ECU professor, grad students honored for research on spam filter limitations

Two East Carolina University graduate students and their advising professor received recognition for their research paper during the 13th International Conference on Security of Information and Networks (SINCONF).

Students Mark Sokolov and Kehinde “Kenny” Olufowobi, and Assistant Professor Nic Herndon from the Department of Computer Science received the Best Presentation Award for their research that focused on spam filters.

“In this paper we show that replacing some characters — a, c, e, k, o, p, and y — with their corresponding characters from the Cyrillic alphabet is sufficient to bypass spam filters,” Herndon said.

The ramifications are obvious, especially for those who have ever fallen victim to phishing schemes in which account and password information is stolen.

“We wanted to show that a few character changes pose a vulnerability threat that needs to be addressed,” Herndon said.

I’m very happy for Mark and Kenny and proud of their work.
- Dr. Nic Herndon

According to information they gathered for their research, 94% of malware is delivered via email, and 65% of attack groups used phishing schemes as their primary way to infect computers or systems. Unsuspecting computer users could click on links contained in such emails and unleash viruses that can disable computers or be used to steal information.

“The main contribution of this work is that it identifies a vulnerability in existing spam filters, which is important because learning the vulnerabilities of current classifiers is the only way to fix them,” Sokolov said.

The group did this by using a sample email in which the sender claims to be a mugged, stranded traveler who is unable to pay his hotel bill.

“We tested this method with Microsoft Business email and Gmail,” Sokolov said. “We first sent emails containing a lot of keywords frequently encountered in spam emails, and these emails were flagged as spam. Then we sent the same emails, with some of the characters replaced by their ‘visually equivalent’ characters from the Cyrillic alphabet, and these emails were delivered to the inbox. This suggests that this method can currently bypass existing spam filters.”

The Cyrillic alphabet, prominent in some eastern European countries such as Belarus, Montenegro and Bulgaria as well as some areas of Russia, includes symbols that are similar to the English alphabet, and those similarities could be exploited by those attempting to acquire usernames and passwords to access computers and networks through what appears to be a harmless email.

“I hope that Google, Microsoft and other affected email providers will implement the fixes necessary to address this flaw as quickly as possible because, as you can imagine, spammers don’t exactly take a break,” said Olufowobi, a master’s student in computer science who is expecting to graduate in May.

Olufowobi, from Lagos, Nigeria, knows how those companies can make those fixes quickly as well.

“It will be quicker if they hire me to do that for them,” he said.

A native of Donetsk in Ukraine, Sokolov is scheduled to graduate Dec. 4 with a master’s in software engineering. He said he was excited when he learned of the paper’s award.

“It was an honor to be recognized and receive the Best Presentation Award,” Sokolov said. “… I would like to thank East Carolina University for giving me this opportunity to further my education and prepare me for my future career. Also, I would like to give special thanks to Dr. Herndon for mentoring me throughout the process.”

SINCONF took place virtually because of the coronavirus pandemic from Nov. 4-7. It provided an international forum for presentations of research and applications of security in information and networks. The conference featured contributed as well as invited papers, special sessions, workshops, and tutorials on theory and practice of security of information and networks.

The paper by Sokolov, Olufowobi and Herndon was among 35 nominations for the award.

“I’m very happy for Mark and Kenny and proud of their work,” Herndon said. “I’m excited that they won an international award. … I’m very proud of their achievement. It goes to show that the computer science department at East Carolina University prepares our students to be competitive throughout the world.”