Day 1 at CEAS

Typically this conference is focused more on academic methods and theory which have some elements that are more interesting/relevant than others. Either way, I applaud the efforts of all of the presenters as they have all done a great job so far.

One presentation that I was particularly interested in was actually two separate presentations that discussed similar topics from different angles, and those were the use of social networks or "communities of interest" in identifying message legitimacy. The theory here is that if you receive a definable number of messages from a particular sender and you also send email back to that sender, you are likely part of a social network with that sender or have some level of interest in communicating with that person. The study put no limitation on the amount of time that this communication has to take place in though. I could see arguments both ways as to whether or not there should be such a limitation.

There was also a good presentation on Blog Spam by Adam Thomason from a company named Six Apart. He discussed not only avenues of attack, but the prevalence and types of blog spam. One interesting stat that he mentioned was that they generally see less than 100 identifiable attackers on a consistent basis. So, from the sound of it, despite the increases in blog spam that we have been hearing about, the number of people actually involved in this space is still quite small. Another interesting point he mentioned is that the cost of a false positive in blog spam such that a comment is identified as spam when it should not have been is quite low. This makes perfect sense, but I had never quite considered this fact before.

So far it has been an interesting conference with one more day to go. I'll write about my opinions of tomorrow's presentations after the conclusion of the conference.