LENS is a technique that leverages social networks and trust to prevent spam transmission. It uses "Gatekeepers" who are legitimate users outside one's immediate social network that can vouch for other legitimate users. The key aspects of LENS are:
1. It forms communities of friends and friends-of-friends where users can directly send emails.
2. It selects Gatekeepers - trusted users outside one's network who can vouch for legitimate senders outside the network.
3. When a sender outside one's network sends an email, the sender's mail server will attach a voucher from a Gatekeeper. The recipient's server verifies the voucher to ensure the sender is legitimate.
4.
Email Validation empowers you and boosts your business!
Email is data, and in this modern consumer market, data is, no doubt, holds a position of power. The power behind the giant corporations and the conglomerate has shaped the world’s commerce. The power, however, is backed up by the data that customers submit willingly in the form of their email addresses. That information that the company gathers becomes the bedrock of success in its business endeavors in such a competitive market.
Characterizing and Detecting Livestreaming Chatbots IIIT Hyderabad
Livestreaming platforms enable content producers or streamers to broadcast creative content to a potentially large viewer base. Chatrooms form an integral part of such platforms, enabling viewers to interact
both with streamer and amongst themselves. Streams with high engagement (many viewers and high
active chatters) are typically considered engaging and often promoted to end users by means of recommendation algorithms, and exposed to better monetization opportunities via revenue share from platform advertising, viewer donations and third-party sponsorships. Given such incentives, some streamers
make use of fraudulent means to increase perceived engagement by simulating chatter via fake “chatbots” which can be purchased from online marketplaces. This inorganic engagement can negatively
influence recommendations, hurt streamer and viewer trust in the platform, and harm monetization for
honest streamers. In this study, we tackle the novel problem of automating detection of chatbots on
livestreaming platforms. To this end, we first formalize the livestreaming chatbot detection problem
and characterize differences between botted and genuine chatter behaviour observed from a real-world
livestreaming chatter dataset collected from Twitch.tv. We then propose SHERLOCK and BOTHUNT
methods, which posits a two-stage approach of detecting chatbotted streams, and subsequently detecting
constituent chatbots. Finally, we demonstrate effectiveness on both real and synthetic data: to this end,
we propose a novel strategy for collecting labeled, synthetic chatter dataset (typically unavailable) from
such platforms, enabling evaluation of proposed detection approaches against chatbot bahaviors with
varying signatures. The SHERLOCK approach achieves 97% precision/recall on the real world dataset
and +80% F1 score across most simulated attack settings and BOTHUNT achieves 86% accuracy for
real world dataset and 93% accuracy across all attack settings. This thesis is a timely contribution to the
area of computer science specially combating astroturfing, needed to mitigate the spread of fraudulent
bot users on Live streaming Platforms. The results from this thesis can be used to build real world
solutions to mitigate the spread of untrustworthy or botted streams, fake users, etc. on live streaming
platforms in the future.
Having a great email marketing program is one thing, getting your emails into your subscribers' Inboxes is completely different. There are several technologies at play when it comes to delivering your email. You need to make sure your emails are technically correct so that they will deliver consistently. Through this presentation marketers will understand
- How to identify a problem in email delivery
- Why their emails may not deliver
- How to rectify the problem
- What to do when changing service providers
One of the most popular Internet services is electronic mail (e-mail).
At the beginning of the Internet era, the messages sent by electronic mail were short and consisted of text only.
Today, electronic mail is much more complex. It allows a message to include text, audio, and video.
It also allows one message to be sent to one or more recipients.
Data Centers - Striving Within A Narrow Range - Research Report - MCG - May 2...pchutichetpong
M Capital Group (“MCG”) expects to see demand and the changing evolution of supply, facilitated through institutional investment rotation out of offices and into work from home (“WFH”), while the ever-expanding need for data storage as global internet usage expands, with experts predicting 5.3 billion users by 2023. These market factors will be underpinned by technological changes, such as progressing cloud services and edge sites, allowing the industry to see strong expected annual growth of 13% over the next 4 years.
Whilst competitive headwinds remain, represented through the recent second bankruptcy filing of Sungard, which blames “COVID-19 and other macroeconomic trends including delayed customer spending decisions, insourcing and reductions in IT spending, energy inflation and reduction in demand for certain services”, the industry has seen key adjustments, where MCG believes that engineering cost management and technological innovation will be paramount to success.
MCG reports that the more favorable market conditions expected over the next few years, helped by the winding down of pandemic restrictions and a hybrid working environment will be driving market momentum forward. The continuous injection of capital by alternative investment firms, as well as the growing infrastructural investment from cloud service providers and social media companies, whose revenues are expected to grow over 3.6x larger by value in 2026, will likely help propel center provision and innovation. These factors paint a promising picture for the industry players that offset rising input costs and adapt to new technologies.
According to M Capital Group: “Specifically, the long-term cost-saving opportunities available from the rise of remote managing will likely aid value growth for the industry. Through margin optimization and further availability of capital for reinvestment, strong players will maintain their competitive foothold, while weaker players exit the market to balance supply and demand.”
Show drafts
volume_up
Empowering the Data Analytics Ecosystem: A Laser Focus on Value
The data analytics ecosystem thrives when every component functions at its peak, unlocking the true potential of data. Here's a laser focus on key areas for an empowered ecosystem:
1. Democratize Access, Not Data:
Granular Access Controls: Provide users with self-service tools tailored to their specific needs, preventing data overload and misuse.
Data Catalogs: Implement robust data catalogs for easy discovery and understanding of available data sources.
2. Foster Collaboration with Clear Roles:
Data Mesh Architecture: Break down data silos by creating a distributed data ownership model with clear ownership and responsibilities.
Collaborative Workspaces: Utilize interactive platforms where data scientists, analysts, and domain experts can work seamlessly together.
3. Leverage Advanced Analytics Strategically:
AI-powered Automation: Automate repetitive tasks like data cleaning and feature engineering, freeing up data talent for higher-level analysis.
Right-Tool Selection: Strategically choose the most effective advanced analytics techniques (e.g., AI, ML) based on specific business problems.
4. Prioritize Data Quality with Automation:
Automated Data Validation: Implement automated data quality checks to identify and rectify errors at the source, minimizing downstream issues.
Data Lineage Tracking: Track the flow of data throughout the ecosystem, ensuring transparency and facilitating root cause analysis for errors.
5. Cultivate a Data-Driven Mindset:
Metrics-Driven Performance Management: Align KPIs and performance metrics with data-driven insights to ensure actionable decision making.
Data Storytelling Workshops: Equip stakeholders with the skills to translate complex data findings into compelling narratives that drive action.
Benefits of a Precise Ecosystem:
Sharpened Focus: Precise access and clear roles ensure everyone works with the most relevant data, maximizing efficiency.
Actionable Insights: Strategic analytics and automated quality checks lead to more reliable and actionable data insights.
Continuous Improvement: Data-driven performance management fosters a culture of learning and continuous improvement.
Sustainable Growth: Empowered by data, organizations can make informed decisions to drive sustainable growth and innovation.
By focusing on these precise actions, organizations can create an empowered data analytics ecosystem that delivers real value by driving data-driven decisions and maximizing the return on their data investment.
More Related Content
Similar to Fighting spam using social gate keepers
Email Validation empowers you and boosts your business!
Email is data, and in this modern consumer market, data is, no doubt, holds a position of power. The power behind the giant corporations and the conglomerate has shaped the world’s commerce. The power, however, is backed up by the data that customers submit willingly in the form of their email addresses. That information that the company gathers becomes the bedrock of success in its business endeavors in such a competitive market.
