Spam messages are an incredible nuisance to most web users. But, now scientists claim to have developed an “effectively perfect” method for blocking the most common kind of spam, using spammers’ own trickery.
An international team, led by International Computer Science Institute in Berkeley and California University, has come up with a system that deciphers the templates a “botnet” is using to create spam, these templates are then used to teach filters what to look for, the ‘New Scientist’ reported. According to the scientists, the system works by exploiting a trick that spammers use to defeat email filters.
As spam is churned out, subtle changes are typically incorporated into the messages to confound spam filters. Each message is generated from a template that specifies message content and how it should be varied.
The team reasoned that analysing such messages could reveal the template that created them. And, since the spam template describes the entire range of the emails a bot will send, possessing it might provide a watertight method of blocking spam from that bot.
To test their idea, the team installed a previously captured software bot onto a machine. After analysing 1,000 emails generated by this compromised machine, less than 10 minutes’ work for most bots, the scientists were able to reverse-engineer the template.
Knowledge of that template then enabled filters to block further spam from that bot with 100% accuracy. The new system did not produce a single false positive when tested against more than a million genuine messages and the biggest advantage is this false positive rate, team member Andreas Pitsillidis said.
“This is an interesting approach which really differs by using the bots themselves as the oracles for producing the filters,” added Michael O’Reirdan , chairman of the messaging anti-abuse working group, a coalition of technology companies.
Published Date: Jan 27, 2010 12:41 pm | Updated Date: Jan 27, 2010 12:41 pm