67 research outputs found
SNARE: Spatio-temporal Network-level Automatic Reputation Engine
Current spam filtering techniques classify email based on
content and IP reputation blacklists or whitelists. Unfortunately,
spammers can alter spam content to evade content based
filters, and spammers continually change the IP addresses
from which they send spam. Previous work has suggested
that filters based on network-level behavior might be
more efficient and robust, by making decisions based on how
messages are sent, as opposed to what is being sent or who
is sending them.
This paper presents a technique to identify spammers
based on features that exploit the network-level spatio temporal
behavior of email senders to differentiate the spamming
IPs from legitimate senders. Our behavioral classifier
has two benefits: (1) it is early (i.e., it can automatically
detect spam without seeing a large amount of email from
a sending IP address-sometimes even upon seeing only a
single packet); (2) it is evasion-resistant (i.e., it is based on
spatial and temporal features that are difficult for a sender
to change). We build classifiers based on these features using
two different machine learning methods, support vector
machine and decision trees, and we study the efficacy
of these classifiers using labeled data from a deployed commercial
spam-filtering system. Surprisingly, using only features
from a single IP packet header (i.e., without looking at
packet contents), our classifier can identify spammers with
about 93% accuracy and a reasonably low false-positive rate
(about 7%). After looking at a single message spammer
identification accuracy improves to more than 94% with a
false rate of just over 5%. These suggest an effective sender
reputation mechanism
A palaeoenvironmental reconstruction of the Middle Jurassic of Sardinia (Italy) based on integrated palaeobotanical, palynological and lithofacies data assessment
During the Jurassic, Sardinia was close to continental Europe. Emerged lands started from a single island forming in time a progressively sinking archipelago. This complex palaeogeographic situation gave origin to a diverse landscape with a variety of habitats. Collection- and literature-based palaeobotanical, palynological and lithofacies studies were carried out on the Genna Selole Formation for palaeoenvironmental interpretations. They evidence a generally warm and humid climate, affected occasionally by drier periods. Several distinct ecosystems can be discerned in this climate, including alluvial fans with braided streams (Laconi-Gadoni lithofacies), paralic swamps and coasts (Nurri-Escalaplano lithofacies), and lagoons and shallow marine environments (Ussassai-Perdasdefogu lithofacies). The non-marine environments were covered by extensive lowland and a reduced coastal and tidally influenced environment. Both the river and the upland/hinterland environments are of limited impact for the reconstruction. The difference between the composition of the palynological and palaeobotanical associations evidence the discrepancies obtained using only one of those proxies. The macroremains reflect the local palaeoenvironments better, although subjected to a transport bias (e.g. missing upland elements and delicate organs), whereas the palynomorphs permit to reconstruct the regional palaeoclimate. Considering that the flora of Sardinia is the southernmost of all Middle Jurassic European floras, this multidisciplinary study increases our understanding of the terrestrial environments during that period of time
The Use of Honeynets to Increase Computer Abstract Network Security and User Awareness
In this paper, we address how honeynets, networks of computers intended to be compromised, can be used to increase network security in a large organizational environment. We outline the current threats Internet security is facing at present and show how honeynets can be used to learn about those threats for the future. We investigate issues researchers have to take into account before deploying or while running a honeynet. Moreover, we describe how we tied honeynet research into computer security classes at Georgia Tech to successfully train students and spark interest in computer security.
Verkehrsablauf an aufeinanderfolgenden Trennungs- und Zusammenfuehrungspunkten in planfreien Knotenpunkten innerhalb bebauter Gebiete
The objective of this research project was to employ empirical studies of traffic flow and traffic safety to derive minimum distances and minimum dimensions for the most frequently used designs of entrances and exits at junctions on urban motorways. The test results indicate that a separation point - with good quality advance signposting and signposting - with a distance of 80 m between the tip of the first island and the signposting, and - a distance of 70 m between the signposting and the tip of the subsequent prohibited zone can be regarded as being adequately dimensioned for traffic quality and safety purposes. Even in situations with minimum distances between the separation points, satisfactory quality of traffic flow and traffic safety were determined when there was - suitable advance signposting and signposting - suitable marking and the driving speeds were adapted to the geometrical design of the junction. The test results for merging points showed that - a merging lane length of 120 m can be regarded as adequate for merging zones designed in accordance with type ER 1, - the design of the merging zone must take account of the relevant load relation (of traffic streams), the use of a ramp link of the order of 40 m after the end of the first merging zone would seem appropriate and favourable to safety. (orig.)Available from TIB Hannover: ZA 4681(552)+a / FIZ - Fachinformationszzentrum Karlsruhe / TIB - Technische InformationsbibliothekSIGLEDEGerman
- …