Global ETD Search

1	A Quantitative Study of the Deployment of the Sender Policy Framework Tan, Eunice Zsu 01 October 2018 (has links) Email has become a standard form of communication between businesses. With the prevalent use of email as a form of communication between businesses and customers, phishing emails have emerged as a popular social engineering approach. With phishing, attackers trick users into divulging their personal information through email spoofing. Thus, it is imperative to verify the sender of an email. Anti-spoofing mechanisms such as the Sender Policy Framework (SPF) have been developed as the first line of defense against spoofing by validating the source of an email as well as the presenting options of how to handle emails that fail to validate. However, deployment of SPF policies and SPF validation remains low. To understand the cost and benefit of deploying SPF, we have developed metrics to quantify its deployment and maintenance complexity through modeling. Our approach provides a way to visualize the SPF record of a given domain through the use of a graph. Using the developed model, we applied the metrics to both the current and historical SPF policy for the Alexa Top Sites for empirical study and historical trend analysis. SPF Spoofing DNS SMTP Computer Sciences
2	Using Simple Mail Transfer Protocol on the Last Hop Saqibuddin, Mohammad, Saha, Iplu January 2007 (has links) Some of the enhancements that hit the mobile phone industry in recent years include checking email, demanded changes in the traditional ways of service delivery. People find it convenient to be able to check for incoming emails without being required to be at a fixed location. High-end mobile phones with high resolution color screens and mail clients (or plug-ins) much like the classic clients that run on desktop and laptop computers, have made mail manipulation on a mobile phone both easy and interesting. However, one key difference is the phone’s battery power source. Where power was not an issue for desktop and even many laptop computers, since they are almost all the time connected to an AC supply or have high capacity battery storage, it is a major issue for mobile phones. While email applications have greatly advanced, there has not been much improvement in mobile battery capacity. In addition the battery lifetime has decreased due to the high power demands of multimedia applications, which may be running almost constantly. Traditionally, a mail client checks for new email messages by polling the mail server. This works well with computers attached to the power mains or with a large capacity battery, but for mobile phones, polling causes significant battery drain. A solution would be to poll the server less frequently by increasing the polling interval, however this would delay email reception hence increasing latency. In this thesis we implement and evaluate a new mail delivery system without changing the underlying mail or communications infrastructure. The new system eliminates the need for polling by using network initiated mail delivery. This means that a mail server will forward mail directly to a particular user. Tests conducted with a prototype are compared to the use of the existing system in terms of power consumption and latency. These tests show that the new mail delivery system reduces both power consumption and delivery delay. / På senaste tiden har mobilindustrin utvecklas och tagit stora steg framåt. Högprestanda mobiler med hög upplösning, färgskärmar och epost klienter (eller så kallade plug-ins) har gjort användingen av epost på mobiltelefoner både lätt och intressant. Användarna har funnit att det är bekvämt att ha förmågan att kunna ta emot och skicka epost vart som helst. En viktig skillnad mellan mobiltelefoner och t.ex. en dator är att mobiltelefonen har en begränsad elförsörjning. Olika Funktioner till mobiltelefoner har utvecklas mycket på sistonde men undertiden har batteritiden förblivit nästintill konstant. Programmen som har utvecklas kräver mer och mer kraft av mobiltelefonen och speciellt den senaste trenden med multimedia applikationer, så som mp3 spelare och kamera, som används mycket frekvent av användarna. Tratitionellt så skickar en epost klient förfrågningarn med jämna mellanrum till epost servern för att ta reda på om det har kommit några nya e-mails. Detta fungerar väl för datorer som inte har några elförsörjnings problem men för en mobil så kostar den periodiska förfrågningen mycket batteritid. En lösning till problemet vore att höja periodstiden mellan varje förfrågning. Detta skulle dock leda till en högre fördröjning på leveransen av eposten. I det här examensarbetet har vi undersökt och implementerat ett nytt system för epost leverans utan att förändra den underliggande infrastrukturen. Det nya systemet tar bort behovet av periodisk förfrågan, för att ta emot nya e-mails, genom att låta nätverket initiera leveransen. Detta betyder att e-mail servern kommer att vidarebefordra ett inkommande e-mail direkt till mobiltelefonen. Prestandan, i form av elförbrukning och leverans fördröjning, på det nya systemet har mätts genom att testa en prototyp och jämföra prototypen med de systemen som finns tillgängliga idag. Testen har visat att det nya systemet reducerar både ström förbrukningen och leverans fördröjningen. Last Hop SMTP Communication Systems Kommunikationssystem
