Ranking seeks to protect internet users from data theft by exposing flagrant spam havens

June 1, 2011

(PhysOrg.com) -- The Center for Research in Economic Commerce (CREC) at The University of Texas at Austin has unveiled an initiative called SpamRankings.net, designed to protect Internet users by identifying major havens for spam.

"Nobody wants to do business with a bank or hospital or Internet hosting company that has been hijacked by spammers," said center Director Andrew Whinston. "It is an environment in which user data can be stolen or compromised."

The connection between spam and data theft is poor computer security. Spammers use what are called botnets to send spam using computers hijacked without the knowledge of their legitimate owners.

"Outbound spam is a proxy for poor organizational security," Whinston said, "because outbound spam indicates botnets, botnets indicate vulnerabilities and vulnerabilities indicate susceptibility to other malware, including phishing, DDoS and identity theft."

SpamRankings.net publicly lists organizations that are major havens for spam, hoping the publicity will pressure them to take more aggressive security measures.

"Landing at the top of the list is no honor," said researcher John S. Quarterman. "Organizations will want to restore their reputation and take measures to protect their customers as well. Those that rank well will want to brag about it."

The researchers are seeking feedback from the ranked organizations. The site lists the top spamming Autonomous Systems (groups of IP addresses) for the health care industry as belonging to Cedars-Sinai Health Systems in the U.S., WIN in Belgium and Konkuk University Hospital in Korea.

"Heroic temporary measures aren't enough to deal with spam," Whinston said. "Ongoing visibility is needed. These rankings provide the transparency that has been missing for the Internet to self-govern itself as a commons."

Whinston was rated this year as the most influential scholar in the information systems field by the h-index, which measures scholarly influence. Other researchers on the team include John S. Quarterman of Quarterman Creations, Professor Serpil Sayin of Koç University and Jouni Reinikainen.

The initial rankings are drawn from custom blocklist volume data by Composite Blocking List (CBL) using correlations of groups of IP addresses (Autonomous Systems) to organizations by Internet security research firm Team Cymru.

Provided by University of Texas at Austin