76 research outputs found
Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link
between the innate and adaptive immune system, providing the initial detection
of pathogenic invaders. Research into this family of cells has revealed that
they perform information fusion which directs immune responses. We have derived
a Dendritic Cell Algorithm based on the functionality of these cells, by
modelling the biological signals and differentiation pathways to build a
control mechanism for an artificial immune system. We present algorithmic
details in addition to experimental results, when the algorithm was applied to
anomaly detection for the detection of port scans. The results show the
Dendritic Cell Algorithm is sucessful at detecting port scans.Comment: 21 pages, 17 figures, Information Fusio
Rejecting spam during SMTP sessions
This paper analyzes a spam rejection scheme at Simple Mail Transfer Protocol (SMTP) sessions. This scheme utilizes a layer-3 e-mail pre-classification technique to estimate e-mail classes before an SMTP session ends. We study the spam rejection scheme using discrete-time Markov chain analysis and analyze the performance of the proposed scheme under different e-mail traffic loads and service capacities. The proposed scheme reduces the e-mail volume to be queued and processed by e-mail servers. This reduces non-spam e-mail queuing delay and loss, and protects e-mail servers from being overloaded by spam traffic
Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they
perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on
the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the Dendritic Cell Algorithm is successful at detecting port scans
Throttling Outgoing SPAM for Webmail Services
Abstract. Presented a system that dynamically throttles emails based on the message content at the email server provider (ESP) side. The goal of this system is to reduce the spam generated by the ESP while not introducing long delay to legitimate messages. This goal is achieved by applying spam filters during the email delivery time and by using filter scores to control the throttling effect. The throttling effect is implemented through a computational puzzle system. We present experiments and results that show the effectiveness of this anti-spam system that under state of the art hardware, we can limit the ability of the spammer even though he possesses 1000 times as many CPU resources as the normal sender
SNARE: Spatio-temporal Network-level Automatic Reputation Engine
Current spam filtering techniques classify email based on
content and IP reputation blacklists or whitelists. Unfortunately,
spammers can alter spam content to evade content based
filters, and spammers continually change the IP addresses
from which they send spam. Previous work has suggested
that filters based on network-level behavior might be
more efficient and robust, by making decisions based on how
messages are sent, as opposed to what is being sent or who
is sending them.
This paper presents a technique to identify spammers
based on features that exploit the network-level spatio temporal
behavior of email senders to differentiate the spamming
IPs from legitimate senders. Our behavioral classifier
has two benefits: (1) it is early (i.e., it can automatically
detect spam without seeing a large amount of email from
a sending IP address-sometimes even upon seeing only a
single packet); (2) it is evasion-resistant (i.e., it is based on
spatial and temporal features that are difficult for a sender
to change). We build classifiers based on these features using
two different machine learning methods, support vector
machine and decision trees, and we study the efficacy
of these classifiers using labeled data from a deployed commercial
spam-filtering system. Surprisingly, using only features
from a single IP packet header (i.e., without looking at
packet contents), our classifier can identify spammers with
about 93% accuracy and a reasonably low false-positive rate
(about 7%). After looking at a single message spammer
identification accuracy improves to more than 94% with a
false rate of just over 5%. These suggest an effective sender
reputation mechanism
Zombification
Spam appears everywhere on the Internet, from downloaded emails to server-based blogs, forums and social media communications. This article explores this notion of the living dead in the context of spam culture. How is spam actively and repetitively produced with different identities? I adopt the term ‘zombie’ to describe spam because, notably, the concept of zombies has been used extensively in popular culture and entertainment, such as films, games and literature to describe the phenomenon of mindless slaves. They are usually situated in an environment that has suffered a viral outbreak with contagious effects. Critiques have compared zombies to dead labour, such as the slavery in Haiti and the labour in the United States: that is, the exploitation of labour through the concept of alienation, from Marx’s theory, and labour practices in global capitalism. Within the context of spam production, as datafied phenomenon, this paper uses the figure of the zombie to describe the computational and network processes of spam automation, which I call ‘zombification’ — alluding to the broader topic of datafication and its consequences. The assumption here is that life once datafied is zombification.
Developing of Ultrasound Experimental Methods using Machine Learning Algorithms for Application of Temperature Monitoring of Nano-Bio-Composites Extrusion
In industry fiber degradation during processing of biocomposite in the extruder is a problem that requires a reliable solution to save time and money wasted on producing damaged material. In this thesis, We try to focus on a practical solution that can monitor the change in temperature that causes fiber degradation and material damage to stop it when it occurs. Ultrasound can be used to detect the temperature change inside the material during the process of material extrusion. A monitoring approach for the extruder process has been developed using ultrasound system and the techniques of machine learning algorithms. A measurement cell was built to form a dataset of ultrasound signals at different temperatures for analysis. Machine learning algorithms were applied through machine-learning algorithm’s platform to classify the dataset based on the temperature. The dataset was classified with accuracy 97% into two categories representing over and below damage temperature (190oc) ultrasound signal. This approach could be used in industry to send an alarm or a temperature control signal when material damage is detected. Biocomposite is at the core of automotive industry material research and development concentration. Melt mixing process was used to mix biocomposite material with multi-walled carbon nanotubes (MWCNTs) for the purpose of enhancing mechanical and thermal properties of biocomposite. The resulting composite nano-bio- composite was tested via different types of thermal and mechanical tests to evaluate its performance relative to biocomposite. The developed material showed enhancement in mechanical and thermal properties that considered a high potential for applications in the future
Alteração no protocolo SMTP para redução de spam.
Um dos principais problemas encontrados no serviço de correio eletrônico (e-mail) é o recebimento de mensagens não solicitadas, conhecidas como spam. O Spam causa sérios prejuízos às instituições, sobrecarregando servidores, links de comunicação e ativos de rede. Esta dissertação propõe uma modificação no Simple Mail Transfer Protocol (SMTP) para redução de spam. A modificação no protocolo produz três consequências vantajosas. A primeira, consiste na rejeição de e-mails indesejados, assim definidos pelo destinatário, evitando-se o desperdício de seus recursos computacionais e de rede. A segunda, consiste no retorno do e-mail indesejado ao spammer, causando-lhe custos, uma vez que seu servidor efetuará processamentos e armazenamentos extras para tratar o spam recusado. A terceira consequência consiste no fato de que, em virtude da recusa, o spammer remove o endereço do destinatário de suas listas de distribuição. A modificação do SMTP foi implementada em um servidor de e-mail Zimbra e avaliada exaustivamente. Os resultados são promissores. O servidor Zimbra modificado demonstrou desempenho e custo computacionais equivalentes ao do servidor Zimbra original quando recebe e-mails legítimos. Quando recebe spam porém, ele apresenta melhor desempenho e custo computacionais que os do servidor Zimbra original
Using Context and Interactions to Verify User-Intended Network Requests
Client-side malware can attack users by tampering with applications or user
interfaces to generate requests that users did not intend. We propose Verified
Intention (VInt), which ensures a network request, as received by a service, is
user-intended. VInt is based on "seeing what the user sees" (context). VInt
screenshots the user interface as the user interacts with a security-sensitive
form. There are two main components. First, VInt ensures output integrity and
authenticity by validating the context, ensuring the user sees correctly
rendered information. Second, VInt extracts user-intended inputs from the
on-screen user-provided inputs, with the assumption that a human user checks
what they entered. Using the user-intended inputs, VInt deems a request to be
user-intended if the request is generated properly from the user-intended
inputs while the user is shown the correct information. VInt is implemented
using image analysis and Optical Character Recognition (OCR). Our evaluation
shows that VInt is accurate and efficient
- …