Project Aims to Identify Spam by Traffic Patterns
A research project is underway at Cambridge University in the UK that could give Internet service providers a new weapon in the battle against spam.
Dubbed spamHints, the project aims to get ISPs to share information on the traffic patterns of the spam they receive—such as time, size and volume of e-mail—so they can more easily identify it.
“In the past few years it has become apparent that the traffic data logs can be analysed to seek out patterns that are indicative of the sending of spam or copies of e-mail viruses,” wrote Richard Clayton, in a paper outlining the project. “This is possible because the patterns of usage by legitimate senders of e-mail are very different from indiscriminate senders of spam or viruses.”
So far, the 200 members of the London Internet Exchange, a UK non-profit network of ISPs, have agreed to guidelines on sharing spam traffic information without compromising e-mail users’ privacy.
It is unclear if the project is drawing any interest from ISPs in the U.S.
In an e-mail exchange with Magilla Marketing, Clayton said that spammers will probably figure out a way to beat traffic-analysis spam-blocking schemes just as they do every other anti-spam scheme.
“However, they have to make their e-mail look more like ‘normal’ e-mail, and that almost always means smaller volumes – so that’s a definite win,” he wrote.
While the scheme won’t eliminate false positives, or permission-based e-mail being flagged as spam, it also shouldn’t adversely affect permission-based commercial marketers, Clayton wrote.
“Traffic analysis is never going to show ‘permission’ or ‘intent,’” he wrote. “However, it will show anomalous behavior, and most permission-based senders have a steady pattern.”
