January 27, 2010, 10:48 AM ET
Researchers Develop a More Accurate Spam Filter
California researchers have developed a system they believe could stop the most common kind of spam from reaching people's in boxes.
Most spam e-mail messages are transmitted using a few infected computers that use a template-based system. The new system works by analyzing the small changes in messages that spammers make to slip past spam filters, according to the team from the University of California at San Diego and the International Computer Science Institute in Berkeley, Calif.
Researchers looked at 1,000 e-mail messages generated by a software bot and reverse-engineering the template. Knowing that template, researchers could block spam with total accuracy without letting legitimate messages get caught in the filter.
Christian Kreibich, a research scientist from the International Computer Science Institute, said any sort of software using the system will probably not appear in the next month or two, although it could eventually hit the market. The team is also looking into other aspects of spam, such as tracing the route spam goes through to reach users' computers.
One caveat is that the system needs messages from an existing bot to figure out a template, meaning its messages would already be reaching users, Mr. Kreibich said. The system also works with the system spammers use now, he said, which could change in the future.
"It is an arms race, as we call it, for sure," Mr. Kreibich said. "They will come up with some kind of countermeasures that are not quite clear to us yet."
The research will be presented at the Network and Distributed System Security Symposium, in San Diego in March.