TY - JOUR AU - Schryen, Guido ID - 5648 IS - 7 JF - Linux Technical Review TI - Effektivität und Effizienz von Anti-Spam-Maßnahmen ER - TY - CONF AB - The Estonian parliamentary election in 2007 is regarded as a success story of large-scale Internet elections. I use this election in a single case study on practical security to show that low quality of security and its management does not necessarily prevent large-scale Internet elections from being conducted. I also provide research propositions with regard to future challenges for large-scale Internet elections. AU - Schryen, Guido ID - 5649 KW - Internet voting KW - large-scale election KW - Estonian parliamen- tary election KW - security KW - security management T2 - 7th Workshop on e-Business (WEB 2008, AIS Special Interest Group on E-Business) TI - Practical Security of Large-scale Elections: An Exploratory Case Study of Internet Voting in Estonia ER - TY - GEN AB - Spamming remains a form of Internet abuse, which burdens the Internet infrastructure, is generally regarded as an annoyance, and is said to cause a huge economic harm. Many technological, organizational, and legislative anti-spam measures have already been proposed and implemented, but have not led to any substantial decrease in the number of spam e-mails. We propose a scalable and flexible infrastructure framework that integrates several anti-spam measures and that features both a technological and an organizational facet. The key element of our infrastructure is a new organizational unit that reliably and transparently limits the number of e-mails that can be sent per day and per account. We also analyze the proposed framework in terms of its theoretical effectiveness, the required resources, and its limitations. AU - Schryen, Guido ID - 6287 KW - Email KW - Infrastructure KW - Internet KW - Spam TI - Preventing E-mail Spam: The Conceptualization and the Analysis of an Infrastructure Framework ER - TY - CHAP AU - Schryen, Guido ED - Satesh, D. ED - Prabhakar, R. ID - 5650 T2 - Proceedings of IPSI International Conference on Advances in the Internet, Processing, Systems, and Interdisciplinary Research TI - A Scalable and Flexible Infrastructure Framework For Addressing Spam ER - TY - BOOK AU - Schryen, Guido ID - 5651 TI - Anti-Spam Measures: Analysis and Design ER - TY - JOUR AB - More than half of world-wide e-mail traffic ? an estimated total of several billion e-mails per day ? consists of spam. This is becoming a considerable disturbance to telecommunications. Spam is also closely related to other kinds of cyber crime as it possibly contains malicious software or is pursuing some kind of fraudulent aim, such as phishing. Besides technical and organizational measures, many countries have introduced anti-spam legislation. However, today's world-wide legislative coverage of spam is heterogeneous, and its effectiveness is controversially discussed. This article describes important parameters by which anti-spam legislation can vary and gives an overview and analysis of world-wide anti-spam legislation, including the European Directive 2002/58/EC, the U.S. CANSPAM Act of 2003, and international cooperation, such as the London Action Plan. The article then proceeds to discuss the effectiveness of current laws, and it identifies problems resulting from the fact that an international phenomenon is being addressed by national legislation. Finally, the article presents suggestions for overcoming some of these problems. AU - Schryen, Guido ID - 5652 IS - 1 JF - Information and Communications Technology Law TI - Anti-spam legislation: An analysis of laws and their effectiveness VL - 16 ER - TY - CHAP AU - Schryen, Guido ED - Satesh, D. ED - Prabhakar, R. ID - 5653 T2 - Spam: An Introduction TI - Approaches Addressing Spam ER - TY - CONF AB - Spamming remains a form of Internet abuse, which burdens the Internet infrastructure, is generally regarded as an annoyance, and is said to cause economic harm to the tune of about several billion US\$ per year. Many technological, organizational, and legislative anti-spam measures have already been proposed and implemented, but have not led to any substantial decrease in the number of spam e-mails. We propose here a new infrastructure framework that combines several anti-spam measures in a framework that features both a technological and an organizational facet. The key element of our infrastructure is a new organizational unit that reliably and transparently limits he number of e-mails that can be sent per day and per account. This paper first gives an overview of the framework, then it provides technological and organizational details of the infrastructure, the deployment of which depends to a large degree on its acceptance and propagation by the ICANN, the ISOC, and by large e-mail service providers. Finally, the paper discusses the limitations and drawbacks of the proposed framework. AU - Schryen, Guido ID - 5654 T2 - 40th Annual Hawaii International Conference on System Sciences TI - Armed for the spam battle - a technological and organizational infrastructure framework ER - TY - JOUR AB - Spam e-mails have become a serious technological and economic problem. Up to now, by deploying complementary anti-spam measures, we have been reasonably able to withstand spam e-mails and use the Internet for regular communication. However, if we are to avert the danger of losing the Internet e-mail service in its capacity as a valuable, free and worldwide medium of open communication, anti-spam activities should be performed more systematically than is currently the case regarding the mainly heuristic, anti-spam measures in place. A formal framework, within which the existing delivery routes that a spam e-mail may take, and anti-spam measures and their effectiveness can be investigated, will perhaps encourage a shift in methodology and pave the way for new, holistic anti-spam measures. This paper presents a model of the Internet e-mail infrastructure as a directed graph and a deterministic finite automaton and draws on automata theory to formally derive the spam delivery routes. The most important anti-spam measures are then described. Methods controlling only specific delivery routes are evaluated in terms of how effectively they cover the modeled e-mail infrastructure; methods operating independently of any particular routes receive a more general assessment. AU - Schryen, Guido ID - 5655 IS - 2 JF - The Journal of Information Systems Security (AIS Special Interest Group in Security) KW - e-mail KW - spam KW - e-mail infrastructure KW - anti-spam measures KW - spamming options TI - Do anti-spam measures effectively cover the e-mail communication network? A formal approach VL - 3 ER - TY - CHAP AU - Schryen, Guido ED - Schulte, Heinz ID - 5656 T2 - Vom LAN zum Kommunikationsnetz - Systeme und Applikationen TI - Location Based Services ER - TY - CHAP AU - Schryen, Guido ED - Schulte, Heinz ID - 5657 T2 - Vom LAN zum Kommunikationsnetz - Systeme und Applikationen, Edition 02/2007 TI - Spam-Emails VL - 9/12 ER - TY - JOUR AB - Email communication is encumbered with a mass of email messages which their recipients have neither requested nor require. Even worse, the impacts of these messages are far from being simply an annoyance, as they also involve economic damage. This manuscript examines the resource ?email addresses?, which is vital for any potential bulk mailer and spammer. Both a methodology and a honeypot conceptualization for implementing an empirical analysis of the usage of email addresses placed on the Internet are proposed here. Their objective is to assess, on a quantitative basis, the extent of the current harassment and its development over time. This ?framework? is intended to be extensible to measuring the effectiveness of address-obscuring techniques. The implementation of a pilot honeypot is described, which led to key findings, some of them being: (1) Web placements attract more than two-thirds (70\%) of all honeypot spam emails, followed by newsgroup placements (28.6\%) and newsletter subscriptions (1.4\%), (2) the proportions of spam relating to the email addresses? top-level domain can be statistically assumed to be uniformly distributed, (3) More than 43\% of addresses on the web have been abused, whereas about 27\% was the case for addresses on newsgroups and only about 4\% was the case for addresses used for a newsletter subscription, (4) Regarding the development of email addresses? attractiveness for spammers over time, the service ?web sites? features a negative linear relationship, whereas the service ?Usenet? hows a negative exponential relationship. (5) Only 1.54\% of the spam emails showed an interrelation between the topic of the spam email and that of the location where the recipient?s address was placed, so that spammers are assumed to send their emails in a ?context insensitive? manner. The results of the empirical analysis motivate the need for the protection of email addresses through obscuration. We analyze this need by formulating requirements for address obscuring techniques and we reveal to which extent today?s most relevant approaches fulfill these requirements. AU - Schryen, Guido ID - 5658 IS - 5 JF - Computers & Security KW - Address-obfuscating techniques KW - email KW - empirical analysis KW - honeypot KW - security by design KW - security by obscurity KW - spam TI - The Impact that Placing Email Addresses on the Internet has on the Receipt of Spam ? An Empirical Analysis VL - 2 ER - TY - CONF AB - Spam e-mails have become a serious technological and economic problem. So far we have been reasonably able to resist spam e-mails and use the Internet for regular communication by deploying complementary anti-spam approaches. However, if we are to avert the danger of losing the Internet email service as a valuable, free, and worldwide medium of open communication, anti-spam activities should be performed more systematically than is done in current, mainly heuristic, anti-spam approaches. A formal framework within which the modes of spam delivery, anti-spam approaches, and their effectiveness can be investigated, may encourage a shift in methodology and pave the way for new, holistic anti-spam approaches. This paper presents a model of the Internet e-mail infrastructure as a directed graph and a deterministic finite automaton, and draws on automata theory to formally derive the modes of spam delivery possible. Finally the effectiveness of anti-spam approaches in terms of coverage of spamming modes is assessed. AU - Schryen, Guido ID - 5659 T2 - 39th Annual Hawaii International Conference on System Sciences TI - A formal approach towards assessing the effectiveness of anti-spam procedures ER - TY - JOUR AU - Schryen, Guido ID - 5660 IS - 3 JF - IATAC IAnewsletter TI - A honeypot for the exploration of spammers' behaviour VL - 8 ER - TY - CONF AB - Spam has become one of the most annoying and costly phenomenon in the Internet. Valid e-mail addresses belong to the most valuable resources of spammers, but little is known about spammers? behavior when collecting and harvesting addresses and spammers? capabilities and interest in carefully directed, consumer-oriented marketing have not been explored yet. Gaining insight into spammers? ways to obtain and (mis)use e-mail addresses is useful in many ways, e.g. for the assessment of the effectiveness of address obscuring techniques and the usability and necessity of hiding e-mail addresses on the Internet. This paper presents a spam honeypot project in progress addressing these issues by systematically placing e-mail addresses in the Internet and analyzing received e-mails. The honeypot?s conceptual framework, its implementation, and first empirical results are presented. Finally, an outlook on further work and activities is provided. AU - Schryen, Guido ID - 5661 KW - Spam KW - ham KW - e-mail KW - honeypot KW - address obscuring technique KW - address taxonomy T2 - Proceedings of the 6th IEEE Information Assurance Workshop TI - An e-mail honeypot addressing spammers' behavior in collecting and applying addresses ER - TY - CONF AB - Voting via the Internet has become a feasible option for political as well as non-political ballots. However, there are many obstacles which have to be overcome, especially legal restrictions have to be transformed into technical and security solutions. The article starts with a brief presentation of advantages and disadvantages of Internet ballots and presents application fields and pilot schemes. Then, technological security aspects are derived due to democratic basic principles. Especially the applied voting procedures are critical in security terms. Hence, the most relevant cryptographic protocols are presented and their drawbacks and shortcomings are identified. However, this article does not propose a new voting protocol. Beyond fixing cryptographic procedures for ballots, more elements are to be specified, e.g. responsibilities and rights of involved authorities or security precautions regarding hardware and software. For this reason, a structural security framework for electronic voting systems is presented which can be used for their composition and analysis. AU - Schryen, Guido ID - 5765 T2 - 37th Annual Hawaii International Conference on System Sciences TI - Security Aspects of Internet Voting ER - TY - JOUR AB - Spam als unerwünschte Massen-E-Mail hat die Grenze von der Belästigung zur ökonomischen Relevanz längst überschritten. Ihr relativer Anteil am gesamten, weltweiten E-Mail-Aufkommen stieg in den vergangenen Jahren auf mehr als 50% im Jahr 2003. Es entstehen jährlich volkswirtschaftliche Schäden in Milliardenhöhe. Zur Bekämpfung des Spam-Problems werden neben gesetzlichen Regelungen vor allem technische Lösungen eingesetzt, bei denen das Blockieren und Filtern von E-Mails in praktisch eingesetzten Anti-Spam-Systemen dominieren. Dieser Artikel führt in die Spam-Problematik ein und beschreibt, bewertet und klassifiziert die derzeit bedeutendsten Verfahren zur Bekämpfung von Spam. AU - Schryen, Guido ID - 5662 IS - 4 JF - Wirtschaftsinformatik KW - Spam KW - E-Mail KW - Spoofing KW - Blockieren KW - Filtern KW - Lightweight Mail Transfer Agent Authentication Protocol (LMAP) TI - Effektivität von Lösungsansätzen zur Bekämpfung von Spam VL - 46 ER - TY - CONF AB - Spam as unsolicited e-mail to a large number of recipients is known to ecome an increasingly disturbing and costly issue of electronic business and internet traffic. Mainly technical-oriented approaches are applied with a focus on blocking, filtering, and authentication mechanisms based on the domain name system. They come along with different drawbacks and have all low effectiveness in common. The article sketches these approaches, shows its limitations, and proposes an account-based approach where the number of e-mails per day and account is restricted. AU - Schryen, Guido ED - Isaias, Pedro ID - 5663 KW - e-mail KW - spam KW - filtering KW - blocking KW - LMAP KW - SMTP account T2 - Proceedings of the IADIS International Conference WWW/Internet 2004. vol. 2 TI - Fighting Spam: Motivating an Account-based Approach ER - TY - CONF AB - Remote Internet voting systems still suffer from many security problems which rely on the clients, the servers, and the network connections. Denial-ofservice attacks and viruses still belong to the most challenging security issues. Projects and studies like the ?Voting Technology Project? of CALTECH and MIT or SERVE of the US Department of Defense set up to gain experience evidence many of the notional weaknesses of current Internet voting systems. AU - Schryen, Guido ID - 5664 T2 - Workshop of the ESF TED Programme TI - How Security Problems Can Compromise Remote Internet Voting Systems ER - TY - CHAP AU - Schryen, Guido ED - Gehrke, Gernot ID - 5666 T2 - Digitale Teilung - digitale Integration : Perspektiven der Internetnutzung TI - Neulich am Hotspot - Bringt Mobiles Internet die Menschen ins Netz? ER - TY - BOOK AU - Schryen, Guido AU - Herstell, Jan AU - Schoenen, Markus ID - 5629 TI - Online Marktforschung im Mittelstand: Analyse von Konsumentenverhalten in 3D-Internet-Welten ER - TY - JOUR AU - Schryen, Guido AU - Herstell, Jan ID - 5630 IS - 2 JF - IM : die Zeitschrift für Information Management und Consulting TI - Online-Marktforschung - Analyse von Konsumentenverhalten in virtuellen Umgebungen, in: Information Management & Consulting, 18,2 VL - 18 ER - TY - CHAP AB - Voting via the Internet is part of electronic government and electronic democracy. However, there are many obstacles which have to be