3	Användning av greylisting för att filtrera skräppost för myndigheter Eliasson, Pontus January 2018 (has links) Undersöker användbarheten av greylisting för att filtrera skräppost ur en myndighets perspektiv som har juridiska krav på sig att vara kontaktbara via epost och då har begränsningar i hur inkomna epost får filtreras. Genom att sätta upp en simulerad miljö så testas ett antal olika program för massutskick av epost och greylisting visar sig vara mycket effektivt när det kommer till att filtrera bort epost som skickas från klienter som inte till fullo stödjer SMTP's funktion för omsändningar enligt RFC. Greylisting har dock en inbyggd nackdel i sättet som skräposten filtreras och det är att samtlig epost från tidigare ej sedda avsändare kommer att fördröjas, i mina försök och med mina inställningar av Postgrey blev det en genomsnittlig fördröjning på ca 17min. / Investigates the usability of greylisting as a means of filtering spam emails in the perspective of a (swedish) government agency that has got legal obligations to be reachable by email and thus are limited in the ways incoming emails may be filtered. By setting up a virtual environment a few softwares for sending bulk mail are tested and greylisting shows to be a very effective when it comes to filter emails that are sent from clients that does not fully support the SMTP's functions for retransmission listed in the RFC. Greylisting has got an built in disadvantage in the way that email are filtered and that is that all emails from senders that has not been seen before will be delayed, in my tests and with my settings of Postgrey I got an average delay of approximately 17min. Greylisting SMTP Spam Postgrey Grålistning Greylisting SMTP Spam Postgrey Computer Engineering Datorteknik
4	Une nouvelle approche pour la détection des spams se basant sur un traitement des données catégorielles Parakh Ousman, Yassine Zaralahy January 2012 (has links) Le problème des spams connaît depuis ces 20 dernières années un essor considérable. En effet, le pollupostage pourrait représenter plus de 72% de l'ensemble du trafic de courrier électronique. Au-delà de l'aspect intrusif des spams, ceux-ci peuvent comporter des virus ou des scripts néfastes ; d'où l'intérêt de les détecter afin de les supprimer.Le coût d'un envoi de courriels par un spammeur étant infime, ce dernier peut se permettre de transmettre le spam au plus d'adresse de messagerie électronique. Pour le spammeur qui arrive à récupérer même une petite partie d'utilisateurs, son opération devient commercialement viable. Imaginant un million de courriels envoyés et seul 0,1% de personnes qui se font appâtées [i.e. appâter], cela représente tout de même 1 millier de personnes ; et ce chiffre est très réaliste. Nous voyons que derrière la protection de la vie privée et le maintien d'un environnement de travail sain se cachent également des enjeux économiques. La détection des spams est une course constante entre la mise en place de nouvelles techniques de classification du courriel et le contournement de celles-ci par les spammeurs. Jusqu'alors, ces derniers avaient une avance dans cette lutte. Cette tendance s'est inversée avec l'apparition de techniques basées sur le filtrage du contenu. Ces filtres pour la plupart sont basés sur un classificateur bayésien naïf. Nous présentons dans ce mémoire une approche nouvelle de cette classification en utilisant une méthode basée sur le traitement de données catégorielles. Cette méthode utilise les N-grams pour identifier les motifs significatifs afin de limiter l'impact du morphisme des courriers indésirables. Courriel N-grams Catégorielles SMTP Bayésien Text-mining Class Spam
5	Design and Evaluation of a New Authentication Mechanism for Validating the Sender of an Email Sakamuri, Sai 01 March 2005 (has links) A new authentication mechanism for validating the source of messages over the Internet is designed and evaluated. This mechanism is applied to email and is called Email++. Email++ prevents identity forging (spoofing) and tampering of email contents. By preventing identity forging, Email++ can reduce the amount of spam received and limit the spread of viruses like Melissa, Love Bug, Bagle Worm, and Killer Resume. Email++ validates both the sender and the receiver of an email by confirming the senders identity with the domain mail server that delivered the email for the sender, and authenticates the receiver with hash value comparisons. Email++ enables payment mechanisms, including micro-cash, and challenge response schemes that use puzzle solving. MD5 hash signatures generated both at the sender and the receiver locations are used for validating the senders identity and for making email tamper resistant in the network. An out-of-band TCP connection established between the sender and the receiver is used as a communication channel for validating the sender as well as the senders email server. The information needed for establishing an out-of-band TCP connection is obtained by querying the DNS (Domain Naming System), instead of using email headers from the received mail, which are susceptible to spoofing. The Email++ technique is compared with existing anti spam and anti-spoof techniques like SPF, Yahoo Domain Keys, Microsoft Sender ID, TEOS and PGP. The Email++ specification is evaluated by developing both Email++ client and Email++ server programs in C language and using Sendmail 8.12 as the mail server. The performance of Email++ is compared with standard SMTP protocol implementation of Sendmail 8.12. Several factors are considered in evaluating the performance. CPU demand, memory demand, bandwidth demand, email latency, and extra DNS load are measured for both email sender and the receiver. The performance evaluation results show that Email++ adds an extra CPU demand of about 11%. The extra memory required by Email++ is nearly 3%. The bandwidth demand of Email++ is around 15% greater than the standard SMTP for sending 500 emails of 3.5KB each. Extra load on DNS increases by one connection for every incoming mail at the receiver. Spam Smtp Sender payment Networks Spoofing American Studies Arts and Humanities
6	Detekce slovníkových útoků na síťové služby analýzou IP toků / Detection of Dictionary Attacks on Network Services Using IP Flow Analysis Činčala, Martin January 2015 (has links) Existing research suggests that it is possible to detect dictionary attacks using IP flows. This type of detection was successfully implemented for SSH, LDAP and RDP protocols. To determine whether it is possible to use the same methods of detection for e-mail protocols virtual test environment was created. I deduced the characteristics of attacks in flows from the data, which I gained from this virtual environment. Than I chose the statistical value that separates the attacks from legitimate traffic. Variance of specific flow parameters was chosen as main characteristic of attacks. IP addresses with flows that have small variance of chosen parameters and high frequency of packet arrival are considered untrustworthy. Variance is calculated from IP history to rule out false positives. The IP history of legitimate user contains variation of flows which prevents marking this IP address as dangerous. On the basis of this principal the script, which detects the attacks from the nfdump output, was created. The success of detection of the attacks was tested on classificated data from the real environment. The results of tests showed, that with good configuration of marginal values the percentage of detected attacks is high and there are no false positives. Detection is not limited only on mail protocols. With regard to universal design, the script is able to detect dictionary attacks on SSH, LDAP, SIP, RDP, SQL, telnet and some other attacks.
7	Sonda pro monitorování aplikačních protokolů / Probe for the Application Protocols Monitoring Fukač, Tomáš January 2016 (has links) This work describes an extension of the Microprobe functionality for detection and filtering of application protocols. The Microprobe is an embedded system designed for monitoring network links at speed 1 Gb/s without loosing any packets. The detection of application protocols requires using of computationally expensive operations, especially string lookup (usually based on regular expressions). Based on the study of several protocols (SMTP, POP3, FTP, SIP) a draft of a new architecture has been created. The new architecture splits this functionality between programmable logic FPGA and processor. The FPGA performs preprocessing of network traffic consisting of a lookup for user identifiers and protocol-specific patterns. The processor verifies that it is the requested communication. The processor does not need to process the entire network traffic but only the part pre-filtered in the FPGA. The software part is extended by a module for the analysis of SMTP which allows processing of more than 5,000 network flows per second. Support for other protocols can be added by an extension of the software part.
