On Attacking Statistical Spam Filters



Similar documents
On Attacking Statistical Spam Filters

Good Word Attacks on Statistical Spam Filters

Part III: Machine Learning. CS 188: Artificial Intelligence. Machine Learning This Set of Slides. Parameter Estimation. Estimation: Smoothing

SPAM-What To Do SUMMERSET COMPUTER CLUB

T : Classification as Spam or Ham using Naive Bayes Classifier. Santosh Tirunagari :

CS 348: Introduction to Artificial Intelligence Lab 2: Spam Filtering

Machine Learning in Spam Filtering

Anti Spamming Techniques

Is Spam Bad For Your Mailbox?

Machine Learning Final Project Spam Filtering

Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters

Spam Filtering with Naive Bayesian Classification

CSE 473: Artificial Intelligence Autumn 2010

Spam Filtering using Naïve Bayesian Classification

Purchase College Barracuda Anti-Spam Firewall User s Guide

Question 2 Naïve Bayes (16 points)

Spam filtering. Peter Likarish Based on slides by EJ Jung 11/03/10

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

Reasoning Component Architecture

Marketing Do s and Don ts A Sprint Mail Whitepaper

Machine Learning. CS 188: Artificial Intelligence Naïve Bayes. Example: Digit Recognition. Other Classification Tasks

Detecting Spam Bots in Online Social Networking Sites: A Machine Learning Approach

A Two-Pass Statistical Approach for Automatic Personalized Spam Filtering

Not So Naïve Online Bayesian Spam Filter

Intercept Anti-Spam Quick Start Guide

Bachelor thesis The Effects of Different Bayesian Poison Methods on the Quality of the Bayesian Spam Filter SpamBayes

Some fitting of naive Bayesian spam filtering for Japanese environment

Anti-Spam Filter Based on Naïve Bayes, SVM, and KNN model

Language and Computers (Ling 384)

Highly Scalable Discriminative Spam Filtering

Logistic Regression for Spam Filtering

CAS-ICT at TREC 2005 SPAM Track: Using Non-Textual Information to Improve Spam Filtering Performance

Spam Filtering based on Naive Bayes Classification. Tianhao Sun

Bayesian Spam Filtering

Detecting client-side e-banking fraud using a heuristic model

Learning from Data: Naive Bayes

Spam Detection A Machine Learning Approach

Increasing the Accuracy of a Spam-Detecting Artificial Immune System

Machine Learning for Naive Bayesian Spam Filter Tokenization

Immunity from spam: an analysis of an artificial immune system for junk detection

1 Maximum likelihood estimation

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Classification Problems

Reputation Metrics Troubleshooter. Share it!

How to Create and Manage your Junk Inbox Rule

Barracuda Spam Firewall

procmail and SpamAssassin

SECURITY S INSIDER SECRETS

escan Anti-Spam White Paper

Protecting your business from spam

How To Filter Spam Image From A Picture By Color Or Color

Dealing with spam mail

Multi-Protocol Content Filtering

Introduction to Bayesian Classification (A Practical Discussion) Todd Holloway Lecture for B551 Nov. 27, 2007

Software Engineering 4C03 SPAM

Learning Fast Classifiers for Image Spam

Setting up Junk Filters By Louise Ryan, NW District IT Expert

Abstract. Find out if your mortgage rate is too high, NOW. Free Search

Tweaking Naïve Bayes classifier for intelligent spam detection

An Efficient Spam Filtering Techniques for Account

About this documentation

Content Filters A WORD TO THE WISE WHITE PAPER BY LAURA ATKINS, CO- FOUNDER

Investigation of Support Vector Machines for Classification

Analysis of Spam Filter Methods on SMTP Servers Category: Trends in Anti-Spam Development

How to make sure you receive all s from the University of Edinburgh

High-Speed Detection of Unsolicited Bulk

Simple Language Models for Spam Detection

Spam Filtering Methods for Filtering

Filtering Junk Mail with A Maximum Entropy Model

Image Based Spam: White Paper

It is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.

Spam Filtering and Removing Spam Content from Massage by Using Naive Bayesian

A quick guide to... Permission: Single or Double Opt-in?

. Daniel Zappala. CS 460 Computer Networking Brigham Young University

Version 3.x. Barracuda Spam & Virus Firewall User s Guide. Barracuda Networks Inc S. Winchester Blvd Campbell, CA

PC Security and Maintenance

Dealing with Spam. February 16, Marc Berger SRJC Information Technology. Tuesday, April 10, 12

** If you are a Let's Go Learn development or sales partner, you should add "notify@quickbase.com" on your white list

Since every system is different we have included whitelisting instructions for a few popular service providers below.

Data Mining Algorithms Part 1. Dejan Sarka

PSSF: A Novel Statistical Approach for Personalized Service-side Spam Filtering

1. Introduction Deliverability-Benchmarks Working with Your Service Provider sent delivered...

International Journal of Research in Advent Technology Available Online at:

The Network Box Anti-Spam Solution

Spam Detection Using Customized SimHash Function

Application of Data Mining based Malicious Code Detection Techniques for Detecting new Spyware

Less naive Bayes spam detection

Popular Program Junk/Spam Filter Guide

Outlook Safe Sender s Filtering

Handling Unsolicited Commercial (UCE) or spam using Microsoft Outlook at Staffordshire University

Improving Digest-Based Collaborative Spam Detection

Deliverability Demystified:

BARRACUDA. N e t w o r k s SPAM FIREWALL 600

Role of Customer Response Models in Customer Solicitation Center s Direct Marketing Campaign

INBOX. How to make sure more s reach your subscribers

Joomla Admin Protection

How To Prevent Spam From Being Filtered Out Of Your Program

Spam Testing Methodology Opus One, Inc. March, 2007

How To Filter From A Spam Filter

Transcription:

On Attacking Statistical Spam Filters Gregory L. Wittel and S. Felix Wu Department of Computer Science University of California, Davis One Shields Avenue, Davis, CA 95616 USA Paper review by Deepak Chinavle

What is Spam unsolicited commercial email from someone without a pre-existing business relationship or, in practice, whatever email you don t want Types - unsolicited mail containing adult content - unsolicited financial offers, etc. - unsolicited political or religious mail - consider unsolicited commercial email to be spam, even if it came from a sender with whom they ve already done business

Bayesian Classifier for Spam Detection (not part of the paper) Given training set of messages with label as spam or nospam. Message is broken into tokens Each token's probability given a class is calculated from from it's frequency in that class from the training data set. From Bayes theorem, we calculate the class having higher probability. Class with higher probability is considered to be the class of the message.

The probabilistic model of Naive Bayes classifier (not part of the paper) Assume attributes are independent for a given class A naïve assumption P(c k a 1, a 2,, a n ) =? for every k N Attributes A 1 A 2 A n P ( c a, a,..., a ) = k 1 2 n P( c k )* P( a1, a2,..., a P( a, a,..., a ) 1 2 n n c k ) M Classes: c 1,,c M P(C = c 1 ),, P(C = c k ): known C P ( a, a,..., a c ) = P( a c )* P( a 2 n k 1 k 2 c )*...* P( a c 1 k n k ) Each P(a i c k ) is easily to compute based on counts

Document classification using Naïve Bayes classifier (not part of the paper) The word discount appears really often in spam emails (i.e. 99%), but seldom see it in non-spam email (i.e. 1%) We need to train the spam filter these probabilities We manually indicate whether a new email is spam or not training set P(discount spam) = 0.99, P(University spam) = 0.05, After training, the spam filter has P(word spam), for every word Filtering a new email consisting of n words P( words spam) * P( spam) P( word1 P( spam words) = = P( words) spam) *...* P( word P( words) n spam) * P( spam) For example If P(spam words) > 0.95 Junk folder Ref: Wikipedia

Content-based Spam Filtering (Quick example of basic attack) 1. From: spammer@example.com Cheap mortgage now!!! Feature Weights 2. cheap = 1.0 mortgage = 1.5 3. Total score = 2.5 > 1.0 (threshold) Spam

Good Word Attacks (quick example of basic attack) 1. From: spammer@example.com Cheap mortgage now!!! Corvallis OSU Feature Weights 2. cheap = 1.0 mortgage = 1.5 Corvallis = -1.0 OSU = -1.0 3. Total score = 0.5 < 1.0 (threshold) OK

Breaking filters Attack types Tokenization :- Exploit the way features are extracted from messages ex. Putting extra spaces in words. Obfuscation :- obscure message contents using encoding ex. URL encoding. Weak statistical :- good word attacks with random words. Strong statistical :- good word attacks with educated guess of good words to use.

Breaking filters Challenges faced by both the players Developers - Need to build accurate filters and at the same time consider possibility of attacks - Which training set to use? This turns out to be very crucial in long run of the filter. - What if the training set used itself is erroneous? This calls for trouble. - Lot of spam collections available publicly, what about ham collections? - System wide Vs end user wise configuration of the filter.

Breaking filters Challenges faced by both the players Spammers - Need to preserve the original message while still trying to make it look ham. - maximize audience size while keeping effort minimal. - Key is to find out the filter configuration or to find vulnerabilities in the training set of the filter.

Attack Methodology Simple attacks won't work, need to design advanced attacks. Designing repeatable attacks (which are missed and not caught subsequently) Getting feedback Ex. Yahoo mail.

Spam example Example Attack 1 From: Kelsey Stone <bouhooh@entitlement.com> 2 Subject: Erase hidden Spies or Trojan Horses from your computer 3 Erase E-Spyware from your computer 4 http://boozofoof.spywiper.biz To transform this spam, following two methods are used - Dictionary attack (random word from dictionary) - Common word attack (random words again but which are chosen from list of good words) The attacks were carried out against two types of filters - SpamBayes version 1.0a9 - CRM114 release 20040312 Data: 3000 spams from SpamArchive.org and 3000 hams from SpamAssassin n random words were added (n = 10, 25, 50, 100, 200, 300, 400) and for each n experiment repeated 1000 times

Results - SpamBayes More susceptible to good word attacks and when number of words added becomes more then 100.

Results - CRM114 More robust to dictionary and good word attacks. Dictionary word attacks more confined (less spread out) compared to common work attacks. Bulk of common word attacks shift towards high spam score may be because of sequences of bad words.

Conclusion Most attacks still don't attack the statistical nature of the filter. Spammers modify spam only if they gain more then the effort required. Even the good word attacks failed with one of the filters tested. Effect of retraining with against attack messaged need to be studied. Need to look beyond statistical attacks like application of natural language processing to spam. Spam is a never ending game between spammers and antispammers.

Some comments Cross fold validation not done before giving the results (or at least not mentioned in the paper). Usually results are given after 10- fold cross validation. Only two filters used for testing, would have been interesting if filters using different algorithms for document classification were used like naïve bayes, support vector machines, maximum entropy etc. Spam and ham emails used were taken only form one source. By taking test data from various sources better models the real world situation. The results will be more interesting if the proportion of spam and ham emails is varied for training. For example, instead of using 50-50% ratio, use something like 60-40%. This tells us the bias used by the filter.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information