overcome, especially legal restrictions have to be transformed into technical and security solutions. In the first part the article discusses advantages and disadvantages of Internet elections, shows different application fields, and presents important international pilot schemes (political and business ones). in the second part, due to democratic basic principles, technological security aspects are worked out. AU - Schryen, Guido ID - 5667 KW - Internet Voting KW - Online polls KW - E-Democracy KW - Security T2 - Proceedings of the IADIS International Conference WWW Internet 2003. vol. 2 TI - E-Democracy: Internet Voting ER - TY - CONF AB - Zusammenfassung: Im Rahmen des E-Governments werden zunehmend Internetwahlen diskutiert. Der Beitrag diskutiert zunächst die Vor- und Nachteile derartiger Wahlen und zeigt Anwendungsgebiete sowie durchgeführte Pilotprojekte im politischen wie auch wirtschaftlichen Bereich auf. Im Rahmen eines Anforderungssystems werden anschließend aus demokratischen Wahlgrundsätzen sicherheitstechnologische Anforderungen herausgearbeitet. Zu deren Adressierung werden kryptographischen Wahlkonzepte herangezogen, von denen die wichtigsten vorgestellt werden. Aufgrund der Komplexität der Anforderungslandschaft wird ein sicherheitstechnologisches Strukturmodell vorgestellt, das insbesondere dazu dient, die Sicherheit(skomponenten) eines Wahlsystems systematisch mit den Anforderungen abzugleichen. Der Artikel schließt mit einem Ausblick auf notwendige Untersuchungen. AU - Schryen, Guido ID - 5668 KW - Internet-Wahlen KW - E-Democracy KW - Sicherheit KW - Kryptographie T2 - 6. Internationale Tagung Wirtschaftsinformatik TI - Internet-Wahlen ER - TY - CONF AB - Bei der Online-Marktforschung lässt sich mit Hilfe virtueller 3D-Welten das Konsumentenverhalten beobachten. Da die Struktur der dabei anfallenden Daten multidimensional ist und die marktforschungsrelevanten Anfragen eine hohe OLAP-Affinität aufweisen, wurde hierzu im Rahmen des Forschungsprojekts Benevit ein Data Warehouse konzipiert und realisiert. Im Rahmen einer Standardisierung der Protokollierung von Konsumentenaktivitäten und deren prototypischen Realisierung erwies sich der Data Warehouse/OLAP-Ansatz zur Speicherung, Analyse und Präsentation der Marktforschungsdaten als adäquates Instrumentenbündel. AU - Schryen, Guido AU - Schoenen, Markus ID - 5620 T2 - Data Warehousing 2002 TI - Data Warehouse in der Marktforschung - Analyse von Benutzeraktivitäten in virtuellen Welten ER - TY - JOUR AB - Mit dem elektronischen Papier wird in der Displayforschung ein neuer materialtechnologischer Ansatz verfolgt: Elektronisches Papier besteht aus einer dünnen, flexiblen Folie, in der farbige Pigmente mittels elektrischer Felder ausgerichtet werden. Die Vorteile gegenüber traditionellen Technologien wie beispielsweise LCD-Displays bestehen zum einen in niedrigeren Herstellungskosten (niedrigere Produktionskosten und geringere Materialkosten) und einem geringeren Gewicht. Zum anderen entsteht eine bessere Lesbarkeit, da sich Reflexion, Kontrast und mögliche Betrachtungswinkel verbessern bzw. vergrößern. Diese Potenziale können bei Anzeigetafeln, Computerdisplays und mobilen Endgeräten ausgeschöpft werden. Mit der Eigenschaft, fast beliebige Materialien als Trägermedium zu verwenden, öffnet sich auch die Anwendungsmöglichkeit des biegsamen, elektronischen Mediums für Zeitungen und Zeitschriften. Die US-Unternehmen E Ink und Gyricon Media bieten eine zunehmend größere Produktpalette mit elektronischem Papier an. AU - Schryen, Guido AU - Karla, Jürgen ID - 5623 IS - 6 JF - Wirtschaftsinformatik KW - Elektronisches Papier KW - Elektronische Tinte KW - E Ink KW - Gyricon Media KW - Displays KW - Mobile Endger{\ TI - Elektronisches Papier - Display-Technologie mit weitem Anwendungsspektrum VL - 44 ER - TY - JOUR AU - Schryen, Guido ID - 5669 IS - 3 JF - i-com. Zeitschrift für interaktive und kooperative Medien TI - Elektronische Zeitung - das Erbe Gutenbergs? ER - TY - BOOK AU - Schryen, Guido ID - 5670 TI - Komponentenorientierte Softwareentwicklung in Softwareunternehmen: Konzeption eines Vorgehensmodells zur Einführung und Etablierung ER -