8	Detekce a analýza přenosů využívajících protokoly SSL/TLS / Traffic detection and analysis using SSL/TLS Hutar, Jan January 2017 (has links) This diploma thesis deals with a detection and analysis of secure connections of electro- nic communication through SSL/TLS protocols. The thesis begins with introduction to SSL/TLS protocols. Thereafter, an analysis of messages used to establish secure con- nections using STARTTLS and postal protocols SMTP, POP3, and IMAP was made. Metadata detection and extraction of secured simplex and duplex connections take place using deep packet inspection tools. The tool of choice is the nDPI library from the Ntop project. The library was extended to detect the connections and extract the metadata based on studies and analysis of transmitted messages. Finally, testing is performed on a training data set and a basic analysis of acquired metadata is made.
9	Network and I/O Characteristics of ISP Mail Servers Gao, Hongyan 11 March 2002 (has links) No description available. Computer Science email file system performance SMTP POP
10	Rétablir la confiance dans les messages électroniques : Le traitement des causes du "spam" / Restoring confidence in electronic mails Laurent-Ricard, Eric 09 December 2011 (has links) L'utilisation grandissante de la messagerie électronique dans les échanges dématérialisés, aussi bien pour les entreprises que pour les personnes physiques, et l'augmentation du nombre de courriers indésirables, nommés « spams » (pourriels) génèrent une perte de temps importante de traitement manuel, et un manque de confiance à la fois dans les informations transmises et dans les émetteurs de ces messages. Quels sont les solutions pour rétablir ou établir la confiance dans ces échanges ? Comment traiter et faire diminuer le nombre grandissant de « spams » ? Les solutions existantes sont parfois lourdes à mettre en oeuvre ou relativement peu efficaces et s’occupent essentiellement de traiter les effets du « spam », en oubliant d’analyser et de traiter les causes. L'identification, si ce n'est l'authentification de l'émetteur et des destinataires, est un des points clés permettant de valider l'origine d'un message et d’en garantir le contenu, aussi bien qu’un niveau important de traçabilité, mais ce n’est pas le seul, et les mécanismes de base mêmes de la messagerie électronique, plus précisément au niveau des protocoles de communication sont également en jeu. Le contenu de cette thèse portera plus spécifiquement sur les possibilités liées aux modifications de certains protocoles de l'Internet, en particulier le protocole SMTP, la mise en oeuvre de spécifications peu utilisées, et les outils et méthodes envisageables pour garantir l’identification des parties de façon simple et transparente pour les utilisateurs. L’objectif est de définir, d'une part une méthodologie d'utilisation de la messagerie pouvant assurer fiabilité et confiance, et d'autre part de rédiger les bases logiques de programmes clients et serveurs pour la mise en application de cette méthodologie. / The growing use of email in dematerialized exchanges, for both businesses and individuals, and the increase of undesirable mails, called "spam" (junk emails) generate a significant loss of time of manual processing And a lack of confidence both in the information transmitted and the issuers of such messages. What are the solutions to restore or build confidence in these exchanges? How to treat and reduce the growing number of «spam»?Existing solutions are often cumbersome to implement or relatively ineffective and are primarily concerned with treating the effects of "«spam»", forgetting to analyze and address the causes.The identification, if not the authentication, of the sender and recipients, is a key point to validate the origin of a message and ensure the content, as well as a significant level of traceability, but it is not the only one, and the basic mechanisms, themselves, of the email system, more precisely in terms of communication protocols are also at stake.The content of this thesis will focus primarily on opportunities related to changes in some Internet protocols, in particular SMTP, implementation specifications rarely used, and the tools and possible methods to ensure the identification of parties in a simple and transparent way for users.The objective is to define, firstly a methodology for using the mail with reliability and confidence, and secondly to draw the logical foundations of client and server programs for the implementation of this methodology. "Spam" Pourriel E-mail Confiance Identification Authentification SMTP "Spam" Junk emails Confidence Authentification Identification SMTP

Search results