Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm

Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the Dendritic Cell Algorithm is sucessful at detecting port scans.Comment: 21 pages, 17 figures, Information Fusio

Rejecting spam during SMTP sessions

This paper analyzes a spam rejection scheme at Simple Mail Transfer Protocol (SMTP) sessions. This scheme utilizes a layer-3 e-mail pre-classification technique to estimate e-mail classes before an SMTP session ends. We study the spam rejection scheme using discrete-time Markov chain analysis and analyze the performance of the proposed scheme under different e-mail traffic loads and service capacities. The proposed scheme reduces the e-mail volume to be queued and processed by e-mail servers. This reduces non-spam e-mail queuing delay and loss, and protects e-mail servers from being overloaded by spam traffic

Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm

Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the Dendritic Cell Algorithm is successful at detecting port scans

Throttling Outgoing SPAM for Webmail Services

Abstract. Presented a system that dynamically throttles emails based on the message content at the email server provider (ESP) side. The goal of this system is to reduce the spam generated by the ESP while not introducing long delay to legitimate messages. This goal is achieved by applying spam filters during the email delivery time and by using filter scores to control the throttling effect. The throttling effect is implemented through a computational puzzle system. We present experiments and results that show the effectiveness of this anti-spam system that under state of the art hardware, we can limit the ability of the spammer even though he possesses 1000 times as many CPU resources as the normal sender

SNARE: Spatio-temporal Network-level Automatic Reputation Engine

Current spam filtering techniques classify email based on content and IP reputation blacklists or whitelists. Unfortunately, spammers can alter spam content to evade content based filters, and spammers continually change the IP addresses from which they send spam. Previous work has suggested that filters based on network-level behavior might be more efficient and robust, by making decisions based on how messages are sent, as opposed to what is being sent or who is sending them. This paper presents a technique to identify spammers based on features that exploit the network-level spatio temporal behavior of email senders to differentiate the spamming IPs from legitimate senders. Our behavioral classifier has two benefits: (1) it is early (i.e., it can automatically detect spam without seeing a large amount of email from a sending IP address-sometimes even upon seeing only a single packet); (2) it is evasion-resistant (i.e., it is based on spatial and temporal features that are difficult for a sender to change). We build classifiers based on these features using two different machine learning methods, support vector machine and decision trees, and we study the efficacy of these classifiers using labeled data from a deployed commercial spam-filtering system. Surprisingly, using only features from a single IP packet header (i.e., without looking at packet contents), our classifier can identify spammers with about 93% accuracy and a reasonably low false-positive rate (about 7%). After looking at a single message spammer identification accuracy improves to more than 94% with a false rate of just over 5%. These suggest an effective sender reputation mechanism

Zombification

Spam appears everywhere on the Internet, from downloaded emails to server-based blogs, forums and social media communications. This article explores this notion of the living dead in the context of spam culture. How is spam actively and repetitively produced with different identities? I adopt the term ‘zombie’ to describe spam because, notably, the concept of zombies has been used extensively in popular culture and entertainment, such as films, games and literature to describe the phenomenon of mindless slaves. They are usually situated in an environment that has suffered a viral outbreak with contagious effects. Critiques have compared zombies to dead labour, such as the slavery in Haiti and the labour in the United States: that is, the exploitation of labour through the concept of alienation, from Marx’s theory, and labour practices in global capitalism. Within the context of spam production, as datafied phenomenon, this paper uses the figure of the zombie to describe the computational and network processes of spam automation, which I call ‘zombification’ — alluding to the broader topic of datafication and its consequences. The assumption here is that life once datafied is zombification.

Developing of Ultrasound Experimental Methods using Machine Learning Algorithms for Application of Temperature Monitoring of Nano-Bio-Composites Extrusion

In industry fiber degradation during processing of biocomposite in the extruder is a problem that requires a reliable solution to save time and money wasted on producing damaged material. In this thesis, We try to focus on a practical solution that can monitor the change in temperature that causes fiber degradation and material damage to stop it when it occurs. Ultrasound can be used to detect the temperature change inside the material during the process of material extrusion. A monitoring approach for the extruder process has been developed using ultrasound system and the techniques of machine learning algorithms. A measurement cell was built to form a dataset of ultrasound signals at different temperatures for analysis. Machine learning algorithms were applied through machine-learning algorithm’s platform to classify the dataset based on the temperature. The dataset was classified with accuracy 97% into two categories representing over and below damage temperature (190oc) ultrasound signal. This approach could be used in industry to send an alarm or a temperature control signal when material damage is detected. Biocomposite is at the core of automotive industry material research and development concentration. Melt mixing process was used to mix biocomposite material with multi-walled carbon nanotubes (MWCNTs) for the purpose of enhancing mechanical and thermal properties of biocomposite. The resulting composite nano-bio- composite was tested via different types of thermal and mechanical tests to evaluate its performance relative to biocomposite. The developed material showed enhancement in mechanical and thermal properties that considered a high potential for applications in the future

Synthesis and Characterization of Pharmacologically Active Compounds

Not availabl

Alteração no protocolo SMTP para redução de spam.

Um dos principais problemas encontrados no serviço de correio eletrônico (e-mail) é o recebimento de mensagens não solicitadas, conhecidas como spam. O Spam causa sérios prejuízos às instituições, sobrecarregando servidores, links de comunicação e ativos de rede. Esta dissertação propõe uma modificação no Simple Mail Transfer Protocol (SMTP) para redução de spam. A modificação no protocolo produz três consequências vantajosas. A primeira, consiste na rejeição de e-mails indesejados, assim definidos pelo destinatário, evitando-se o desperdício de seus recursos computacionais e de rede. A segunda, consiste no retorno do e-mail indesejado ao spammer, causando-lhe custos, uma vez que seu servidor efetuará processamentos e armazenamentos extras para tratar o spam recusado. A terceira consequência consiste no fato de que, em virtude da recusa, o spammer remove o endereço do destinatário de suas listas de distribuição. A modificação do SMTP foi implementada em um servidor de e-mail Zimbra e avaliada exaustivamente. Os resultados são promissores. O servidor Zimbra modificado demonstrou desempenho e custo computacionais equivalentes ao do servidor Zimbra original quando recebe e-mails legítimos. Quando recebe spam porém, ele apresenta melhor desempenho e custo computacionais que os do servidor Zimbra original

Using Context and Interactions to Verify User-Intended Network Requests

Client-side malware can attack users by tampering with applications or user interfaces to generate requests that users did not intend. We propose Verified Intention (VInt), which ensures a network request, as received by a service, is user-intended. VInt is based on "seeing what the user sees" (context). VInt screenshots the user interface as the user interacts with a security-sensitive form. There are two main components. First, VInt ensures output integrity and authenticity by validating the context, ensuring the user sees correctly rendered information. Second, VInt extracts user-intended inputs from the on-screen user-provided inputs, with the assumption that a human user checks what they entered. Using the user-intended inputs, VInt deems a request to be user-intended if the request is generated properly from the user-intended inputs while the user is shown the correct information. VInt is implemented using image analysis and Optical Character Recognition (OCR). Our evaluation shows that VInt is accurate and efficient