Virus Bulletin Conference Papers (2)

Virus Bulletin 2000

This was my second Virus Bulletin paper, for Virus Bulletin 2000: The E-Mail of the Species: Worms, Chain-Letters, Spam and other Abuses. This was a reserve paper and not included in the conference proceedings, so it hasn’t been available for a few years. Again, the contact data is out of date, but some of the content is certainly still relevant.

Copyright is held by Virus Bulletin Ltd, but is made available on this site for personal use free of charge by permission of Virus Bulletin.

ABSTRACT
Hoaxes, urban legends, spoofs, chain letters: they were there before there was an Internet and quickly adapted to new communications media. By 1997, hoaxes were a serious drain on vendor and corporate service desks, and several papers at VB97 addressed the issue. However, hoaxes continue to proliferate and computer users continue to react inappropriately.

While awareness of some of the cruder hoaxes has increased in the sense that more people can recognise them, the proportion of seasoned veterans to clueless newbies has probably actually declined as the Internet has become EveryUser’s playground. Furthermore, the load on support staff arising from related nuisances hasn’t necessarily decreased. The focus has changed, but policies, strategies and information resources haven’t kept pace with the convergence of different email phenomena: viral marketing, spammed hoaxes, spammed viruses, viruses which piggyback hoaxes. Increasingly, malware writers, spammers and hoaxers use similar social engineering techniques to trick the recipient into accessing a tainted resource (document, program, web-site).

This presentation undertakes an overdue review of identification heuristics, policies and strategies, going beyond dictionary and simple heuristic detection of hoax virus alerts and placing them into the context of other channels of malice and misinformation and appropriate management techniques, including

  • Multiple ingress and egress wrapper and content filtering using gateway scanning tools to increase transparency
  • Integration of measures against mail abuse into enterprise security education and policy implementation.

David Harley CITP FBCS CISSP
Small Blue-Green World/ChainMailCheck
ESET Senior Research Fellow

Advertisements

About David Harley

Computer Security Author/Editor; Independent Antimalware Researcher; CEO at Small Blue-Green World; Senior Research Fellow at ESET.
This entry was posted in ChainMailCheck, conference papers, David Harley, VB Conference Papers, Virus Bulletin. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s