161 resultados para phishing emails
Resumo:
In the last decade, the Internet email has become one of the primary method of communication used by everyone for the exchange of ideas and information. However, in recent years, along with the rapid growth of the Internet and email, there has been a dramatic growth in spam. Classifications algorithms have been successfully used to filter spam, but with a certain amount of false positive trade-offs. This problem is mainly caused by the dynamic nature of spam content, spam delivery strategies, as well as the diversification of the classification algorithms. This paper presents an approach of email classification to overcome the burden of analyzing technique of GL (grey list) analyser as further refinements of our previous multi-classifier based email classification [10]. In this approach, we introduce a “majority voting grey list (MVGL)” analyzing technique with two different variations which will analyze only the product of GL emails. Our empirical evidence proofs the improvements of this approach, in terms of complexity and cost, compared to existing GL analyser. This approach also overcomes the limitation of human interaction of existing analyzing technique.
Resumo:
In the last decade, the rapid growth of the Internet and email, there has been a dramatic growth in spam. Spam is commonly defined as unsolicited email messages and protecting email from the infiltration of spam is an important research issue. Classifications algorithms have been successfully used to filter spam, but with a certain amount of false positive trade-offs, which is unacceptable to users sometimes. This paper presents an approach of email classification to overcome the burden of analyzing technique of GL (grey list) analyzer as further refinements of synthesis based email classification technique. In this approach, we introduce a “majority voting grey list (MVGL)” analyzing technique which will analyze the GL emails by using the majority voting (MV) algorithm. We have presented two different variations of the MV system, one is simple MV (SMV) and other is the Ranked MV (RMV). Our empirical evidence proofs the improvements of this approach compared to existing GL analyzer [7].
Resumo:
In the last decade, the rapid growth of the Internet and email, there has been a dramatic growth in spam. Spam is commonly defined as unsolicited email messages and protecting email from the infiltration of spam is an important research issue. Classifications algorithms have been successfully used to filter spam, but with a certain amount of false positive trade-offs, which is unacceptable to users sometimes. This paper presents an approach to overcome the burden of GL (grey list) analyzer as further refinements to our multi-classifier based classification model (Islam, M. and W. Zhou 2007). In this approach, we introduce a ldquomajority voting grey list (MVGL)rdquo analyzing technique which will analyze the generated GL emails by using the majority voting (MV) algorithm. We have presented two different variations of the MV system, one is simple MV (SMV) and other is the ranked MV (RMV). Our empirical evidence proofs the improvements of this approach compared to the existing GL analyzer of multi-classifier based spam filtering process.
Resumo:
Micro-blogging services such as Twitter, Yammer, Plurk and Google Buzz have generated substantial interest among members of the business community in recent years. Many CEOs, managers and front-line employees have embraced micro-blogs as a tool for interacting with colleagues, employees, customers, suppliers and investors. Micro-blogs are considered a more informal channel than emails and official websites, and thus present a different set of challenges to businesses. As a positional paper, this paper uses a case study of a bogus Twitter account to emphasise security and ethical issues relating to (i) Trust, Accuracy and Authenticity of Information, (ii) Privacy and Confidentiality, and (iii) Scams and Frauds, when micro-blogs are used in the workplace. It also highlights the potential risks businesses are exposed to if employees use micro-blogs irresponsibly. The paper contributes to practice by providing suggestions on managing security and ethical risks associated with micro-blogging in the workplace. It contributes to research by building on existing research in trust and data privacy in electronic communication.
Resumo:
Spam is commonly known as unsolicited or unwanted email messages in the Internet causing potential threat to Internet Security. Users spend a valuable amount of time deleting spam emails. More importantly, ever increasing spam emails occupy server storage space and consume network bandwidth. Keyword-based spam email filtering strategies will eventually be less successful to model spammer behavior as the spammer constantly changes their tricks to circumvent these filters. The evasive tactics that the spammer uses are patterns and these patterns can be modeled to combat spam. This paper investigates the possibilities of modeling spammer behavioral patterns by well-known classification algorithms such as Naïve Bayesian classifier (Naive Bayes), Decision Tree Induction (DTI) and Support Vector Machines (SVMs). Preliminary experimental results demonstrate a promising detection rate of around 92%, which is considerably an enhancement of performance compared to similar spammer behavior modeling research.
Resumo:
Classifying user emails correctly from penetration of spam is an important research issue for anti-spam researchers. This paper has presented an effective and efficient email classification technique based on data filtering method. In our testing we have introduced an innovative filtering technique using instance selection method (ISM) to reduce the pointless data instances from training model and then classify the test data. The objective of ISM is to identify which instances (examples, patterns) in email corpora should be selected as representatives of the entire dataset, without significant loss of information. We have used WEKA interface in our integrated classification model and tested diverse classification algorithms. Our empirical studies show significant performance in terms of classification accuracy with reduction of false positive instances.
Resumo:
Employees continue to report multifarious e-mail concerns ('e-mail defects') including ambiguous unclear messages, e-mail overload, security and privacy issues, and e-mail interruptions. These defects have an effect on employee efficiency and effectiveness. This paper explores the importance of identifying e-mail defects and the effectiveness of training employees in efficient use of e-mail at four UK organisations, using Seminar-Based Training (SBT) and Computer-Based Training (CBT) delivery modes. The findings suggest that SBT has a diminishing impact over a very short period of time, but a combined approach of SBT and CBT is more effective and provides better results.
Resumo:
In online role plays, students are asked to engage with a story that serves as a metaphor for real-life experience as they learn and develop skills. However, practitioners rarely examine the characteristics and management of this story as factors in the students' engagement in and learning from the activity. In this paper I present findings from a recent case study which examines these factors in an online role play that has been named as an exemplar and has been run for 19 years in Australian and international universities to teach Middle East politics and journalism. Online role plays are increasingly popular in tertiary education, in forms ranging from simple text-based role plays to virtual learning environment activities and e-simulations. The role play I studied required students to communicate in role via simulated email messages and draw on real-life resources and daily simulated online newspaper publications produced by the journalism students rather than rely on information or automated interactions built into an interface. This relatively simple format enabled me to observe clearly the impact of the technique's basic design elements. I studied both the story elements of plot, character and setting and the non-story elements of assessment, group work and online format. The data collection methods include analysis of student emails in the role play, a questionnaire, a focus group, interviews and the journal I kept as a participant-observer in the role play. In evaluating the qualities and impact of story elements I drew upon established aesthetic principles for drama and poststructuralist drama education.
Resumo:
A botnet is a group of compromised computers, which are remotely controlled by hackers to launch various network attacks, such as DDoS attack and information phishing. Botnet has become a popular and productive tool behind many cyber attacks. Recently, the owners of some botnets, such as storm worm, torpig and conflicker, are employing fluxing techniques to evade detection. Therefore, the understanding of their fluxing tricks is critical to the success of defending from botnet attacks. Motivated by this, we survey the latest botnet attacks and defenses in this paper. We begin with introducing the principles of fast fluxing (FF) and domain fluxing (DF), and explain how these techniques were employed by botnet owners to fly under the radar. Furthermore, we investigate the state-of-art research on fluxing detection. We also compare and evaluate those fluxing detection methods by multiple criteria. Finally, we discuss future directions on fighting against botnet based attacks.
Resumo:
Spam or unwanted email is one of the potential issues of Internet security and classifying user emails correctly from penetration of spam is an important research issue for anti-spam researchers. In this paper we present an effective and efficient spam classification technique using clustering approach to categorize the features. In our clustering technique we use VAT (Visual Assessment and clustering Tendency) approach into our training model to categorize the extracted features and then pass the information into classification engine. We have used WEKA (www.cs.waikato.ac.nz/ml/weka/) interface to classify the data using different classification algorithms, including tree-based classifiers, nearest neighbor algorithms, statistical algorithms and AdaBoosts. Our empirical performance shows that we can achieve detection rate over 97%.
Resumo:
This paper provides a temporal snapshot of two midterm PhD candidates as they both grapple with paradigms and methodology, research questions, external challenges within the research field, locating their voices as doctoral students, and maintaining energy and focus to continue their doctoral journey. These two candidates, one of whom is interstate, share the same supervisor and have come to know each other through telephone reading groups, email communications, and face-to-face meetings with their supervisor, and attending conferences and other collegial opportunities. The catalyst for this paper was a reading group discussion of a paper by Pirrie and Macleod (2010, p. 367) applying the descriptors of ʻjourneyman, wayfarer, fellow traveller or craftsmanʼ to the conceptualisation of the identities of researchers at temporal moments in the research process. We were also inspired by Kamler and Thomsonʼs (2001) paper where they respond to each otherʼs emails in a conversation formulating ideas and perspectives about ʻwriting upʼ research. Additionally, we have considered the work of Ryan, Amorim and Kusch (2010) and Lindsay, Kell, Ouellette and Westall (2010). We have linked their work on reflective learning to our experience of reflecting ʻaloudʼ in a supportive learning community and our subsequent individual reflexive learning. At the heart of our reflections is a relationship between supervisor (Jennifer) and doctoral candidates (Christine and Cheryl); the relationship is a fluid community of practice (Wenger, 1998). A community of practice that depends not so much on direction from the supervisor, but rather as a space where concepts and ideas can be spoken aloud in a safe, critical and supportive environment. Members are able to listen, both to themselves and to each other, before reflecting and finding their own way. At other times each juggles their own professional and personal identities as they become teacher, journeyman, fellow traveller and recalcitrant.
Resumo:
This article presents experimental results devoted to a new application of the novel clustering technique introduced by the authors recently. Our aim is to facilitate the application of robust and stable consensus functions in information security, where it is often necessary to process large data sets and monitor outcomes in real time, as it is required, for example, for intrusion detection. Here we concentrate on the particular case of application to profiling of phishing websites. First, we apply several independent clustering algorithms to a randomized sample of data to obtain independent initial clusterings. Silhouette index is used to determine the number of clusters. Second, we use a consensus function to combine these independent clusterings into one consensus clustering . Feature ranking is used to select a subset of features for the consensus function. Third, we train fast supervised classification algorithms on the resulting consensus clustering in order to enable them to process the whole large data set as well as new data. The precision and recall of classifiers at the final stage of this scheme are critical for effectiveness of the whole procedure. We investigated various combinations of three consensus functions, Cluster-Based Graph Formulation (CBGF), Hybrid Bipartite Graph Formulation (HBGF), and Instance-Based Graph Formulation (IBGF) and a variety of supervised classification algorithms. The best precision and recall have been obtained by the combination of the HBGF consensus function and the SMO classifier with the polynomial kernel.
Resumo:
This article is devoted to experimental investigation of a novel application of a clustering technique introduced by the authors recently in order to use robust and stable consensus functions in information security, where it is often necessary to process large data sets and monitor outcomes in real time, as it is required, for example, for intrusion detection. Here we concentrate on a particular case of application to profiling of phishing websites. First, we apply several independent clustering algorithms to a randomized sample of data to obtain independent initial clusterings. Silhouette index is used to determine the number of clusters. Second, rank correlation is used to select a subset of features for dimensionality reduction. We investigate the effectiveness of the Pearson Linear Correlation Coefficient, the Spearman Rank Correlation Coefficient and the Goodman--Kruskal Correlation Coefficient in this application. Third, we use a consensus function to combine independent initial clusterings into one consensus clustering. Fourth, we train fast supervised classification algorithms on the resulting consensus clustering in order to enable them to process the whole large data set as well as new data. The precision and recall of classifiers at the final stage of this scheme are critical for the effectiveness of the whole procedure. We investigated various combinations of several correlation coefficients, consensus functions, and a variety of supervised classification algorithms.
Resumo:
Online social networks have not only become a point of aggregation and exchange of information, they have so radically rooted into our everyday behaviors that they have become the target of important network attacks. We have seen an increasing trend in Sybil based activity, such as in personification, fake profiling and attempts to maliciously subvert the community stability in order to illegally create benefits for some individuals, such as online voting, and also from more classic informatics assaults using specifically mutated worms. Not only these attacks, in the latest months, we have seen an increase in spam activities on social networks such as Facebook and RenRen, and most importantly, the first attempts at propagating worms within these communities. What differentiates these attacks from normal network attacks, is that compared to anonymous and stealthy activities, or by commonly untrusted emails, social networks regain the ability to propagate within consentient users, who willingly accept to partake. In this paper, we will demonstrate the effects of influential nodes against non-influential nodes through in simulated scenarios and provide an overview and analysis of the outcomes.
Resumo:
Social network worms, such as email worms and facebook worms, pose a critical security threat to the Internet. Modeling their propagation dynamics is essential to predict their potential damages and develop countermeasures. Although several analytical models have been proposed for modeling propagation dynamics of social network worms, there are two critical problems unsolved: temporal dynamics and spatial dependence. First, previous models have not taken into account the different time periods of Internet users checking emails or social messages, namely, temporal dynamics. Second, the problem of spatial dependence results from the improper assumption that the states of neighboring nodes are independent. These two problems seriously affect the accuracy of the previous analytical models. To address these two problems, we propose a novel analytical model. This model implements a spatial-temporal synchronization process, which is able to capture the temporal dynamics. Additionally, we find the essence of spatial dependence is the spreading cycles. By eliminating the effect of these cycles, our model overcomes the computational challenge of spatial dependence and provides a stronger approximation to the propagation dynamics. To evaluate our susceptible-infectious-immunized (SII) model, we conduct both theoretical analysis and extensive simulations. Compared with previous epidemic models and the spatial-temporal model, the experimental results show our SII model achieves a greater accuracy. We also compare our model with the susceptible-infectious-susceptible and susceptible-infectious- recovered models. The results show that our model is more suitable for modeling the propagation of social network worms.
