White: complete trust in this IP address
Black: No trust in this IP address
Grey: This IP address is not directly involved in spamming but is associated with spam-like behaviors
Yellow: This IP address is known to produce spam and non-spam email
NoBL: This IP address does not send spam, and should not be blacklisted. But it is not fully trustworthy.
SPAM ip address is black listed.
New IP addresses are trusted with the static blacklist model.
Static Blacklist Model: Innocent until proven guilty
Need a dynamic, comprehensive reputation system outputs reputation scores for domains
Extra temporal and statistical features from DNS traffic, compute/learn models
Kopis: Passive monitoring in the upper levels of the DNS hierarchy; internet-visibility
h(w) = (length of word w) mod 5
Given H(m), no easy way to find m
one-way function
Hash pointer contains:
-pointer to where some info is stored
-(cryptographic) hash of the info
Hash pointe
Hash of the data, Pointer to data
