Researchers Build TCP-Based Spam Detection 81
itwbennett writes "In a presentation at the Usenix LISA conference in Boston, researchers from the Naval Academy showed that signal analysis of factors such as timing, packet reordering, congestion and flow control can reveal the work of a spam-spewing botnet. The work 'advanced both the science of spam fighting and ... worked through all the engineering challenges of getting these techniques built into the most popular open-source spam filter,' said MIT computer science research affiliate Steve Bauer, who was not involved with the work. 'So this is both a clever bit of research and genuinely practical contribution to the persistent problem of fighting spam.'"
Why do we keep doing this? (Score:5, Insightful)
We won't see a real solution to the spam epidemic until people acknowledge the simple truth that spam is an economic problem. There is still a lot of money to be made by sending out spam, with very little expense for the spammer. The profit margin is high enough that it is well worth their while to find various ways around filters and any other silly mechanisms we throw at them.
If you want to make an actual difference in the fight against spam, you need to approach the economic motivations behind it. If you stop of the flow of money to the spammers, you will stop the spam as well. Because no matter how much some people may want to believe otherwise, spam isn't sent just to piss you off and ruin your day. Spam is sent out because spammers are paid to do so. If they don't get paid, they won't send spam, it is as simple as that. Any other kind of countermeasure only prolongs the fight and throws more money in the wrong direction.
Re:Why do we keep doing this? (Score:5, Insightful)
The economic side has been tackled as well, and it turns out that it is not easier than the technological side. More importantly: It involves politics, and politics move slowly on all problems of the commons (i.e. low impact on many people).
Re:Why do we keep doing this? (Score:5, Insightful)
The same can be said about pickpocketing, burglary and almost any other kind of crime. As long as technical measures can help with partially or temporarily alleviating the problems without causing disproportional side effects or requiring disproportionately large investments (i.e., not TSA nonsense vs terrorism, but more like door locks vs breaking and entering), I don't see what the problem is with developing and deploying them.
Re:Why do we keep doing this? (Score:2, Insightful)
The spam problem is behavioral: spammers are sociopaths. That's why there are no ex-spammers: they can no more stop spamming than a pedophile can stop molesting children. They're (pick your terminology) mentally ill, sick, etc.
How do we know this? Because we can observe (and we have observed) that they continue spamming even when there's obviously no profit in it, nor any realistic hope of any profit in the future. They're not all/always doing it for the money.
Now...it's certainly true that some spammers do make a profit; certainly the spammers-for-hire that have adopted the guise of "responsible companies" do very well, well enough to hire skilled propagandists who paint them as professional email service providers -- even though they're just spammers with better suits. But that doesn't change their underlying motivation: doing what spammers do requires someone who's devoid of basic human compassion, remorse, responsibility, empathy -- all the qualities that enable people to relate to one another. And there's no easy/obvious fix for that.