THE DIRECT MARKETING ASSOCIATION (UK) LTD 2012 WHITE PAPER Email DELIVeraBility REView Contents About this document ...............................................................................................................................3 About the authors ...................................................................................................................................4 Sponsor’s perspective .............................................................................................................................5 Executive summary .................................................................................................................................6 1. Major factors that impact on deliverability ..............................................................................................7 1.1 Sender reputation .............................................................................................................................7 1.2 Spam filtering ...................................................................................................................................7 1.3 Blacklist operators ............................................................................................................................8 1.4 Smart Inboxes ..................................................................................................................................9
    [Show full text]
  • Locating Political Power in Internet Infrastructure by Ashwin Jacob
    Where in the World is the Internet? Locating Political Power in Internet Infrastructure by Ashwin Jacob Mathew A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Information in the Graduate Division of the University of California, Berkeley Committee in charge: Professor John Chuang, Co-chair Professor Coye Cheshire, Co-chair Professor Paul Duguid Professor Peter Evans Fall 2014 Where in the World is the Internet? Locating Political Power in Internet Infrastructure Copyright 2014 by Ashwin Jacob Mathew This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.1 1The license text is available at http://creativecommons.org/licenses/by-nc-sa/4.0/. 1 Abstract Where in the World is the Internet? Locating Political Power in Internet Infrastructure by Ashwin Jacob Mathew Doctor of Philosophy in Information University of California, Berkeley Professor John Chuang, Co-chair Professor Coye Cheshire, Co-chair With the rise of global telecommunications networks, and especially with the worldwide spread of the Internet, the world is considered to be becoming an information society: a society in which social relations are patterned by information, transcending time and space through the use of new information and communications technologies. Much of the popular press and academic literature on the information society focuses on the dichotomy between the technologically-enabled virtual space of information, and the physical space of the ma- terial world. However, to understand the nature of virtual space, and of the information society, it is critical to understand the politics of the technological infrastructure through which they are constructed.
    [Show full text]