1 / 18

5 September 2014

5 September 2014. Supplemental Address Management System (SAMS). Complementing Traditional Email Security Methods by using Non-Disposable Addresses to Stop Spam and Other Malware. Fundamental Insights. Two email addresses are better than one

sadie
Télécharger la présentation

5 September 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 5 September 2014 Supplemental Address Management System (SAMS) Complementing Traditional Email Security Methods by using Non-Disposable Addresses to Stop Spam and Other Malware

  2. Fundamental Insights • Two email addresses are better than one • It’s harder to control spam with a single address • Bad actors exclusively share your address with other bad actors • Good actors never knowingly share your address with bad actors

  3. Supplemental Address Management Systems • Address to Inbox cardinality of “many-to-one” • Goal is for the greatest percentage of legitimate messages to arrive without being filtered • Supplemental addresses provide additive and complementary benefits to any other security approach when combined

  4. Address-Specific Policies • Public – No filtering • Protected – Filter • Disabled – Block all

  5. Value Increases Over Time

  6. Blended Model Benefits • White listing • Same rate of accuracy • Off-list incidence reduced by close to promotion percentage • Development of the white list becomes a finite exercise • Content-filtering and Corpus-Driven Models • Same rate of accuracy • False positives reduced by close to promotion % • Corpus can be automatically fed with precision from other blended model combination(s)

  7. SAMS using White Listing • Near 100% elimination of spam • Content-independent • Phishing is not a problem • Foreign language spam and all graphic spam are not a problem • Mistakenly blocked messages are not a problem • Does not require challenge/response • Can be combined with content-based filters

  8. SAMS vs Disposable Addresses • Disposable Email Addresses (DEA) • Low value, short life span substitute addresses • Use DEAs to keep spam from higher value addresses (mailbox) • Supplemental Addresses • High value, permanent additions to the Inbox • Use SAs to distinguish legitimate mail from spam, and to bypass unnecessary stages of filtering

  9. Address Magnification • Address-on-the-fly (AOTF) • Naming convention used for instant disclosures • Rate limited over time • Highly valuable convenience for users • Automated AOTF • A second supplemental address for new dialogs (partial automation) • New supplemental addresses for each correspondent when appropriate (full automation)

  10. Standard Control Panel Reflexion Control Panel To:      sue.nehomes@ispdomain.net From:   orderconfirm@nehomes.com Blockmessages from this sender You received this message because the sender is using the correct supplemental address assigned by Reflexion. Address Sharing Control Panel Reflexion Control Panel Blockmessages fromthis sender Stop sharing of this address outside of nehomes.com To:      sue.nehomes@ispdomain.netFrom:  sales@products.com You received this message because orderconfirm@nehomes.com shared your email address. Form Factor

  11. Database • Enterprises • Users • Supplemental addresses • Correspondents • Message history • Default values and policies for new users, addresses • Collections (groups, roles, departments)

  12. SAMS MTA Architecture

  13. Beyond Anti-Spam • Day zero virus benefits • Novel active and passive defensive modes • Context and integration to email for any application

  14. Lessons Learned about SAMS • Improves performance over time • Very low maintenance • Reduces stress on users and infrastructure • Metrically, more addresses are better than fewer • Pre-use concern about SAs must be allayed • It’s sticky • Users are not resistant to slight changes in behavior • In combination with white listing, delivers a pristine Inbox experience requiring very little maintenance

  15. 5 September 2014 Questions?

  16. Day Zero Virus Example Actual Customer Data. The graph shows a surge in undesirable mail due to the onslaught of the Sobig.F virus. The added layer of virus protection from the address-based defense complemented the anti-virus gateway, specifically during the "window of vulnerability" -- the time when infected messages arrive before the update of the AV definition -- when most of the economic damage occurs.

  17. Denial-of-Service Example

  18. Zero Spam Example

More Related