E-Mail Bombs and Countermeasures

E-Mail Bombs and Countermeasures: Cyber Attacks on Availability and Brand Integrity

In 1997, Tim Bass developed countermeasures against an actual Internet-based attack that on the Langley AFB SMTP email infrastructure. This attack was documented in a technical paper, E-Mail Bombs and Countermeasures: Cyber Attacks on Availability and Brand Integrity, IEEE Network Magazine, Vol. 12, No. 2, pp. 10-17, March/April 1998. In this paper the authors discussed how the simplicity of SMTP mail, combined with the robustness of the sendmail MTA program, could be misused in numerous ways to create extraordinary and powerful email bombs. E-mail bombs can be launched in many different attack scenarios which can easily shut down chains of SMTP mail servers. Sendmail-based SMTP mail relays can also be used covertly to distribute messages and files that could be potentially damaging to the integrity and brands of victims. They also discussed mail-bombing techniques, automated attack tools, and countermeasures and presented an analysis of the cyber attack, graphs illustrating the attack volume, and a statistical e-mail bomb early warning system. Following this event, Tim Bass’ work on Internet security and countermeasures for the DoD was been featured in both Popular Science Magazine and Federal Computer Week. The table below contains links to these documents.

Date Author(s) Organization Document
July 1999 Frank Vizard Popular Science WAR.COM
July 26, 1999 Dan Verton Federal Computer Week Dedication is the Best Defense – Tim Bass Uses Network Expertise to Help Langley Air Force Base Fight Hackers
March/April 1998 Tim Bass, Alfredo Freyre, David Gruber, and Glenn Watt SilkRoad, SAIC, USAF E-Mail Bombs and Countermeasures: Cyber Attacks on Availability and Brand Integrity

Subseqent to this work at Langley AFB, Bass’ technical paper and high media visibility, this work was briefed to numerous government agencies, including the Marsh Commission on Critical Infrastructure Protection, as an example of the growing threat of cyberterrorism. We will add some of those links to this Wiki, as a later date.


Pioneering Spam Filtering Software

On July 24th, 2004, Masters degree students at the University of Oslo and Oslo University College credited Tim Bass and Lt. Col. (R) Glenn Watt as the first to formalize the spam filtering model; a model which was later to be adapted by all spam filtering software:

“Researchers Tim Bass and Lt. Col. Glenn Watt, at Langley Air Force Base in Virginia, USA, made an early attempt [1997] to block out huge amounts of spam that were relayed through their SMTP servers. They assumed that most of the emails were coming from a small group of individuals, since the theme was somewhat similar. They contained pornographic material and bigoted hate-mail. However, since most of the mail headers were forged, it was nearly impossible to track them down. They formed the Tiger Team, a group of scientists and military engineers, dedicated to fighting the spammers. The team developed a model that formed the basis of a working prototype. It consisted of a queue piped through a processing filter, where the classification was done. Their implementation is far too simple to be used for anything serious nowadays. Nevertheless, they were the first to formalize this model – a model which was later to be adapted by all spam filtering
software.” [1]


See Also

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks