Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

E-mail "cluster bombs" a disaster waiting to happen, computer scientists say

11.12.2003


Internet users can be blind-sided by e-mail "cluster bombs" that inundate their inboxes with hundreds or thousands of messages in a short period of time, thereby paralyzing the users’ online activities, according to a new report by researchers at Indiana University Bloomington and RSA Laboratories in Bedford, Mass.



IUB computer scientist Filippo Menczer and RSA Laboratories Principal Research Scientist Markus Jakobsson describe in the December 2003 issue of ;login: a weakness in Web sites that makes the e-mail cluster bombs possible. A miscreant could, the authors say, pose as the victim and fill out Web site forms, such as those used to subscribe to a mailing list, using the victim’s own e-mail address.

One or two automated messages would hardly overload an e-mail inbox. But Menczer, associate professor of informatics and computer science, said special software called agents, web-crawlers and scripts can be used by the bomber to fill in thousands of forms almost simultaneously, resulting in a "cluster bomb" of unwanted automatic reply e-mail messages to the victim. The attack can also target a victim’s cell phone with a sudden, large volume of SMS (short message service) messages.


"This is a potential danger but also a problem that is easy to fix," Menczer said. "We wanted to let people know how to correct the problem before a hacker or malicious person exploits this vulnerability, causing real damage."

The barrage of messages would dominate the bandwidth of an Internet connection, making it difficult or impossible for the victim to access the Internet. This is called a distributed denial-of-service attack, because a large number of Web sites attack a single target.

The attack works because most Web forms do not verify the identity of the people -- or automated software agents -- filling them out. But Menczer said there are some simple things Web site managers can do to prevent attacks.

"Often, subscribing to a Web site results in an automatically generated e-mail message asking the subscriber something like, ’Do you want to subscribe to our Web site?’" Menczer said. "We propose that Web forms be written so that the forms do not cause a message to be sent to subscribers at all. Instead, the form would prompt subscribers to send their own e-mails confirming their interest in subscribing. This would prevent the Web site from being abused in a cluster bomb attack."

Menczer was an assistant professor of management sciences at the University of Iowa’s Henry B. Tippie College of Business when the study was initiated. Funding for the study came from an National Science Foundation Career Grant and the Center for Discrete Mathematics and Theoretical Computer Science at Rutgers University.

| Indiana University
Further information:
http://newsinfo.iu.edu/news/page/normal/1213.html

More articles from Communications Media:

nachricht New cruise ship “Mein Schiff 1” features Fraunhofer 3D sound on board
05.09.2018 | Fraunhofer-Institut für Digitale Medientechnologie IDMT

nachricht Small enclosure, big sound, clear speech
31.08.2018 | Fraunhofer-Institut für Digitale Medientechnologie IDMT

All articles from Communications Media >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Explosion on Jupiter-sized star 10 times more powerful than ever seen on our sun

A stellar flare 10 times more powerful than anything seen on our sun has burst from an ultracool star almost the same size as Jupiter

  • Coolest and smallest star to produce a superflare found
  • Star is a tenth of the radius of our Sun
  • Researchers led by University of Warwick could only see...

Im Focus: Quantum simulation more stable than expected

A localization phenomenon boosts the accuracy of solving quantum many-body problems with quantum computers which are otherwise challenging for conventional computers. This brings such digital quantum simulation within reach on quantum devices available today.

Quantum computers promise to solve certain computational problems exponentially faster than any classical machine. “A particularly promising application is the...

Im Focus: Largest, fastest array of microscopic 'traffic cops' for optical communications

The technology could revolutionize how information travels through data centers and artificial intelligence networks

Engineers at the University of California, Berkeley have built a new photonic switch that can control the direction of light passing through optical fibers...

Im Focus: A long-distance relationship in femtoseconds

Physicists observe how electron-hole pairs drift apart at ultrafast speed, but still remain strongly bound.

Modern electronics relies on ultrafast charge motion on ever shorter length scales. Physicists from Regensburg and Gothenburg have now succeeded in resolving a...

Im Focus: Researchers 3D print metamaterials with novel optical properties

Engineers create novel optical devices, including a moth eye-inspired omnidirectional microwave antenna

A team of engineers at Tufts University has developed a series of 3D printed metamaterials with unique microwave or optical properties that go beyond what is...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

VideoLinks
Industry & Economy
Event News

Revered mathematicians and computer scientists converge with 200 young researchers in Heidelberg!

17.04.2019 | Event News

First dust conference in the Central Asian part of the earth’s dust belt

15.04.2019 | Event News

Fraunhofer FHR at the IEEE Radar Conference 2019 in Boston, USA

09.04.2019 | Event News

 
Latest News

New automated biological-sample analysis systems to accelerate disease detection

18.04.2019 | Life Sciences

Explosion on Jupiter-sized star 10 times more powerful than ever seen on our sun

18.04.2019 | Physics and Astronomy

New eDNA technology used to quickly assess coral reefs

18.04.2019 | Life Sciences

VideoLinks
Science & Research
Overview of more VideoLinks >>>