[talks] 4:30pm Thu Oct 29 colloquium on network-level spam/scam defenses

[Jennifer Rexford]

Note colloquium is on a *Thursday* rather than the usual Wednesday...

Speaker: Professor Nick Feamster, Georgia Tech
Title: Network-level spam and scam defenses
Date/time: 4:30pm on Thursday October 29
Place: CS 105 (small auditorium)

Abstract:

This talk introduces a new class of methods called "behavioral  
blacklisting", which identify spammers based on their network-level  
behavior. Rather than attempting to blacklist individual spam messages  
based on what the message contains, behavioral blacklisting classifies  
a message based on how the message itself was sent (spatial and  
temporal traffic patterns of the email traffic itself). Behavioral  
blacklisting tracks the sending behavior of an email sender from a  
wide variety of vantage points and establishes "fingerprints" that are  
indicative of spamming behavior. Behavioral blacklisting can apply not  
only to email traffic, but also to the network-level behavior of  
hosting infrastructure for scam or phishing attacks. First, I will  
present a brief overview of our study of the network-level behavior of  
spammers. Second, I will describe two behavioral blacklisting  
algorithms that are based on insights from our study of the network- 
level behavior of spammers. Finally, I will describe our ongoing work  
applying similar behavioral detection techniques to detecting both  
online scam hosting infrastructure and phishing attacks.
Bio
Nick Feamster is an assistant professor in the College of Computing at  
Georgia Tech. He received his Ph.D. in Computer science from MIT in  
2005, and his S.B. and M.Eng. degrees in Electrical Engineering and  
Computer Science from MIT in 2000 and 2001, respectively. His research  
focuses on many aspects of computer networking and networked systems,  
including the design, measurement, and analysis of network routing  
protocols, network operations and security, and anonymous  
communication systems. He recently received the Presidential Early  
Career Award for Scientists and Engineers (PECASE) for his  
contributions to cybersecurity, notably spam filtering. His honors  
include a Sloan Research Fellowship, the NSF CAREER award, the IBM  
Faculty Fellowship, and award papers at SIGCOMM 2006 (network-level  
behavior of spammers), the NSDI 2005 conference (fault detection in  
router configuration), Usenix Security 2002 (circumventing web  
censorship using Infranet), and Usenix Security 2001 (web cookie  
analysis).