Wednesday, September 29, 2004

Spam is not free for spammer, but it is cheap

Interesting study by the Microsoft Research Team about spam and specially the HIP's solution :
Moni Naor suggested using Human Interactive Proofs (HIPs) to combat spam. A HIP is an image that contains distorted letters and numbers. Humans can read the HIP, but a machine cannot. Since spammers rely on machines to send and receive messages without expensive human intervention, if spammers were challenged to read a HIP their machines would fail the test. The Anti-Spam team thought this was a good idea.

"You take Cynthia's idea of using computational puzzles, and you take the idea of using HIPs and you combine that with the machine learning filter. If something comes in that's suspicious, the computer sends a challenge. The challenge says solve this computational puzzle, or solve this Human Interactive Proof," said Goodman.

By giving the user the option to solve a HIP, the user won't have to download special software to solve the computational puzzle or update their legacy computer so that it can handle the computation. They can just read the HIP and send back the answer. Spammers would have to employ and pay a lot of human workers to read HIPs, which would make spamming unprofitable.

"It costs at least .2 cents to pay someone to solve a HIP, compared to the .01 cents spammers currently pay - that's part of the reason we studied spammer costs. This changes their profit model by a factor of 20.

Also that part about the 3 categories of products been promote and how the laws in each country can moderate the spammers :

When the researchers connect this geographic information with what the spammers are selling, they're able to paint a picture of how laws might be successful in stopping spammers.

They grouped the type of products being sold into three categories. Domestic, semi-domestic, and international. Domestic products require a domestic presence. They include financial services, insurance, and items too expensive to ship internationally.

Semi-domestic products require shipping, but the cost is low. These include products such as Viagra, college diplomas, and magazines.

International products or services include those that don't require physical shipping or a domestic presence. They range from software, to porn, to swindles such as the infamous Nigerian scam.

About one-third of the spam was domestic, about a third semi-domestic, and about a third international. "This kind of analysis is really useful" says Goodman. "Given the large amount of domestic and semi-domestic spam, it shows that good laws and prosecutions in the US and neighboring countries can really help. Also, when you see such a large portion of spam that appears to be coming from overseas, you realize there's a need to globally coordinate efforts to address the problem. It also shows us that while laws can be very useful, they won't solve the problem by themselves. We have to keep working on improving the technology and standards too."

No comments: