LENS is a technique that leverages social networks and trust to prevent spam transmission. It uses "Gatekeepers" who are legitimate users selected to vouch for users outside a recipient's immediate social circle. The document discusses the LENS architecture, which focuses on accepting emails from legitimate users rather than detecting spam. It also evaluates LENS using two social networks, finding that LENS was able to accept all inbound emails while requiring a reasonable number of Gatekeepers and performing GK selection with high success rates and latency under 1 second.
The document analyzes a network graph of purchases of political books in the USA with 105 vertices and 441 edges. It explores various graph metrics and centrality measures including degree, closeness, betweenness, and eccentricity centrality. It identifies graph properties such as the diameter of 7, radius of 4, and presence of communities detected using graph partitioning and community detection algorithms.
This document discusses web and social computing and peer-to-peer networks. It provides an overview of peer-to-peer network types including unstructured and structured networks. It also describes PeerSim, a peer-to-peer network simulator. The document outlines implementing maximum and minimum functions in PeerSim and analyzing the results. New methods were designed, run, and graphs of the outputs were generated to study how the maximum and minimum values changed over simulations.
This document analyzes how Twitter was used to spread information during the 2010 Chilean earthquake. It finds that:
1) Over 4.7 million tweets were posted by 716,344 users in the days following the quake.
2) Rumors tended to be questioned more by other Twitter users, while confirmed news received more affirmations, suggesting the community works like a collaborative filter of information.
3) However, no automatic way was identified to classify confirmed news versus false rumors based on the tweets alone. Factors like sentiment, sarcasm, and who has authority to confirm information would need to be considered.
Amazon Marketplace allows individuals and businesses to sell products through Amazon's website. It gives sellers access to Amazon's large customer base. To be successful on Marketplace, sellers must understand how to optimize various factors like product listings, pricing, reviews, and inventory management. The A9 algorithm ranks sellers based on metrics like conversion rate, customer satisfaction, and relevance to the customer's search terms. It considers up to 30 factors to provide customers with the most relevant products.
This document discusses using Weka data mining tools to analyze a zoo dataset. It explores two classifiers - J48 decision trees and JRip rule-based learning - using various evaluation techniques in Weka. The objectives are to select a dataset, apply and compare the two classifiers on it. The zoo dataset is analyzed using basic statistics, cross-validation, percentage splits and pruning with both classifiers. J48 performs slightly better on this small dataset, correctly classifying 92% of instances compared to 87% for JRip. The document concludes Weka tools like Experimenter and Knowledge Flow are useful for comparing classifiers and understanding algorithm options.
This document outlines a proposed business model called Ugly Vegetable that aims to reduce food waste by delivering imperfect or misshapen produce directly to customers. The business would collect surplus fruits and vegetables rejected by supermarkets due to not meeting size or aesthetic standards from farms and deliver them to both businesses (B2B) and consumers (B2C). Key benefits include reducing food waste, lowering food miles, promoting seasonal produce with better flavor, and reducing packaging. Revenue would be generated through a modest price markup on the produce after accounting for collection and delivery costs. Competition is currently limited but scaling up demand is a challenge to reach profitability.
The document provides information for sellers on registering an account, listing products, and fulfilling orders on Amazon marketplace. It discusses registering as a seller, preparing product listings, uploading products to their catalog, and using Fulfillment by Amazon. It also covers topics like increasing seller ratings, managing customer feedback, order metrics, payment processing, returns and refunds policies.
The document discusses using the data mining tool WEKA to perform linear regression and clustering analysis. It provides steps for loading the housing unit dataset and building linear regression and EM clustering models in WEKA. The linear regression output shows the attributes that predict housing unit price. The clustering analysis identifies 5 clusters in the data and provides details on the attribute means and standard deviations for each cluster.
The document analyzes a network graph of purchases of political books in the USA with 105 vertices and 441 edges. It explores various graph metrics and centrality measures including degree, closeness, betweenness, and eccentricity centrality. It identifies graph properties such as the diameter of 7, radius of 4, and presence of communities detected using graph partitioning and community detection algorithms.
This document discusses web and social computing and peer-to-peer networks. It provides an overview of peer-to-peer network types including unstructured and structured networks. It also describes PeerSim, a peer-to-peer network simulator. The document outlines implementing maximum and minimum functions in PeerSim and analyzing the results. New methods were designed, run, and graphs of the outputs were generated to study how the maximum and minimum values changed over simulations.
This document analyzes how Twitter was used to spread information during the 2010 Chilean earthquake. It finds that:
1) Over 4.7 million tweets were posted by 716,344 users in the days following the quake.
2) Rumors tended to be questioned more by other Twitter users, while confirmed news received more affirmations, suggesting the community works like a collaborative filter of information.
3) However, no automatic way was identified to classify confirmed news versus false rumors based on the tweets alone. Factors like sentiment, sarcasm, and who has authority to confirm information would need to be considered.
Amazon Marketplace allows individuals and businesses to sell products through Amazon's website. It gives sellers access to Amazon's large customer base. To be successful on Marketplace, sellers must understand how to optimize various factors like product listings, pricing, reviews, and inventory management. The A9 algorithm ranks sellers based on metrics like conversion rate, customer satisfaction, and relevance to the customer's search terms. It considers up to 30 factors to provide customers with the most relevant products.
This document discusses using Weka data mining tools to analyze a zoo dataset. It explores two classifiers - J48 decision trees and JRip rule-based learning - using various evaluation techniques in Weka. The objectives are to select a dataset, apply and compare the two classifiers on it. The zoo dataset is analyzed using basic statistics, cross-validation, percentage splits and pruning with both classifiers. J48 performs slightly better on this small dataset, correctly classifying 92% of instances compared to 87% for JRip. The document concludes Weka tools like Experimenter and Knowledge Flow are useful for comparing classifiers and understanding algorithm options.
This document outlines a proposed business model called Ugly Vegetable that aims to reduce food waste by delivering imperfect or misshapen produce directly to customers. The business would collect surplus fruits and vegetables rejected by supermarkets due to not meeting size or aesthetic standards from farms and deliver them to both businesses (B2B) and consumers (B2C). Key benefits include reducing food waste, lowering food miles, promoting seasonal produce with better flavor, and reducing packaging. Revenue would be generated through a modest price markup on the produce after accounting for collection and delivery costs. Competition is currently limited but scaling up demand is a challenge to reach profitability.
The document provides information for sellers on registering an account, listing products, and fulfilling orders on Amazon marketplace. It discusses registering as a seller, preparing product listings, uploading products to their catalog, and using Fulfillment by Amazon. It also covers topics like increasing seller ratings, managing customer feedback, order metrics, payment processing, returns and refunds policies.
The document discusses using the data mining tool WEKA to perform linear regression and clustering analysis. It provides steps for loading the housing unit dataset and building linear regression and EM clustering models in WEKA. The linear regression output shows the attributes that predict housing unit price. The clustering analysis identifies 5 clusters in the data and provides details on the attribute means and standard deviations for each cluster.
This document discusses using two classifiers, JRip and J48, on a zoo dataset containing animal attributes. It explores various preprocessing and evaluation techniques in Weka, including removing duplicates and useless attributes, cross validation, percentage splits, and comparing the classifiers using Experimenter. J48 slightly outperforms JRip on this dataset when run with default options and 10-fold cross validation. The document concludes that while J48 may generate more complex trees, it beats JRip for this small dataset without preprocessing. Experimenter and Knowledge Flow are useful Weka tools for comparing classifiers and understanding intermediate steps.
Real time classification of malicious urls.pptx 2Daniyar Mukhanov
This document discusses developing a machine learning system to classify URLs as malicious or benign in real-time. The system was trained on data collected from tweets during two large events - the Super Bowl and Cricket World Cup. A multi-layer perceptron (MLP) model achieved the best performance, correctly classifying 72% of URLs from the unseen Cricket World Cup data within 30 seconds. The Bayesian model performed best in early stages, achieving 66% accuracy within the first 60 seconds. Analysis of the MLP model revealed that bytes received and remote IP address were important indicators of malicious URLs.
This document provides an overview of using the WEKA data mining tool to perform two common techniques: clustering and linear regression. It first introduces WEKA and its interfaces. It then provides details on k-means clustering, including how to implement it in WEKA on a sample BMW customer dataset. This identifies five distinct customer clusters. The document also explains linear regression and uses a house pricing dataset in WEKA to build a regression model to predict house value based on features.
Weka is a machine learning software written in Java that can be used for data mining tasks. It contains tools for data pre-processing, classification, regression, clustering, association rules, and feature selection. The document discusses loading data formats into Weka, performing basic preprocessing and classification, attribute selection using filter and wrapper approaches, and filtering datasets using supervised and unsupervised filters. Examples of these techniques are demonstrated.
Social media can influence political behavior through social networks. Researchers sent social or informational messages to over 60 million Facebook users before the 2010 US elections. Those who received social messages were more likely to click "I Voted" or seek polling places. Examining voting records found those who received social messages were slightly more likely to vote. Effects increased with stronger social ties - close friends had a greater influence than distant acquaintances. The study provides evidence that online political mobilization through social networks can translate into real-world voting behavior changes.
Predictive Analytics: It's The Intervention That MattersHealth Catalyst
In this two-part webinar, get the detailed knowledge you need to make informed decisions about adopting predictive analytics in healthcare so you can separate today's hype from reality. In part 1, you'll learn key learnings from Dale Sanders including 1) our fixation on predictive analytics in readmissions, 2) the common trap of predictions without interventions, 3) the common misconceptions of correlations verses causation, 4) examples of predictions without algorithms, and 5) the importance of putting the basics first.
In part 2, you'll hear from industry expert David Crockett, PhD in a "graduate level" crash course cover key concepts such as machine learning, algorithms, feature selection, classification, tools and more.
Weka is a collection of machine learning algorithms and data pre-processing tools developed at the University of Waikato. It contains tools for data pre-processing, classification, regression, clustering, association rule mining, and visualization. Weka is open source, free to use, and popular for research and applications. It has a graphical user interface and supports common data formats like ARFF.
LENS is a spam protection system that leverages social networks and trust to prevent spam transmission. It selects legitimate users called Gatekeepers from a recipient's social network to vouch for potential senders outside the recipient's circle. Unless a Gatekeeper vouches for an email, it will not be transmitted. Evaluations found LENS to be scalable and effective at accepting legitimate emails while being lightweight compared to traditional spam filters. However, future advanced techniques may be needed to address more sophisticated spam and privacy concerns remain regarding trust relationships.
Dash uses a two-tier network of masternodes to enable features like instant transactions, private transactions, and decentralized governance. Masternodes require a collateral of 1000 Dash to participate. They facilitate features like InstantSend for near-instant confirmations and PrivateSend for concealing transaction histories. The masternode network also funds projects and oversees governance through a decentralized budget and voting system. Dash aims to further develop these capabilities and improve scalability with upgrades like Evolution scheduled for 2018.
This document provides an outline for building a chatbot. It discusses key principles such as ensuring messages are processed and delivered in the proper order, minimizing dropped messages, and scaling the bot through techniques like using multiple message queues and consumer processes. It also emphasizes making the chatbot dynamic by defining states and transitions that can be triggered by rules, events, or user responses. This allows the chatbot's conversation to adapt based on factors like the user, previous responses, or external events.
Practical Implementation of Large BGP communities with Geotags and Traffic En...Muhammad Moinur Rahman
The document discusses several problems faced by service provider customers regarding traffic engineering and proposes solutions using BGP communities with geotags. It summarizes 6 common problems such as inbound load balancing, outbound traffic preferring expensive links, return traffic not exiting efficiently, and proposes solutions using BGP communities to encode location information and control route preferences. The solutions allow customers to optimize traffic flows while giving providers control over outbound routing.
Practical Implementation of Large BGP Community with Geotags and Traffic Engi...APNIC
Large BGP communities allow routers to tag routes with additional routing information in order to influence traffic flow. The document discusses several problems customers face with traffic routing and proposes solutions using large BGP communities. Specifically, it addresses inbound load balancing, outbound traffic preferring expensive links, return traffic not taking the most efficient path, and enabling remote triggered blackhole routes. The solutions proposed include using communities to set local preference values to control inbound and outbound traffic routing behavior.
Email Validation empowers you and boosts your business!
Email is data, and in this modern consumer market, data is, no doubt, holds a position of power. The power behind the giant corporations and the conglomerate has shaped the world’s commerce. The power, however, is backed up by the data that customers submit willingly in the form of their email addresses. That information that the company gathers becomes the bedrock of success in its business endeavors in such a competitive market.
BGP communities allow networks to attach additional routing information and instructions to BGP routes. They are defined as 32-bit integers that can be used to tag routes with information like the source of the route or to trigger actions like changing route attributes. Common uses of BGP communities include controlling route exports, influencing attributes like local preference, and providing informational tags about factors like geography.
This document summarizes the Algorand blockchain protocol. Algorand uses Byzantine Agreement with cryptographic sortition to randomly select committee members to reach consensus in a decentralized way. It assumes an honest majority of money and uses weighted users to prevent Sybil attacks. Algorand achieves high throughput and low latency through its novel BA* consensus protocol which uses committees and achieves consensus in constant time regardless of network size.
Characterizing and Detecting Livestreaming Chatbots IIIT Hyderabad
Livestreaming platforms enable content producers or streamers to broadcast creative content to a potentially large viewer base. Chatrooms form an integral part of such platforms, enabling viewers to interact
both with streamer and amongst themselves. Streams with high engagement (many viewers and high
active chatters) are typically considered engaging and often promoted to end users by means of recommendation algorithms, and exposed to better monetization opportunities via revenue share from platform advertising, viewer donations and third-party sponsorships. Given such incentives, some streamers
make use of fraudulent means to increase perceived engagement by simulating chatter via fake “chatbots” which can be purchased from online marketplaces. This inorganic engagement can negatively
influence recommendations, hurt streamer and viewer trust in the platform, and harm monetization for
honest streamers. In this study, we tackle the novel problem of automating detection of chatbots on
livestreaming platforms. To this end, we first formalize the livestreaming chatbot detection problem
and characterize differences between botted and genuine chatter behaviour observed from a real-world
livestreaming chatter dataset collected from Twitch.tv. We then propose SHERLOCK and BOTHUNT
methods, which posits a two-stage approach of detecting chatbotted streams, and subsequently detecting
constituent chatbots. Finally, we demonstrate effectiveness on both real and synthetic data: to this end,
we propose a novel strategy for collecting labeled, synthetic chatter dataset (typically unavailable) from
such platforms, enabling evaluation of proposed detection approaches against chatbot bahaviors with
varying signatures. The SHERLOCK approach achieves 97% precision/recall on the real world dataset
and +80% F1 score across most simulated attack settings and BOTHUNT achieves 86% accuracy for
real world dataset and 93% accuracy across all attack settings. This thesis is a timely contribution to the
area of computer science specially combating astroturfing, needed to mitigate the spread of fraudulent
bot users on Live streaming Platforms. The results from this thesis can be used to build real world
solutions to mitigate the spread of untrustworthy or botted streams, fake users, etc. on live streaming
platforms in the future.
Having a great email marketing program is one thing, getting your emails into your subscribers' Inboxes is completely different. There are several technologies at play when it comes to delivering your email. You need to make sure your emails are technically correct so that they will deliver consistently. Through this presentation marketers will understand
- How to identify a problem in email delivery
- Why their emails may not deliver
- How to rectify the problem
- What to do when changing service providers
1. The document discusses various methods for gaining domain administrator privileges on a Windows domain, including exploiting the domain's architecture, abusing Active Directory services like Kerberos, and cracking Kerberos tickets.
2. It provides three attack scenarios: leveraging internal access and the BloodHound tool, performing an NTLM relay attack against WebDAV to setup delegation, and directly cracking Kerberos tickets by requesting tickets for service principal names.
3. The document recommends demonstrating these attacks against a test environment to gain hands-on experience compromising a Windows domain from different starting points.
One of the most popular Internet services is electronic mail (e-mail).
At the beginning of the Internet era, the messages sent by electronic mail were short and consisted of text only.
Today, electronic mail is much more complex. It allows a message to include text, audio, and video.
It also allows one message to be sent to one or more recipients.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
This document discusses using two classifiers, JRip and J48, on a zoo dataset containing animal attributes. It explores various preprocessing and evaluation techniques in Weka, including removing duplicates and useless attributes, cross validation, percentage splits, and comparing the classifiers using Experimenter. J48 slightly outperforms JRip on this dataset when run with default options and 10-fold cross validation. The document concludes that while J48 may generate more complex trees, it beats JRip for this small dataset without preprocessing. Experimenter and Knowledge Flow are useful Weka tools for comparing classifiers and understanding intermediate steps.
Real time classification of malicious urls.pptx 2Daniyar Mukhanov
This document discusses developing a machine learning system to classify URLs as malicious or benign in real-time. The system was trained on data collected from tweets during two large events - the Super Bowl and Cricket World Cup. A multi-layer perceptron (MLP) model achieved the best performance, correctly classifying 72% of URLs from the unseen Cricket World Cup data within 30 seconds. The Bayesian model performed best in early stages, achieving 66% accuracy within the first 60 seconds. Analysis of the MLP model revealed that bytes received and remote IP address were important indicators of malicious URLs.
This document provides an overview of using the WEKA data mining tool to perform two common techniques: clustering and linear regression. It first introduces WEKA and its interfaces. It then provides details on k-means clustering, including how to implement it in WEKA on a sample BMW customer dataset. This identifies five distinct customer clusters. The document also explains linear regression and uses a house pricing dataset in WEKA to build a regression model to predict house value based on features.
Weka is a machine learning software written in Java that can be used for data mining tasks. It contains tools for data pre-processing, classification, regression, clustering, association rules, and feature selection. The document discusses loading data formats into Weka, performing basic preprocessing and classification, attribute selection using filter and wrapper approaches, and filtering datasets using supervised and unsupervised filters. Examples of these techniques are demonstrated.
Social media can influence political behavior through social networks. Researchers sent social or informational messages to over 60 million Facebook users before the 2010 US elections. Those who received social messages were more likely to click "I Voted" or seek polling places. Examining voting records found those who received social messages were slightly more likely to vote. Effects increased with stronger social ties - close friends had a greater influence than distant acquaintances. The study provides evidence that online political mobilization through social networks can translate into real-world voting behavior changes.
Predictive Analytics: It's The Intervention That MattersHealth Catalyst
In this two-part webinar, get the detailed knowledge you need to make informed decisions about adopting predictive analytics in healthcare so you can separate today's hype from reality. In part 1, you'll learn key learnings from Dale Sanders including 1) our fixation on predictive analytics in readmissions, 2) the common trap of predictions without interventions, 3) the common misconceptions of correlations verses causation, 4) examples of predictions without algorithms, and 5) the importance of putting the basics first.
In part 2, you'll hear from industry expert David Crockett, PhD in a "graduate level" crash course cover key concepts such as machine learning, algorithms, feature selection, classification, tools and more.
Weka is a collection of machine learning algorithms and data pre-processing tools developed at the University of Waikato. It contains tools for data pre-processing, classification, regression, clustering, association rule mining, and visualization. Weka is open source, free to use, and popular for research and applications. It has a graphical user interface and supports common data formats like ARFF.
LENS is a spam protection system that leverages social networks and trust to prevent spam transmission. It selects legitimate users called Gatekeepers from a recipient's social network to vouch for potential senders outside the recipient's circle. Unless a Gatekeeper vouches for an email, it will not be transmitted. Evaluations found LENS to be scalable and effective at accepting legitimate emails while being lightweight compared to traditional spam filters. However, future advanced techniques may be needed to address more sophisticated spam and privacy concerns remain regarding trust relationships.
Dash uses a two-tier network of masternodes to enable features like instant transactions, private transactions, and decentralized governance. Masternodes require a collateral of 1000 Dash to participate. They facilitate features like InstantSend for near-instant confirmations and PrivateSend for concealing transaction histories. The masternode network also funds projects and oversees governance through a decentralized budget and voting system. Dash aims to further develop these capabilities and improve scalability with upgrades like Evolution scheduled for 2018.
This document provides an outline for building a chatbot. It discusses key principles such as ensuring messages are processed and delivered in the proper order, minimizing dropped messages, and scaling the bot through techniques like using multiple message queues and consumer processes. It also emphasizes making the chatbot dynamic by defining states and transitions that can be triggered by rules, events, or user responses. This allows the chatbot's conversation to adapt based on factors like the user, previous responses, or external events.
Practical Implementation of Large BGP communities with Geotags and Traffic En...Muhammad Moinur Rahman
The document discusses several problems faced by service provider customers regarding traffic engineering and proposes solutions using BGP communities with geotags. It summarizes 6 common problems such as inbound load balancing, outbound traffic preferring expensive links, return traffic not exiting efficiently, and proposes solutions using BGP communities to encode location information and control route preferences. The solutions allow customers to optimize traffic flows while giving providers control over outbound routing.
Practical Implementation of Large BGP Community with Geotags and Traffic Engi...APNIC
Large BGP communities allow routers to tag routes with additional routing information in order to influence traffic flow. The document discusses several problems customers face with traffic routing and proposes solutions using large BGP communities. Specifically, it addresses inbound load balancing, outbound traffic preferring expensive links, return traffic not taking the most efficient path, and enabling remote triggered blackhole routes. The solutions proposed include using communities to set local preference values to control inbound and outbound traffic routing behavior.
Email Validation empowers you and boosts your business!
Email is data, and in this modern consumer market, data is, no doubt, holds a position of power. The power behind the giant corporations and the conglomerate has shaped the world’s commerce. The power, however, is backed up by the data that customers submit willingly in the form of their email addresses. That information that the company gathers becomes the bedrock of success in its business endeavors in such a competitive market.
BGP communities allow networks to attach additional routing information and instructions to BGP routes. They are defined as 32-bit integers that can be used to tag routes with information like the source of the route or to trigger actions like changing route attributes. Common uses of BGP communities include controlling route exports, influencing attributes like local preference, and providing informational tags about factors like geography.
This document summarizes the Algorand blockchain protocol. Algorand uses Byzantine Agreement with cryptographic sortition to randomly select committee members to reach consensus in a decentralized way. It assumes an honest majority of money and uses weighted users to prevent Sybil attacks. Algorand achieves high throughput and low latency through its novel BA* consensus protocol which uses committees and achieves consensus in constant time regardless of network size.
Characterizing and Detecting Livestreaming Chatbots IIIT Hyderabad
Livestreaming platforms enable content producers or streamers to broadcast creative content to a potentially large viewer base. Chatrooms form an integral part of such platforms, enabling viewers to interact
both with streamer and amongst themselves. Streams with high engagement (many viewers and high
active chatters) are typically considered engaging and often promoted to end users by means of recommendation algorithms, and exposed to better monetization opportunities via revenue share from platform advertising, viewer donations and third-party sponsorships. Given such incentives, some streamers
make use of fraudulent means to increase perceived engagement by simulating chatter via fake “chatbots” which can be purchased from online marketplaces. This inorganic engagement can negatively
influence recommendations, hurt streamer and viewer trust in the platform, and harm monetization for
honest streamers. In this study, we tackle the novel problem of automating detection of chatbots on
livestreaming platforms. To this end, we first formalize the livestreaming chatbot detection problem
and characterize differences between botted and genuine chatter behaviour observed from a real-world
livestreaming chatter dataset collected from Twitch.tv. We then propose SHERLOCK and BOTHUNT
methods, which posits a two-stage approach of detecting chatbotted streams, and subsequently detecting
constituent chatbots. Finally, we demonstrate effectiveness on both real and synthetic data: to this end,
we propose a novel strategy for collecting labeled, synthetic chatter dataset (typically unavailable) from
such platforms, enabling evaluation of proposed detection approaches against chatbot bahaviors with
varying signatures. The SHERLOCK approach achieves 97% precision/recall on the real world dataset
and +80% F1 score across most simulated attack settings and BOTHUNT achieves 86% accuracy for
real world dataset and 93% accuracy across all attack settings. This thesis is a timely contribution to the
area of computer science specially combating astroturfing, needed to mitigate the spread of fraudulent
bot users on Live streaming Platforms. The results from this thesis can be used to build real world
solutions to mitigate the spread of untrustworthy or botted streams, fake users, etc. on live streaming
platforms in the future.
Having a great email marketing program is one thing, getting your emails into your subscribers' Inboxes is completely different. There are several technologies at play when it comes to delivering your email. You need to make sure your emails are technically correct so that they will deliver consistently. Through this presentation marketers will understand
- How to identify a problem in email delivery
- Why their emails may not deliver
- How to rectify the problem
- What to do when changing service providers
1. The document discusses various methods for gaining domain administrator privileges on a Windows domain, including exploiting the domain's architecture, abusing Active Directory services like Kerberos, and cracking Kerberos tickets.
2. It provides three attack scenarios: leveraging internal access and the BloodHound tool, performing an NTLM relay attack against WebDAV to setup delegation, and directly cracking Kerberos tickets by requesting tickets for service principal names.
3. The document recommends demonstrating these attacks against a test environment to gain hands-on experience compromising a Windows domain from different starting points.
One of the most popular Internet services is electronic mail (e-mail).
At the beginning of the Internet era, the messages sent by electronic mail were short and consisted of text only.
Today, electronic mail is much more complex. It allows a message to include text, audio, and video.
It also allows one message to be sent to one or more recipients.
Similar to Fighting spam using social gate keepers (13)
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
Italy Agriculture Equipment Market Outlook to 2027harveenkaur52
Agriculture and Animal Care
Ken Research has an expertise in Agriculture and Animal Care sector and offer vast collection of information related to all major aspects such as Agriculture equipment, Crop Protection, Seed, Agriculture Chemical, Fertilizers, Protected Cultivators, Palm Oil, Hybrid Seed, Animal Feed additives and many more.
Our continuous study and findings in agriculture sector provide better insights to companies dealing with related product and services, government and agriculture associations, researchers and students to well understand the present and expected scenario.
Our Animal care category provides solutions on Animal Healthcare and related products and services, including, animal feed additives, vaccination
Understanding User Behavior with Google Analytics.pdfSEO Article Boost
Unlocking the full potential of Google Analytics is crucial for understanding and optimizing your website’s performance. This guide dives deep into the essential aspects of Google Analytics, from analyzing traffic sources to understanding user demographics and tracking user engagement.
Traffic Sources Analysis:
Discover where your website traffic originates. By examining the Acquisition section, you can identify whether visitors come from organic search, paid campaigns, direct visits, social media, or referral links. This knowledge helps in refining marketing strategies and optimizing resource allocation.
User Demographics Insights:
Gain a comprehensive view of your audience by exploring demographic data in the Audience section. Understand age, gender, and interests to tailor your marketing strategies effectively. Leverage this information to create personalized content and improve user engagement and conversion rates.
Tracking User Engagement:
Learn how to measure user interaction with your site through key metrics like bounce rate, average session duration, and pages per session. Enhance user experience by analyzing engagement metrics and implementing strategies to keep visitors engaged.
Conversion Rate Optimization:
Understand the importance of conversion rates and how to track them using Google Analytics. Set up Goals, analyze conversion funnels, segment your audience, and employ A/B testing to optimize your website for higher conversions. Utilize ecommerce tracking and multi-channel funnels for a detailed view of your sales performance and marketing channel contributions.
Custom Reports and Dashboards:
Create custom reports and dashboards to visualize and interpret data relevant to your business goals. Use advanced filters, segments, and visualization options to gain deeper insights. Incorporate custom dimensions and metrics for tailored data analysis. Integrate external data sources to enrich your analytics and make well-informed decisions.
This guide is designed to help you harness the power of Google Analytics for making data-driven decisions that enhance website performance and achieve your digital marketing objectives. Whether you are looking to improve SEO, refine your social media strategy, or boost conversion rates, understanding and utilizing Google Analytics is essential for your success.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfFlorence Consulting
Quattordicesimo Meetup di Milano, tenutosi a Milano il 23 Maggio 2024 dalle ore 17:00 alle ore 18:30 in presenza e da remoto.
Abbiamo parlato di come Axpo Italia S.p.A. ha ridotto il technical debt migrando le proprie APIs da Mule 3.9 a Mule 4.4 passando anche da on-premises a CloudHub 1.0.
Instagram has become one of the most popular social media platforms, allowing people to share photos, videos, and stories with their followers. Sometimes, though, you might want to view someone's story without them knowing.
1. Fighting spam using Social GateKeepers
Clement Robert, Hein Min Htike & Sijo Emmanuel
2. INTRODUCTION
● Increase in Spam Emails
○ 65% in 2005 to 89.1% in 2010
○ 338 Billion USD in 2013 of cost
● Common mitigation techniques
○ Spam filtering in user’s inbox
■ Has additional cost (bandwidth, infrastructure)
○ Content-Based Filtering
■ False Positive and False Negatives issues
● Solutions
○ Trust Based (eg:RE)*
■ People send/receive e mails from immediate neighbourhood
■ Issue: E-Mails coming from outside this circle still need to be verified by common filters
○ Credit Based
■ Introduced by Ostra*
● But, all the participants needed to adopt this system.
*RE: a whitelisting technique that is claimed to minimize the false positive rate
*Ostra: a technique Leveraging trust to thwart unwanted communication
3. LENS(LEveraging social Networking and trust to prevent Spam transmission)
● Like RE
○ Deployed by small group of users
○ Reaches outside of FoF
● FoF (Friends of Friends)
○ People in the same community. (Friends or Friends of Friends)
○ Possibility to send e mail from each other in the network
● Introduction to Gate Keepers (to be discussed)
○ Users outside the Network who’re legitimate and authentic
○ Those gate keepers help in connecting to users outside the network of F and FoF.
4. AGENDA
● Objectives
● Related Work
● LENS Architecture
● Prototyping and Security Measures
● Evaluation and conclusion
● Q & A
5. OBJECTIVES
● Understand Gatekeepers used in LENS
● Understand LENS architecture
● Evaluation of LENS using two larger social Networks
○ Facebook
○ Flickr
● Understand the results of the evaluation
6. RELATED WORK
“Unwanted and Unsolıcıted e maıls”
● SpamAssassin
○ Rely on content filtering
○ But spammers are clever to follow filtering rules!
● Blacklisting & whitelisting of senders
○ Blacklisting became ineffective because spammers can create new addresses
○ Whitelisting is effective but, does not allow unsolicited e mails
● Spammers want to pass the adverts
○ Block payment gateways!
● Social Filters (IP based filters)
○ Spammers can use Dynamic IPs
● Trust and Reputation Systems
○ MailRank, SNARE .. but all have more increased false positive rate.
7. LENS Architecture - I
● Focus on accepting emails from legitimate users.
○ Not reliant on detecting spams.
○ By selection of legitimate users
■ community members in close social circle of a user
■ Socially distant legitimate and authentic users (GKs) in Mail Servers (MS)
● Four main components:
○ Community Formation
○ Trust Management
○ GateKeeper Selection
○ Spam Report Handler
● Run on Mail Server.
8. LENS Architecture - II
● Ran on MS alongside MTA and
SMTP server
● All functionalities are transparent
○ Exceptions:
■ Users can control his community
■ Can report spams
● MSs running LENS assumed to
have extended verification
certificate from CA.
○ To prove server’s legitimacy
9. Community Formation - I
● Two levels
○ Friends of users and their friends-of-friends (FoF)
■ Adding friend means “User A trusts User B not to send spam email and vice versa”
■ Same as adding FoF into community
● Selective process
● Involves human involvement (preserve privacy and prevent unnecessary
addition).
● User can receive all the messages from his community directly into his mailbox.
10. Community Formation - II
● Forming Community - 2-step process
○ Adding friend
■ User can request anyone in the email network for friendship.
■ Once added, an entry is made in CommList (Community List) with userID and label “F”.
● CommList - maintained for every user, contains entries of community users,
accessible by MS or user only
○ Adding FoF
■ User can suggest two of his friends to add each other to their communities as FoF
■ Once added, an entry is made in CommList (Community List) with userID and label “FoF”
and userID of mutual friend.
12. Trust Management - I
● LENS maintain trust rating (TR) for each user on the MS.
○ Assign rating to each user
○ Use these ratings to decide legitimate user or not.
● Four types of users
○ Trusted user (TU) - TR >= L (legitimate rating threshold) + unique identites
○ Legitimate user (LU) - TR >= L
○ New user (NU) - 0 < TR < L
○ Illegitimate user (IU) - spammers with negative TR
● Two methods of TR assignment
○ Direct TR - manual assignment by admins
○ Automated TR
13. Trust Management - II
● Direct TR - manual assignment of TR by admins
○ Priority over other methods
○ Override existing TRs
● Automated TR - automatic assignment of TR by algorithm
○ Feature of spammers -> one way communication (always sending out)
■ Abuse this by spammers sending emails to themselves
○ Perform user voting
■ If legitimate user A sends B email, it means A trusts B, (vote for B once for the first email).
■ When the vote count reaches threshold, the voted user becomes legitimated
● Offline and online modes
○ Offline mode - mining existing server logs
○ Online mode - live email data stream
● After becoming Legitimate user, need to pass identity test to become trusted user
○ Bind unique identity to him (e.g. mobile number, challenge response)
14. GK Selection - I
● User transparent process (no awareness of being GK, no control)
○ Select legitimate users with good reputation as GK
■ Use them to vouch for senders outside the community of recipient
■ GKs Only vouch for senders in their community
○ Generate keys for recipient and GK respectively
■ GK’s key used by GK’s MS to issue vouchers for GK’s community members, to email to R
■ R’s key used to verify the vouchers
● 3 stages of GK selection
○ Stage 1 - GK selection in adjacent community
■ Request: R’s MS request FoFs of community (boundary users) for good GK suggestion.
■ Suggestion: FoF’s MS suggest user (with largest number of friends outside R’s Network)
from FoF’s friends. -> R chooses set of GKs with best coverage.
■ Verification of Legitimacy: very important step (more info later)
15. GK Selection - II
● 3 stages of GK selection
○ Stage 2 - GK selection beyond adjacent communities
■ R’s MS request selected GKs’ MSs to find GKs in their adjacent communities as in stage 1.
■ LENS stops at stage 2, but can expand the reachability beyond this.
○ Stage 3 - GK selection for new communication
■ Announcement: announce sender to R that wants to communicate.
■ Verification of Legitimacy: verify S is not spammer
● R adds S as GK. S’s MS issues vouchers to it’s community, they all can communicate
with R now.
16. Verification of Legitimacy
● Important part of GK selection process.
○ Enables R to verify that GK is legitimate and authentic
● Two steps of legitimacy verification
○ Server authentication - to verify GK’s MS’s legitimacy
○ TR of user - ensure that selected GK is not spammer
● Result of verification: RSA based public and secret keys
○ PK is shared with R, SK used to vouch for entire community member of GK
17. Spam Report Handler
● Handles spam reports
○ Only reports from TU are weighted.
■ To prevent spammers reporting non-spammers as spammers
● When user receives spam, reports the sender as spammer
● Report handler then register report against the TR of reporter
● Once handler receives enough reports from distinct trusted users, give - TR to
spammer.
● If spammer is not local user, add him to revocation list.
● Remove spammer’s associated entries in CommList,PKList and VoucherList
18. LENS Prototype
● Developed during SMTP transactions for email processing
○ Integrated with Mutt mail client, MailAvenger SMTP daemon (mailavenger.org) and Postfix
MTA
■ No modification to SMTP implementation
● LENS email filter uses Community list and vouchers issued by GKs (Gate
Keepers)
○ Runs as an independent daemon (i.e. spamd for SpamAssasin: spamassasin.apache.org)
● Monitors SMTP transactions and takes different actions based on the results
(more on next figure)
● Prototype uses SHA1 (secure hash algorithm 1) for hash and RSA based
signatures
19. LENS Email processing
Lens email processing will fall into three categories:
● Message send to Recipient (R) within the community
○ R’s MS (mail server) will verify the sender against the R’s common list
● Message send to a Recipient outside the Sender’s community
○ Senders MS will bind a voucher from GK with message
○ At reception, MS verifies the voucher using PK stored in PKList against GKID
● New message is intended for a recipient outside sender’s community with no
voucher issued by any GKs
○ Senders MS will hold the message and start a GK selection procedure (stage 3)
○ On success, Senders MS will bind a voucher from GK with message and send it out
○ At reception, MS verifies the voucher using PK stored in PKList against GKID
20. Prevention of spam transmission using LENS
● If recipient is not in sender (S) community, the sender’
s MS send the RCPT TO: command by appending the
voucher and issuing GK’s ID as additional RCPT
parameters after establishing TCP connection.
○ e.g . RCPT TO: <example@abc.com>
Voucher=1f2a91od85gdd76 GK =gk@example.com
● Recipient's MS verifies if sender is a community
member or has a valid voucher from an authorised GK
(GateKeeper)
○ Failure of verification will result in the termination of TCP
connection by Recipients MS
■ Transmission of email will not take place
● Thereby preventing spam message being transmitted
21. LENS backward compatibility
● Easy to integrate LENS into current SMTP servers
● LENS will run complimentary with with existing spam filters until every user is
familiar with it
● LENS first examines inbound email after sender authentication (figure)
● LENS have 4 different communication scenarios
○ Sender and Receiver both have LENS
○ Only Sender has LENS
■ Receivers MS will process email with existing spam filters
○ Only Receiver has LENS
■ LENS will pass the email to existing spam filters after checking for existence of
community and voucher
○ Both Sender and Receiver do not have LENS
■ Existing mechanisms deployed for email processing at both ends
22. Security Concerns - I
● False positives and negatives
○ LENS do not encounter any false positives or negatives generated by imprecise content
signatures
■ As LENS spam prevention is not based on content filtering
○ Based on false deduction of social context
■ Malicious users could become part of the community and let spam pass through
● Forgery of from: addresses
○ Spammers can easily launch a spam attack with forged from: addresses as if they are from
Recipients community
■ Senders address is not authenticated by default in SMTP (Simple Mail Transfer Protocol)
○ LENS utilises iSATS or SPF (Sender Policy Framework) for sender authentication
■ Filters the inbound email at MAIL FROM: command
■ SPF already effective and used in many existing email systems
23. Security Concerns - II
● Compromised user
○ If a user (GK) is compromised (identity theft), it will only have a local effect within the
community
■ Temporary effect as user broadcasts the incident and claims back ownership
○ If victimised user unable to reclaim the ownership,
■ They can request its community to abandon their compromised Id
■ MS will remove all the data associated with it from PKList and VoucherList
● Attacker would not be able to harm the system on a large scale
● Trust farming
○ Spammer could launch a trust farming attack on LENS
■ A spammer can vote for other spammers to increase their rank
○ This attack is comparable to link farming on the internet to attack the PageRank.
○ Solutions like ‘identifying link farm spam pages’ can be used orthogonally in LENS
■ To identify and protect against trust farming
24. Security Concerns - III
● Human spamming using GK selection (Stage 3)
○ Stage 3 of GK selection allows new users to send emails to complete strangers
○ New user (spammer) can exploit this to get in as a new GK and spam the Recipient
■ More expensive than normal spamming model
● Repetition of stage 3 will require substantial human involvement
○ The scale of attack will remain low due to rate limit of the emails from new GK
● Voucher misuse and revocation
○ Current version of the LENS do not impose any expiration limit on the vouchers
○ Vouchers become invalid or get removed by MS based on four conditions
■ GK removes any user from their community, MS will also remove the associated voucher
■ The user itself gets out of the GK’s community
■ UT (UserType) of the users become negative
■ If Recipient revokes GK, all associated vouchers will become invalid
25. Security Concerns - IV
● Malicious GK faking UserType (UT)
○ GK has no control in manipulating the MS to send false UT
○ Two possibilities where an illegitimate GK can send false UT to recipient
■ Malicious GK hosts a private MS certified by CA and configures to send legitimate UT
● Never been an option for spammers as malicious GK becomes visible: legal actions
○ The MS is compromised by the malicious GK (GateKeeper)
● Key Theft
○ Protection of keys is the responsibility of the MSs
○ Attacks related to key thefts are synonymous to hacking the MS (Mail Server)
● Corresponding defense mechanisms for both are beyond scope of this paper
26. Evaluation of LENS
● KeyPoints
○ Scalability
○ Effectiveness in accepting all inbound emails
○ Performance of Gatekeepers Selection
○ E mail processing
● Case studies
○ ONS (Online Social Networks)
■ Facebook
■ Flickr
27. Evaluation of LENS(Cont’d)- Scalability
● Number of GK required
● The number of GK depends on numbers of
FoF , therefore depends on the community
size.
● Flickr requires <30% of community size
(20-400 GKs)
● Increased Reachability via GKs
● LENS is scalable
○ With 100s GK, a Recipient can be reached by
millions of users (>40 % of users in F and F)
○ but , in RE, we get 0.051% and 0.25%
respectively
28. Evaluation of LENS(Cont’d)- Effectiveness
● Data sets from Enron & Log files from Kiel
Un’ MS.
● Social Network Graph created
○ Edge: Between people who exchanged at least
3 emails
● Filters applied
○ With Friends only ( 20% of mail were
rejected)
○ Comm( <20% rejected)
○ LENS (0% rejected)
● But, the number of gatekeepers was
reasonable
29. Evaluation of LENS(Cont’d)- Performance of GK Sel. Prot.
● Latency of GK selection protocol when MS
are located in different countries
○ PlanetLab is used with 20 nodes
● Each node sends a random GK selection
request to the rest
● Average executıon tıme of stage 1 GK sel.Pr.
● An extra step sınce GK are suggested by FoF.
● At stage 3, there is no extra step involved
○ Therefore, the execution time reduces
● Success rate is at >94.6%
● Few nodes did not achieve 100% (nodes
overloading by too many connections)
30. Evaluation of LENS(Cont’d)- Performance of Email Proc.
● Objective
○ How the size of the message affects the
time required to process it
● How
○ 50k messages were sent every second
○ Size varying from 1 to 50 kb
● In 4 Scenarios;
○ S1: SMTP runs postfix only
○ S2: SpamAssassin is used as Content based
F.
○ S3: MailAvenger-Postfix-LENS
○ S4: similar to S3 with added functionality
of emails based on GKs of the recipient
● Message Size
● SpamAssassin processing delay
increases with the message size
31. Evaluation of LENS(Cont’d)- Performance of Email Proc.
● Objective
○ How the size of the message affects the
time required to process it
● How
○ 50k messages were sent every second
○ Size varying from 1 to 50 kb
● In 4 Scenarios;
○ S1: SMTP runs postfix only
○ S2: SpamAssassin is used as Content based
F.
○ S3: MailAvenger-Postfix-LENS
○ S4: similar to S3 with added functionality
of emails based on GKs of the recipient
● To measure throughput, the sender
bombards the MS with 1000 messages of
8kb each as rapid as possible.
● Throughput
● S1, with no filters makes it by accepting
11 messages per second.
32. Evaluation of LENS(Cont’d)- Performance of Email Proc.
● Objective
○ How the size of the message affects the
time required to process it
● How
○ 50k messages were sent every second
○ Size varying from 1 to 50 kb
● In 4 Scenarios;
○ S1: SMTP runs postfix only
○ S2: SpamAssassin is used as Content based
F.
○ S3: MailAvenger-Postfix-LENS
○ S4: similar to S3 with added functionality
of emails based on GKs of the recipient
● CPU & Memory
○ S2 consumes more CPU (many fılters)
○ S2 requıres also hıgh memory.
● CPU Usage
● MemoryUsage
33. CONCLUSION
● This paper was explaining the design, implementation of LENS
● Evaluation was made on Online Social Networks (OSN)
● The evaluation proved how LENS is scalable when compared to other methods
anti spams
● Its effectiveness was proved by accepting all incoming e mails
● LENS consumes up to 75% less CPU and 9 % less memory as traditional
solutions like SpamAssassin.