Managing Spam Under IPv6
Bricmont, Jordan
Promoteur(s) :
Donnet, Benoît
Date de soutenance : 7-sep-2017/8-sep-2017 • URL permanente : http://hdl.handle.net/2268.2/3355
Détails
Titre : | Managing Spam Under IPv6 |
Titre traduit : | [fr] Gérer le spam en IPv6 |
Auteur : | Bricmont, Jordan ![]() |
Date de soutenance : | 7-sep-2017/8-sep-2017 |
Promoteur(s) : | Donnet, Benoît ![]() |
Membre(s) du jury : | Mathy, Laurent ![]() Leduc, Guy ![]() Vyncke, Eric ![]() |
Langue : | Anglais |
Nombre de pages : | 68 |
Mots-clés : | [en] spam [en] ipv6 [en] behavioral blacklisting |
Discipline(s) : | Ingénierie, informatique & technologie > Sciences informatiques |
Public cible : | Chercheurs Professionnels du domaine Etudiants Grand public |
Institution(s) : | Université de Liège, Liège, Belgique |
Diplôme : | Master en ingénieur civil en informatique, à finalité spécialisée en "computer systems and networks" |
Faculté : | Mémoires de la Faculté des Sciences appliquées |
Résumé
[en] DNS Blacklisting (DSNBL) is a fast and efficient method to detect spam messages. Relying on IP addresses, it can be used by mail servers to filter emails at the early stage of the SMTP connection - that is, without needing to retrieve the message content - which provides a considerable saving in terms of bandwidth and computational power. High detecting rate and low false positive ratio is insured provided that DNSBLs are updated in near real time. Under IPv4 this is not a problem but things will radically change when mail servers will start using IPv6. Spammers will very likely use the immense number of available IPv6 addresses to defeat DNSBLs.
Behavioral blacklisting is an alternative spam filtering technique consisting in using network-level features of messages to differentiate spams from legitimate messages. Even though good results were achieved, the method has never been deployed because DNSBLs always outperformed it. This work aims at evaluating whether behavioral techniques will be negatively affected by a future IPv6 transition.
The lack of relevant data made the task complicated but it has been discovered that some features (like the AS number of the sender's IP address) seem particularly promising for an IPv6 usage, while others will more likely become useless.
Fichier(s)
Document(s)
Annexe(s)
Citer ce mémoire
L'Université de Liège ne garantit pas la qualité scientifique de ces travaux d'étudiants ni l'exactitude de l'ensemble des informations qu'ils contiennent.