Dmitri Alperovitch talks about reputation-based spam protection
With about 90 percent of all emails today being spam, it's hard for even the best anti-spam program to keep up. And what's worse is that spammers are constantly developing new techniques, such as image-based spam, to sidestep the filters. What if you could determine ahead of time, the intentions of everyone who sends you an email? Wouldn't it be wonderful to know, without a doubt, who the bad guys are? What if there were a central authority that knew the reputations of everyone who has ever sent an email? As it turns out, you don't have to be a mind-reader. Reputation-based security is very similar to what the financial services industry has created with credit agencies. Every person who has ever paid a bill or used a credit card has a credit score-a credit reputation, if you will. When you want to buy a new car, the finance company looks at your reputation, and then decides whether or not to let you past the gates and give you some money. We now have the same thing for people who send emails.
Dmitri Alperovitch, Chief Research Scientist at Secure Computing and developer of reputation-based security, talks about the evolution of spam, the next big thing in spam prevention, and how to identify the culprits before they bombard your email server.
Where did reputation based security come from?
It was an invention of CipherTrust, and since then, a variety of other companies have applied it to the email security area as well. When we were working on spam detection at CipherTrust, which was bought by Secure Computing, we realized early on that it made sense to aggregate information on a global level and to collect data from all of the customers that we had deployed at that time, and apply behavioral techniques not on an individual box, but on the cloud where you have a much broader view into email traffic.
You're the point man on reputation system development. What led to your development efforts in this direction? Was there an "aha" moment when you knew that you had to create a reputation system?
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
Dmitri Alperovitch
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