Characterizing and Detecting Livestreaming Chatbots IIIT Hyderabad
Livestreaming platforms enable content producers or streamers to broadcast creative content to a potentially large viewer base. Chatrooms form an integral part of such platforms, enabling viewers to interact
both with streamer and amongst themselves. Streams with high engagement (many viewers and high
active chatters) are typically considered engaging and often promoted to end users by means of recommendation algorithms, and exposed to better monetization opportunities via revenue share from platform advertising, viewer donations and third-party sponsorships. Given such incentives, some streamers
make use of fraudulent means to increase perceived engagement by simulating chatter via fake “chatbots” which can be purchased from online marketplaces. This inorganic engagement can negatively
influence recommendations, hurt streamer and viewer trust in the platform, and harm monetization for
honest streamers. In this study, we tackle the novel problem of automating detection of chatbots on
livestreaming platforms. To this end, we first formalize the livestreaming chatbot detection problem
and characterize differences between botted and genuine chatter behaviour observed from a real-world
livestreaming chatter dataset collected from Twitch.tv. We then propose SHERLOCK and BOTHUNT
methods, which posits a two-stage approach of detecting chatbotted streams, and subsequently detecting
constituent chatbots. Finally, we demonstrate effectiveness on both real and synthetic data: to this end,
we propose a novel strategy for collecting labeled, synthetic chatter dataset (typically unavailable) from
such platforms, enabling evaluation of proposed detection approaches against chatbot bahaviors with
varying signatures. The SHERLOCK approach achieves 97% precision/recall on the real world dataset
and +80% F1 score across most simulated attack settings and BOTHUNT achieves 86% accuracy for
real world dataset and 93% accuracy across all attack settings. This thesis is a timely contribution to the
area of computer science specially combating astroturfing, needed to mitigate the spread of fraudulent
bot users on Live streaming Platforms. The results from this thesis can be used to build real world
solutions to mitigate the spread of untrustworthy or botted streams, fake users, etc. on live streaming
platforms in the future.
Having a great email marketing program is one thing, getting your emails into your subscribers' Inboxes is completely different. There are several technologies at play when it comes to delivering your email. You need to make sure your emails are technically correct so that they will deliver consistently. Through this presentation marketers will understand
- How to identify a problem in email delivery
- Why their emails may not deliver
- How to rectify the problem
- What to do when changing service providers
One of the most popular Internet services is electronic mail (e-mail).
At the beginning of the Internet era, the messages sent by electronic mail were short and consisted of text only.
Today, electronic mail is much more complex. It allows a message to include text, audio, and video.
It also allows one message to be sent to one or more recipients.
Similar to Fighting spam using social gate keepers (9)
Data Centers - Striving Within A Narrow Range - Research Report - MCG - May 2...pchutichetpong
M Capital Group (“MCG”) expects to see demand and the changing evolution of supply, facilitated through institutional investment rotation out of offices and into work from home (“WFH”), while the ever-expanding need for data storage as global internet usage expands, with experts predicting 5.3 billion users by 2023. These market factors will be underpinned by technological changes, such as progressing cloud services and edge sites, allowing the industry to see strong expected annual growth of 13% over the next 4 years.
Whilst competitive headwinds remain, represented through the recent second bankruptcy filing of Sungard, which blames “COVID-19 and other macroeconomic trends including delayed customer spending decisions, insourcing and reductions in IT spending, energy inflation and reduction in demand for certain services”, the industry has seen key adjustments, where MCG believes that engineering cost management and technological innovation will be paramount to success.
MCG reports that the more favorable market conditions expected over the next few years, helped by the winding down of pandemic restrictions and a hybrid working environment will be driving market momentum forward. The continuous injection of capital by alternative investment firms, as well as the growing infrastructural investment from cloud service providers and social media companies, whose revenues are expected to grow over 3.6x larger by value in 2026, will likely help propel center provision and innovation. These factors paint a promising picture for the industry players that offset rising input costs and adapt to new technologies.
According to M Capital Group: “Specifically, the long-term cost-saving opportunities available from the rise of remote managing will likely aid value growth for the industry. Through margin optimization and further availability of capital for reinvestment, strong players will maintain their competitive foothold, while weaker players exit the market to balance supply and demand.”
Show drafts
volume_up
Empowering the Data Analytics Ecosystem: A Laser Focus on Value
The data analytics ecosystem thrives when every component functions at its peak, unlocking the true potential of data. Here's a laser focus on key areas for an empowered ecosystem:
1. Democratize Access, Not Data:
Granular Access Controls: Provide users with self-service tools tailored to their specific needs, preventing data overload and misuse.
Data Catalogs: Implement robust data catalogs for easy discovery and understanding of available data sources.
2. Foster Collaboration with Clear Roles:
Data Mesh Architecture: Break down data silos by creating a distributed data ownership model with clear ownership and responsibilities.
Collaborative Workspaces: Utilize interactive platforms where data scientists, analysts, and domain experts can work seamlessly together.
3. Leverage Advanced Analytics Strategically:
AI-powered Automation: Automate repetitive tasks like data cleaning and feature engineering, freeing up data talent for higher-level analysis.
Right-Tool Selection: Strategically choose the most effective advanced analytics techniques (e.g., AI, ML) based on specific business problems.
4. Prioritize Data Quality with Automation:
Automated Data Validation: Implement automated data quality checks to identify and rectify errors at the source, minimizing downstream issues.
Data Lineage Tracking: Track the flow of data throughout the ecosystem, ensuring transparency and facilitating root cause analysis for errors.
5. Cultivate a Data-Driven Mindset:
Metrics-Driven Performance Management: Align KPIs and performance metrics with data-driven insights to ensure actionable decision making.
Data Storytelling Workshops: Equip stakeholders with the skills to translate complex data findings into compelling narratives that drive action.
Benefits of a Precise Ecosystem:
Sharpened Focus: Precise access and clear roles ensure everyone works with the most relevant data, maximizing efficiency.
Actionable Insights: Strategic analytics and automated quality checks lead to more reliable and actionable data insights.
Continuous Improvement: Data-driven performance management fosters a culture of learning and continuous improvement.
Sustainable Growth: Empowered by data, organizations can make informed decisions to drive sustainable growth and innovation.
By focusing on these precise actions, organizations can create an empowered data analytics ecosystem that delivers real value by driving data-driven decisions and maximizing the return on their data investment.
Levelwise PageRank with Loop-Based Dead End Handling Strategy : SHORT REPORT ...Subhajit Sahu
Abstract — Levelwise PageRank is an alternative method of PageRank computation which decomposes the input graph into a directed acyclic block-graph of strongly connected components, and processes them in topological order, one level at a time. This enables calculation for ranks in a distributed fashion without per-iteration communication, unlike the standard method where all vertices are processed in each iteration. It however comes with a precondition of the absence of dead ends in the input graph. Here, the native non-distributed performance of Levelwise PageRank was compared against Monolithic PageRank on a CPU as well as a GPU. To ensure a fair comparison, Monolithic PageRank was also performed on a graph where vertices were split by components. Results indicate that Levelwise PageRank is about as fast as Monolithic PageRank on the CPU, but quite a bit slower on the GPU. Slowdown on the GPU is likely caused by a large submission of small workloads, and expected to be non-issue when the computation is performed on massive graphs.
1. Fighting spam using Social GateKeepers
Clement Robert, Hein Min Htike & Sijo Emmanuel
2. INTRODUCTION
● Increase in Spam Emails
○ 65% in 2005 to 89.1% in 2010
○ 338 Billion USD in 2013 of cost
● Common mitigation techniques
○ Spam filtering in user’s inbox
■ Has additional cost (bandwidth, infrastructure)
○ Content-Based Filtering
■ False Positive and False Negatives issues
● Solutions
○ Trust Based (eg:RE)*
■ People send/receive e mails from immediate neighbourhood
■ Issue: E-Mails coming from outside this circle still need to be verified by common filters
○ Credit Based
■ Introduced by Ostra*
● But, all the participants needed to adopt this system.
*RE: a whitelisting technique that is claimed to minimize the false positive rate
*Ostra: a technique Leveraging trust to thwart unwanted communication
3. LENS(LEveraging social Networking and trust to prevent Spam transmission)
● Like RE
○ Deployed by small group of users
○ Reaches outside of FoF
● FoF (Friends of Friends)
○ People in the same community. (Friends or Friends of Friends)
○ Possibility to send e mail from each other in the network
● Introduction to Gate Keepers (to be discussed)
○ Users outside the Network who’re legitimate and authentic
○ Those gate keepers help in connecting to users outside the network of F and FoF.
4. AGENDA
● Objectives
● Related Work
● LENS Architecture
● Prototyping and Security Measures
● Evaluation and conclusion
● Q & A
5. OBJECTIVES
● Understand Gatekeepers used in LENS
● Understand LENS architecture
● Evaluation of LENS using two larger social Networks
○ Facebook
○ Flickr
● Understand the results of the evaluation
6. RELATED WORK
“Unwanted and Unsolıcıted e maıls”
● SpamAssassin
○ Rely on content filtering
○ But spammers are clever to follow filtering rules!
● Blacklisting & whitelisting of senders
○ Blacklisting became ineffective because spammers can create new addresses
○ Whitelisting is effective but, does not allow unsolicited e mails
● Spammers want to pass the adverts
○ Block payment gateways!
● Social Filters (IP based filters)
○ Spammers can use Dynamic IPs
● Trust and Reputation Systems
○ MailRank, SNARE .. but all have more increased false positive rate.
7. LENS Architecture - I
● Focus on accepting emails from legitimate users.
○ Not reliant on detecting spams.
○ By selection of legitimate users
■ community members in close social circle of a user
■ Socially distant legitimate and authentic users (GKs) in Mail Servers (MS)
● Four main components:
○ Community Formation
○ Trust Management
○ GateKeeper Selection
○ Spam Report Handler
● Run on Mail Server.
8. LENS Architecture - II
● Ran on MS alongside MTA and
SMTP server
● All functionalities are transparent
○ Exceptions:
■ Users can control his community
■ Can report spams
● MSs running LENS assumed to
have extended verification
certificate from CA.
○ To prove server’s legitimacy
9. Community Formation - I
● Two levels
○ Friends of users and their friends-of-friends (FoF)
■ Adding friend means “User A trusts User B not to send spam email and vice versa”
■ Same as adding FoF into community
● Selective process
● Involves human involvement (preserve privacy and prevent unnecessary
addition).
● User can receive all the messages from his community directly into his mailbox.
10. Community Formation - II
● Forming Community - 2-step process
○ Adding friend
■ User can request anyone in the email network for friendship.
■ Once added, an entry is made in CommList (Community List) with userID and label “F”.
● CommList - maintained for every user, contains entries of community users,
accessible by MS or user only
○ Adding FoF
■ User can suggest two of his friends to add each other to their communities as FoF
■ Once added, an entry is made in CommList (Community List) with userID and label “FoF”
and userID of mutual friend.
12. Trust Management - I
● LENS maintain trust rating (TR) for each user on the MS.
○ Assign rating to each user
○ Use these ratings to decide legitimate user or not.
● Four types of users
○ Trusted user (TU) - TR >= L (legitimate rating threshold) + unique identites
○ Legitimate user (LU) - TR >= L
○ New user (NU) - 0 < TR < L
○ Illegitimate user (IU) - spammers with negative TR
● Two methods of TR assignment
○ Direct TR - manual assignment by admins
○ Automated TR
13. Trust Management - II
● Direct TR - manual assignment of TR by admins
○ Priority over other methods
○ Override existing TRs
● Automated TR - automatic assignment of TR by algorithm
○ Feature of spammers -> one way communication (always sending out)
■ Abuse this by spammers sending emails to themselves
○ Perform user voting
■ If legitimate user A sends B email, it means A trusts B, (vote for B once for the first email).
■ When the vote count reaches threshold, the voted user becomes legitimated
● Offline and online modes
○ Offline mode - mining existing server logs
○ Online mode - live email data stream
● After becoming Legitimate user, need to pass identity test to become trusted user
○ Bind unique identity to him (e.g. mobile number, challenge response)
14. GK Selection - I
● User transparent process (no awareness of being GK, no control)
○ Select legitimate users with good reputation as GK
■ Use them to vouch for senders outside the community of recipient
■ GKs Only vouch for senders in their community
○ Generate keys for recipient and GK respectively
■ GK’s key used by GK’s MS to issue vouchers for GK’s community members, to email to R
■ R’s key used to verify the vouchers
● 3 stages of GK selection
○ Stage 1 - GK selection in adjacent community
■ Request: R’s MS request FoFs of community (boundary users) for good GK suggestion.
■ Suggestion: FoF’s MS suggest user (with largest number of friends outside R’s Network)
from FoF’s friends. -> R chooses set of GKs with best coverage.
■ Verification of Legitimacy: very important step (more info later)
15. GK Selection - II
● 3 stages of GK selection
○ Stage 2 - GK selection beyond adjacent communities
■ R’s MS request selected GKs’ MSs to find GKs in their adjacent communities as in stage 1.
■ LENS stops at stage 2, but can expand the reachability beyond this.
○ Stage 3 - GK selection for new communication
■ Announcement: announce sender to R that wants to communicate.
■ Verification of Legitimacy: verify S is not spammer
● R adds S as GK. S’s MS issues vouchers to it’s community, they all can communicate
with R now.
16. Verification of Legitimacy
● Important part of GK selection process.
○ Enables R to verify that GK is legitimate and authentic
● Two steps of legitimacy verification
○ Server authentication - to verify GK’s MS’s legitimacy
○ TR of user - ensure that selected GK is not spammer
● Result of verification: RSA based public and secret keys
○ PK is shared with R, SK used to vouch for entire community member of GK
17. Spam Report Handler
● Handles spam reports
○ Only reports from TU are weighted.
■ To prevent spammers reporting non-spammers as spammers
● When user receives spam, reports the sender as spammer
● Report handler then register report against the TR of reporter
● Once handler receives enough reports from distinct trusted users, give - TR to
spammer.
● If spammer is not local user, add him to revocation list.
● Remove spammer’s associated entries in CommList,PKList and VoucherList
18. LENS Prototype
● Developed during SMTP transactions for email processing
○ Integrated with Mutt mail client, MailAvenger SMTP daemon (mailavenger.org) and Postfix
MTA
■ No modification to SMTP implementation
● LENS email filter uses Community list and vouchers issued by GKs (Gate
Keepers)
○ Runs as an independent daemon (i.e. spamd for SpamAssasin: spamassasin.apache.org)
● Monitors SMTP transactions and takes different actions based on the results
(more on next figure)
● Prototype uses SHA1 (secure hash algorithm 1) for hash and RSA based
signatures
19. LENS Email processing
Lens email processing will fall into three categories:
● Message send to Recipient (R) within the community
○ R’s MS (mail server) will verify the sender against the R’s common list
● Message send to a Recipient outside the Sender’s community
○ Senders MS will bind a voucher from GK with message
○ At reception, MS verifies the voucher using PK stored in PKList against GKID
● New message is intended for a recipient outside sender’s community with no
voucher issued by any GKs
○ Senders MS will hold the message and start a GK selection procedure (stage 3)
○ On success, Senders MS will bind a voucher from GK with message and send it out
○ At reception, MS verifies the voucher using PK stored in PKList against GKID
20. Prevention of spam transmission using LENS
● If recipient is not in sender (S) community, the sender’
s MS send the RCPT TO: command by appending the
voucher and issuing GK’s ID as additional RCPT
parameters after establishing TCP connection.
○ e.g . RCPT TO: <example@abc.com>
Voucher=1f2a91od85gdd76 GK =gk@example.com
● Recipient's MS verifies if sender is a community
member or has a valid voucher from an authorised GK
(GateKeeper)
○ Failure of verification will result in the termination of TCP
connection by Recipients MS
■ Transmission of email will not take place
● Thereby preventing spam message being transmitted
21. LENS backward compatibility
● Easy to integrate LENS into current SMTP servers
● LENS will run complimentary with with existing spam filters until every user is
familiar with it
● LENS first examines inbound email after sender authentication (figure)
● LENS have 4 different communication scenarios
○ Sender and Receiver both have LENS
○ Only Sender has LENS
■ Receivers MS will process email with existing spam filters
○ Only Receiver has LENS
■ LENS will pass the email to existing spam filters after checking for existence of
community and voucher
○ Both Sender and Receiver do not have LENS
■ Existing mechanisms deployed for email processing at both ends
22. Security Concerns - I
● False positives and negatives
○ LENS do not encounter any false positives or negatives generated by imprecise content
signatures
■ As LENS spam prevention is not based on content filtering
○ Based on false deduction of social context
■ Malicious users could become part of the community and let spam pass through
● Forgery of from: addresses
○ Spammers can easily launch a spam attack with forged from: addresses as if they are from
Recipients community
■ Senders address is not authenticated by default in SMTP (Simple Mail Transfer Protocol)
○ LENS utilises iSATS or SPF (Sender Policy Framework) for sender authentication
■ Filters the inbound email at MAIL FROM: command
■ SPF already effective and used in many existing email systems
23. Security Concerns - II
● Compromised user
○ If a user (GK) is compromised (identity theft), it will only have a local effect within the
community
■ Temporary effect as user broadcasts the incident and claims back ownership
○ If victimised user unable to reclaim the ownership,
■ They can request its community to abandon their compromised Id
■ MS will remove all the data associated with it from PKList and VoucherList
● Attacker would not be able to harm the system on a large scale
● Trust farming
○ Spammer could launch a trust farming attack on LENS
■ A spammer can vote for other spammers to increase their rank
○ This attack is comparable to link farming on the internet to attack the PageRank.
○ Solutions like ‘identifying link farm spam pages’ can be used orthogonally in LENS
■ To identify and protect against trust farming
24. Security Concerns - III
● Human spamming using GK selection (Stage 3)
○ Stage 3 of GK selection allows new users to send emails to complete strangers
○ New user (spammer) can exploit this to get in as a new GK and spam the Recipient
■ More expensive than normal spamming model
● Repetition of stage 3 will require substantial human involvement
○ The scale of attack will remain low due to rate limit of the emails from new GK
● Voucher misuse and revocation
○ Current version of the LENS do not impose any expiration limit on the vouchers
○ Vouchers become invalid or get removed by MS based on four conditions
■ GK removes any user from their community, MS will also remove the associated voucher
■ The user itself gets out of the GK’s community
■ UT (UserType) of the users become negative
■ If Recipient revokes GK, all associated vouchers will become invalid
25. Security Concerns - IV
● Malicious GK faking UserType (UT)
○ GK has no control in manipulating the MS to send false UT
○ Two possibilities where an illegitimate GK can send false UT to recipient
■ Malicious GK hosts a private MS certified by CA and configures to send legitimate UT
● Never been an option for spammers as malicious GK becomes visible: legal actions
○ The MS is compromised by the malicious GK (GateKeeper)
● Key Theft
○ Protection of keys is the responsibility of the MSs
○ Attacks related to key thefts are synonymous to hacking the MS (Mail Server)
● Corresponding defense mechanisms for both are beyond scope of this paper
26. Evaluation of LENS
● KeyPoints
○ Scalability
○ Effectiveness in accepting all inbound emails
○ Performance of Gatekeepers Selection
○ E mail processing
● Case studies
○ ONS (Online Social Networks)
■ Facebook
■ Flickr
27. Evaluation of LENS(Cont’d)- Scalability
● Number of GK required
● The number of GK depends on numbers of
FoF , therefore depends on the community
size.
● