If you know me in real life you might know that I am a Star Wars fan (my nickname is a hint…). Couple of days ago I stumbled across a nice video. In this YouTube video David Welch explains in great detail how the editing team of Star Wars saved the movie. I never knew how much difference was between what was actually shot and how we know the film today.

As of August the 30th I may call myself a Master of Science (MSc.). At that date I have successfully defended my thesis titled “Combating Snowshoe Spam with Fire”. People have often asked if ‘Fire’ is some kind of an acronym, it ain’t 😉 In the thesis we detail how DNS configurations may be used to track down snowshoe spam domains. Snowshoe spam spreads out the sending over a great number of hosts to reduce the volume per host, making the individual hosts harder to detect and blacklist.

The third publication for the TIDE project. Details more formally the research questions of this project. The DNS is a core service for the Internet. Most uses of the DNS are benign, but some are malicious. Attackers often use a DNS do- main to enable an attack (e.g. DDoS attacks). Detection of these attacks often happens passively, but this leads to a reactive detection of attacks. However, registering and configuring a domain takes time.

The second publication for the TIDE project. It has received the Best Paper Award at NOMS 2018. Snowshoe spam is a type of spam which is notoriously hard to detect. Differently from regular spam, snowshoe spammers distribute the volume among many hosts, in order to make detection harder. To be successful, however spammers need to appear as legitimate as possible, for example, by adopting email best practice like Sender Policy Framework (SPF).

TIDE was present at the Network Operations and Management Symposium (NOMS 2018) conference in Taipei, Taiwan. Olivier was there to present “Melting the Snow: Detecting Snowshoe Spam Domains Using Active DNS Measurements”. NOMS 2018 was held in Taipei, Taiwan, from the 23rd till the 27th of April. NOMS has been held in every even-numbered year since 1988. This was the 30th anniversary of NOMS. Our work was very well received at the conference.