A Behavior-Based Approach To Securing Email Systems

The Malicious Email Tracking (MET) system, reported in a prior publication, is a behavior-based security system for email services. The Email Mining Toolkit (EMT) presented in this paper is an offline email archive data mining analysis system that is designed to assist computing models of malicious email behavior for deployment in an online MET system. EMT includes a variety of behavior models for email attachments, user accounts and groups of accounts. Each model computed is used to detect anomalous and errant email behaviors. We report on the set of features implemented in the current version of EMT, and describe tests of the system and our plans for extensions to the set of models

Transfer of Security Email Proxy into Embedded Device

Bakalářská práce se zabývá analýzou embedded zařízení a operačních systémů pro tato zařízení za účelem portace proxy pro zabezpečení elektronické pošty na některé z těchto zařízení. Dále se věnuje existujícímu řešení Mailproxy a způsobům zabezpečení elektronické pošty.This bachelor's thesis deals with embedded devices and their operating systems analysis for transfer of security email proxy into one of these devices. It also describes already existing project Mailproxy and techniques of email securing.

Securing email through online social networks

Despite being one of the most basic and popular Internet applications, email still largely lacks user-to-user cryptographic protections. From a research perspective, designing privacy preserving techniques for email services is complicated by the requirement of balancing security and ease-of-use needs of everyday users. For example, users cannot be expected to manage long-term keys (e.g., PGP keypair), or understand crypto primitives. To enable intuitive email protections for a large number of users, we design FriendlyMail by leveraging existing pre-authenticated relationships between a sender and receiver on an Online Social Networking (OSN) site, so that users can send secure emails without requiring direct key exchange with the receiver in advance. FriendlyMail can provide integrity, authentication and confidentiality guarantees for user-selected messages among OSN friends. FriendlyMail is mainly based on splitting the trust without introducing new trusted third parties. A confidentiality-protected email is encrypted by a randomly-generated key and sent through email service providers, while the key and hash of the encrypted content are privately shared with the receiver via the OSN site as a second secure channel. Our implementation consists of a Firefox addon and a Facebook application, and can secure the web-based Gmail service using Facebook as the OSN site. However, the design can be implemented for preferred email/OSN services as long as the email and OSN providers are non-colluding parties. FriendlyMail is a client-end solution and does not require changes to email or OSN servers

PENGAMANAN TEKS PADA DOKUMEN EMAIL MENGGUNAKAN ENKRIPSI ROTOR

The delivery of a letter electronically are very popular the last few years, so many people utilize to send important documents to the destination. Electronic mail that is commonly referred to by email, use the internet access in its operation. The email when sent, realistically not up to the destination but kept on the server the owner of email services. After the email is saved to the server then the email can be read by the destination written email account when sending email. When data or documents stored on the server can be potentially exploited by the email service providers without the permission of the owner of the data, it is certainly a security issue related to the data confidentiality of the data. To maintain the confidentiality of such data, one of the methods that is believed to be able to cope with it is Cryptography. In this study, researchers developed a technique of securing text on document email using cryptography method with rotor encryption. Research methods used were derived from a review of the literature to find out the model of the safeguards text in the document. Then analyze the weaknesses of earlier related research based pengemanan the text of the document. The next step is followed by the design of the rotor encryption implementation on the text message and continues to perform calculations using rotor encryption on the text of the document to be sent via email. The results of securing the text in documents that will be sent via email, is expected to enhance the confidentiality of data when stored on the server

ANALYZING USER TRADEOFFS FOR ENCRYPTED EMAIL SERVICES

Securing online communication, especially in email settings, is challenging. End-to-end encryption achieves maximal security; however, introducing search capabilities is complicated, potentially making it impractical for email. One option is to locally decrypt and index emails to incorporate search, but this requires significant client-side storage. Encryption that is searchable at the server-side limits local storage, but requires other compromises as well. This thesis presents a study using conjoint analysis to understand user tradeoffs related to email features in order to propose a solution for providing usable, yet secure, email service. The results suggest that while it is ideal to have maximum privacy, users rely heavily on the features present in standard insecure email services. Furthermore, with about half of the participants reporting local device storage as a concern, searchable encryption could be a feasible secure email service solution for some users

Two factor authentication framework based on ethereum blockchain with dApp as token generation system instead of third-party on web application

Authentication is a method for securing an account by verifying the user identity by inputting email with a password. Two factor authentications is an authentication system that combines the first-factor authentication with the second factor. General two factor authentication by entering an email or username with a password are similar. However, two factor authentication requires additional information that must be inputted by the user. Additional information can be in the form of tokens or one-time passwords (OTP). Two factor authentications generally still uses third-party services to generate token or OTP still have vulnerable because can attacked from tokens steal through MITM and found that the generated tokens with the same value. Therefore, we propose a two-factor authentication framework based on ethereum blockchain with dApp as token generation system. Firstly, outcome from the analysis of the system, next succeeded in creating a two-factor authentication system without using third-parties. Second, token system generate up to 3164 different tokens  in one second and has been collisions tested. Third, security method to protect token from MITM attack. The attacker unable to get access caused all the checking are done by dApp user authentication

The Implementation of Securing Plaintext File Using Cryptography Method in Web Based Environment

The objective of this research in primarily to find the best fit crytography system that can encrypt and decrypt the extension file .doc, implement it in a simple application which works similar to email and construct and run a set of evaluation to securing plaintext file in a web based environment. The methodology and testing procedure which are used during this evaluation is based on a simulation model. Result from the evaluation set constructed is found able to show the performance of the cryptography system. ClipSecure is rate to be the best fitted features of cryptography system in this project scope for it has choices of nine algorithms, plus a hardcore mode and support for both message and file encryption

IMPLEMENTASI ALGORITMA CAMELLIA DENGAN KUNCI 128 BIT PADA ENKRIPSI DAN DEKRIPSI ISI PESAN ELCTRONIC MAIL (EMAIL)

Keamanan data dan informasi menjadi sesuatu yang sangat beharga di era globalisasi sekarang ini. Data dan informasi dapat dikirim dari sender ke receiver melalui media-media yang sangat praktis, instan, gratis, dan mudah didapatkan. Salah satu media yang bisa digunakan adalah email (electronic mail). Email merupakan layanan surat elektronik yang memudahkan pengguna untuk saling bertukar data dan informasi. Namun, pencurian data dan informasi makin marak terjadi belakangan ini. sehingga membuat pengguna khawatir akan kerahasian data dan informasi yang dimiliki. Pencurian data dan infrormasi yang sering terjadi dikarenakan banyak akun email yang digunakan untuk mendaftar diberbagai situs lainnya dengan menggunakan password yang sama. Ketika data akun email kita didapat dari pihak ketiga sehingga memudahakan para pencuri untuk beraksi. Oleh karena itu, diperlukan algoritma untuk mengamankan data dan informasi yang kita kirim melalui email. Salah satu algoritma yang bisa digunakan adalah algoritma camellia 128 bit. Alasan utama penggunaan algoritma ini, berdasarkan penelitian sebelumnya disimpulkan bahwa algoritma ini tahan terhadap cryptanalys terutama differential attack. Selain itu, algoritma ini juga memiliki keunggulan high level of security, efficeincy on multiple platforms, future developments. Hasil dari penelitian ini, menyimpulkan bahwa algoritma ini bisa diimpelementasi pada pesan email. Implementasi dilakukan saat penulisan email dengan mengubah isi pesan email yang akan dikirim menjadi chiperteks dalam bentuk blok-blok biner. Sedangkan implementasi dari dekripsi dengan menggunakan metode ini akan merubah chiperteks yang diterima dalam bentuk blok-blok biner menjadi plainteks dalam bentuk pesan email sebenarnya. Selain itu algoritma ini juga sangat memiliki performa yang baik dari segi waktu proses dan kecepatan enkripsi dan dekripsinya. Pada penelitian ini waktu proses enkripsi dan dekripsi sangat dipengaruhi oleh padding bit. Padding bit dilakukkan pada proses enrkipsi dimana blok plainteks kurang dari kelipatan 128 bit. Sedangkan pada proses dekripsi tidak dilakukan padding bit, hal ini dikarenakan chiperteks yang dihasilkan pada penelitian ini telah berupa blok-blok kelipatan 128 bit.;---Data security and information can be one of the most valuable thing in this era. Data and information can be sent from the sender to receiver using some practical,instant, free, and available medias. One of the medias that can be used is email (electronic mail). Email is an electronic mail that can help user exchange data and information to each other. However, data and information theft is a growing phenomenon recently. It makes the user so worry over the data privacy and information loss. Data theft mostly happen because of there are many sites registered using the same email with the same password. So, when someone steal the email acount, it can be easier for him to do anything.therefore, the algoritm for securing data and informtion sent by email is necessarily needed. One of the algortm used is camelia 128 bit algorithm. The main reason why the researcher uses this algorithm is because it can bare the criptanalys attack especially differential attack. Beside that, this algorithm has a high level of scurity, efficiency on multiple platforms, future devolopments. The results of the research, it concluded that these algorithms can be diimpelementasi email messages. Implementation is done when writing emails by changing the contents of the email that will be sent as chiperteks in the form of blocks of binary . While the implementation of dekrispi using this method will change chiperteks received in the form of blocks of binary becomes planteks in the form of the actual email message . Besides this algorithm also has a very good performance in terms of processing time and speed of encryption and decryption . In this research, encryption and decryption process is strongly influenced by the padding bits. Padding bits on encryption process in which a block of plaintext is less than a multiple of 128 bits . While in the decryption process is not use padding bits, because chiperteks generated in this study was in the form on blocks multiple of 128 bits

Infosys Technologies: Improving Organizational Knowledge Flow

Nandan Nilekani, the chief executive officer (CEO) of Infosys Technologies (Infosys), sat at his desk at the company’s headquarters in Bangalore, India, reading an email from one of his account managers in his North American operations. The manager, Vivek Pradhan, had just landed a project with a major Detroit automobile manufacturer, and was commenting to Nandan on how instrumental the company’s knowledge management (KM) program was in his securing the project. Vivek told Nandan that his client had given him 48 hours to develop a pre-proposal on upgrading its nationwide sales and order operations. He added that his technical team had never seen such a project. Vivek felt he could never meet his pre-proposal deadline, but that evening he received an email from Nandan announcing the launch of a new Domain Competency Group (DCG) as part of the company’s nascent knowledge management (KM) initiative. As stated in the email: DCG would serve as a centralized think-tank to provide round-the-clock knowledge support on various industrial domains to our practice units around the world. Vivek further explained that a quick call to the DCG contact number helped him locate a similar project completed for a German automotive company. He was sent the necessary materials, including a client presentation, which proved very similar to what his client had in mind. After reading the email, Nandan sat back in his chair feeling quite pleased at the success of the five-year-old KM program. Infosys’ KM implementation was guided by the KM Maturity Model (KMM) (see Exhibit 1). 2 Infosys was currently working towards attaining the fourth level of KM maturity. However, one requirement was seriously lacking and would impede progress to the next level: Infosys did not have robust metrics for assessing productivity benefits of the KM program

Peer mentoring to secure student placements

Purpose This paper describes a case study where student peer mentors were employed to motivate and assist undergraduates to secure optional professional placement positions. Design/methodology/approach The paper describes the reasons for establishing the project and the recruitment of mentors. It outlines a survey of students who had not undertaken placements the previous year to try to identify the activities that would be most effective on the part of the mentors. It then describes the mentoring that was conducted. The mentors, together with the placement co-coordinator, devised support ranging from one to one mentoring, drop in ‘clinics’, online support through a social network and large group talks. It discusses the results of this work and evaluates the oral and written responses of both mentors and mentees. Findings Those mentees who took part in the mentoring were typically those who were already enthusiastic about placement opportunities. The majority of students did not take advantage of mentoring support either face to face or online. It was found that the mentoring scheme did not significantly affect the proportion of students seeking or securing placements. However, the mentors themselves gained tremendous benefits from the mentoring scheme in particular developing their communication skills and confidence. Research limitations A thorough survey of potential mentees was not carried out after the project to ascertain the reasons for their lack of engagement. Practical implications There are two separate implications of this project: 1) The mentoring scheme was valuable primarily for the mentors and not the mentees and 2) The level of support provided by the University is not the main factor in the low take up of optional placement opportunities. If such learning opportunities are felt to be sufficiently valuable for the student learning experience they need to be compulsory with appropriate support available – a mentoring scheme might then be of far more value to mentees. Originality/value There is very little published concerning the use of mentoring to facilitate work based learning. Furthermore most published work on mentoring is located in the ‘best practice’ school of pedagogical research where it is implicitly assumed that one must report on the success of an intervention. Frequently it is more valuable to examine more unexpected results of an intervention. This paper however shows much greater benefits achieved by the mentors than the mentees