The existance of spam email has gone from a fairly small amounts of afew hundred in the late 1970’s to several billions per day in 2010. Thiscontinually growing problem is of great concern to both businesses andusers alike.One attempt to combat this problem comes with a spam filtering toolcalled TRAP. The primary design goal of TRAP is to enable tracking ofthe reputation of mail senders in a decentralized and distributed fashion.In order for the tool to be useful, it is important that it does not haveany security issues that will let a spammer bypass the protocol or gain areputation that it should not have.As a piece of this puzzle, this thesis makes an analysis of TRAP’s protocoland design in order to find threats and vulnerabilies capable of bypassingthe protocol safeguards. Based on these threats we also evaluate possiblemitigations both by analysis and simulation. We have found that althoughthe protocol was not designed with regards to certain attacks on the systemitself most of the attacks can be fairly easily stopped.The analysis shows that by adding cryptographic defenses to the protocola lot of the threats would be mitigated. In those cases where cryptographywould not suffice it is generally down to sane design choices in the implementationas well as not always trusting that a node is being truthful andfollowing protocol.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-81012 |
Date | January 2012 |
Creators | Jägenstedt, Gabriel |
Publisher | Linköpings universitet, Databas och informationsteknik, Linköpings universitet, Tekniska högskolan |
Source Sets | DiVA Archive at Upsalla University |
Language | English |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0026 seconds