English feliratok

← 16-01 Spam

16-01 Spam

Beágyazókód kérése
7 Languages

Showing Revision 3 created 08/22/2014 by Udacity Robot.

  1. Okay, in this lesson, we will talk about spam
  2. or unwanted commercial email. Now, you might not think
  3. that you receive a lot of spam, but the
  4. fact of the matter is that most of it goes
  5. to your spam folder. So one might think, what's
  6. the problem? Well, in fact, spam remains a scourge for
  7. network operators. In particular, someone has to design the
  8. filters that separate the good traffic from the bad traffic.
  9. Additionally, even if email is classified as spam,
  10. if it's accepted for delivery, the Internet's mail
  11. protocols dictate that the server has to keep
  12. the mail, because it's told the receiver that it
  13. has accepted the mail. This creates the potential
  14. for spam to consume a significant amount of
  15. storage space on email servers. Finally, spam can
  16. create security problems for users who receive spam emails.
  17. If the spam messages contain a payload that
  18. could harmful, such as malware or a phishing attack
  19. or an attempt to steal a user's private
  20. or sensitive information, such as a password. Now even
  21. though you don't see the mail because of
  22. these filters, something like 95% of all email traffic
  23. is spam. Some reports from the Anti-Phishing Working
  24. Group suggests that something like 1 in every 87
  25. emails was a phishing attack. And there's
  26. something like 50,000 unique fishing attacks in a
  27. month. A common approach for getting rid of
  28. spam messages is to filter. In other words,
  29. prevent the message from reaching the user's inbox
  30. in the first place. Now this begs the
  31. question of how to differentiate spam, or the
  32. bad messages, from ham, or the legitimate messages.
  33. There are three different ways to construct filters. One
  34. is content-based. In other words, you can look at what's
  35. being said in the mail. For example, if the mail
  36. contains particular words, such as Viagra or Rolex, a content-based
  37. filter might pick up on those terms and decide to
  38. filter the mail. Second, a filter might make a decision
  39. about whether an email message is spam or ham based
  40. on the IP address of the sender. This method is
  41. often called blacklisting. Third, we can construct filters based
  42. on behavioral features, or how the mail is sent. So
  43. for example, if the mail is sent at a
  44. particular time of day, or if it's sent in a
  45. batch of emails that are all roughly the same
  46. size. Then we may be able to figure out that
  47. a message is likely spam, simply based on the
  48. sender's sending behavior. Now each of these approaches are complimentary,
  49. but content-based filtering and IP-based filtering each
  50. have problems. Content-based filters are relatively easy
  51. for attackers to evade. A recent large
  52. commercial mail operator recently told me that
  53. he saw something like 80,000 different spellings
  54. of Viagra. But additionally, messages can be
  55. carried not only in text, but in
  56. images, Excel spreadsheets, or even MP3s or movies.
  57. Therefore, spammers can easily alter the
  58. features of an email's content and adjust
  59. those features and change them to evade
  60. content-based filters. On the flip side, those
  61. maintaining the filters suffer a relatively high
  62. cost, because the filters must be continually
  63. updated as content changes and the means
  64. of carrying the content becomes more sophisticated.