http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5701
Summary: Enhancing SpamAssassin Anti-Phishing Detection
Capability
Product: Spamassassin
Version: unspecified
Platform: All
URL: http://cups.cs.cmu.edu/trust.php
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: Plugins
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
SUMMARY: Enhancing SpamAssassin Anti-Phishing Detection Capability
BACKGROUND: Carnegie Mellon University would like to make its PILFER
anti-phishing technology available to the SpamAssassin community
(http://cups.cs.cmu.edu/trust.php)
PROJECT GOALS: Enhancing the detection performance of SpamAssassin on phishing
emails with rules built using PILFER
TECHNICAL OBJECTIVES:
0) Adding anti-phishing detection mechanism to SA, without effecting the
performance of SAs spam detection
1) Introducing new SA-rules that are required by PILFER
2) Evaluating a first version of SA trained using these new rules
3) Evaluating a more advanced version of PILFER in the form of a
plug-in that
uses decision-rules derived by PILFERs learning algorithm
4) Evaluating field performance & collecting feedback from the community
TENTATIVE TIMELINE:
By Nov 23: Collection of Feedback on our proposal
By Dec 7: Test and fine tune PILFER-based SA-rules using corpus from
SpamAssassin. We will start by introducing new SA-rules identified by PILFER.
This first test will rely on the SA learning algorithm and evaluate the
improvement of SAs overall performance. One open issue will be to see to what
extent we want to/can differentiate between spam and phishing email in training
the system. We understand that we may need to treat spam and phish as being the
same in SA training.
December 14-January 11: Test and fine tune PILFER plug-in. Here we will
use our
PILFER technology to produce a new set of decision-rules. These decision-rules
will be produced offline using our own learning algorithms and will be used in a
SA plugin that will execute them. This module is intended to catch phishing
emails that are not caught by the default SA-rules. This enhanced version of SA
will be evaluated on a fresh SA corpus. Some tweaking may be required. Assuming
that the results look good, the plugin will be released in early 2008.
PARTNERS:
Umut Topkara (main point of contact)
Ian Fette
Norman Sadeh
SPONSORS: PILFER is one of several tools developed by Carnegie Mellon University
as part of its Supporting Trust Decision project
(http://cups.cs.cmu.edu/trust.php), a research effort funded by NSF Cyber Trust
initiative (Grant #0524189) and in part under ARO research grant
DAAD19-02-1-0389 (Perpetually Available and Secure Information Systems) to
Carnegie Mellon Universitys CyLab.
SKILLS & EXPERTISE NEEDED: All the programming will be done at Carnegie Mellon.
Our team will need advice and support from SA core-contributors, e.g. to help
with some design decisions and handle potential technical difficulties.
SUPPORTING DOCUMENT:
PILFER WWW'07 paper (http://www2007.org/paper550.php)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
