[talks] Colloquium Speaker- tomorrow-10/29

Michele J. Brown mjbrown at CS.Princeton.EDU
Wed Oct 28 11:02:18 EDT 2009

Title: Network-Level Spam and Scam Defenses
Professor Nick Feamster, Georgia Tech
Host: Jennifer Rexford
CS 105-Small Auditorium
4:30pm, Thursday

This talk introduces a new class of methods called "behavioral 
blacklisting", which identify spammers based on their network-level 
behavior. Rather than attempting to blacklist individual spam messages 
based on what the message contains, behavioral blacklisting classifies a 
message based on how the message itself was sent (spatial and temporal 
traffic patterns of the email traffic itself). Behavioral blacklisting 
tracks the sending behavior of an email sender from a wide variety of 
vantage points and establishes "fingerprints" that are indicative of 
spamming behavior. Behavioral blacklisting can apply not only to email 
traffic, but also to the network-level behavior of hosting 
infrastructure for scam or phishing attacks. First, I will present a 
brief overview of our study of the network-level behavior of spammers. 
Second, I will describe two behavioral blacklisting algorithms that are 
based on insights from our study of the network-level behavior of 
spammers. Finally, I will describe our ongoing work applying similar 
behavioral detection techniques to detecting both online scam hosting 
infrastructure and phishing attacks.

Nick Feamster is an assistant professor in the College of Computing at 
Georgia Tech. He received his Ph.D. in Computer science from MIT in 
2005, and his S.B. and M.Eng. degrees in Electrical Engineering and 
Computer Science from MIT in 2000 and 2001, respectively. His research 
focuses on many aspects of computer networking and networked systems, 
including the design, measurement, and analysis of network routing 
protocols, network operations and security, and anonymous communication 
systems. He recently received the Presidential Early Career Award for 
Scientists and Engineers (PECASE) for his contributions to 
cybersecurity, notably spam filtering. His honors include a Sloan 
Research Fellowship, the NSF CAREER award, the IBM Faculty Fellowship, 
and award papers at SIGCOMM 2006 (network-level behavior of spammers), 
the NSDI 2005 conference (fault detection in router configuration), 
Usenix Security 2002 (circumventing web censorship using Infranet), and 
Usenix Security 2001 (web cookie analysis).

More information about the talks mailing list