Zombie programs learn to send email based on individual writing styles
The next big threat from spammers will come from zombie PCs that can spew out smart spam that imitates the email writing style of the infected PC's legitimate owner, according to research from the University of Calgary.
A report by John Aycock, assistant professor of computer science at the University of Calgary, and his student Nathan Friess, entitled Spam Zombies from Outer Space, found that it would be possible to bypass most modern spam filters by targeting mail at regular contacts.
The report found that computers infected by zombie programs designed to send out spam could mine those PCs for personal data to fool the potential targets.
This could include the user's regular email style, such as average line length of messages, use of capitalisation, signatures or abbreviations.
"Improved spam will come from zombie machines and at first blush, this isn't terribly original. But the difference is in how the zombies are used," said the report.
"A zombie machine is not just a throwaway resource, a launch pad for distributed denial of service attacks and spam. A zombie contains a wealth of data."
Aycock and Friess identified two key reasons why spam is caught by filters and human intervention.
"Spam often comes from an unrecognised source, and it doesn't look right. But the evolution of spam zombies will change this," said the report.
"These new zombies will mine [archives] of email they find on infected machines, using this data to automatically forge and send improved, convincing spam to others."
While the research is proof-of-concept at the moment, Aycock predicted that the reality is not far away.
The findings were released at the 15th annual conference of the European Institute for Computer Anti-Virus Research.
The full Spam Zombies from Outer Space report can be downloaded from the University of Calgary website.
The next big threat from spammers will come from zombie PCs that can spew out smart spam that imitates the email writing style of the infected PC's legitimate owner, according to research from the University of Calgary.
A report by John Aycock, assistant professor of computer science at the University of Calgary, and his student Nathan Friess, entitled Spam Zombies from Outer Space, found that it would be possible to bypass most modern spam filters by targeting mail at regular contacts.
The report found that computers infected by zombie programs designed to send out spam could mine those PCs for personal data to fool the potential targets.
This could include the user's regular email style, such as average line length of messages, use of capitalisation, signatures or abbreviations.
"Improved spam will come from zombie machines and at first blush, this isn't terribly original. But the difference is in how the zombies are used," said the report.
"A zombie machine is not just a throwaway resource, a launch pad for distributed denial of service attacks and spam. A zombie contains a wealth of data."
Aycock and Friess identified two key reasons why spam is caught by filters and human intervention.
"Spam often comes from an unrecognised source, and it doesn't look right. But the evolution of spam zombies will change this," said the report.
"These new zombies will mine [archives] of email they find on infected machines, using this data to automatically forge and send improved, convincing spam to others."
While the research is proof-of-concept at the moment, Aycock predicted that the reality is not far away.
The findings were released at the 15th annual conference of the European Institute for Computer Anti-Virus Research.
The full Spam Zombies from Outer Space report can be downloaded from the University of Calgary website.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: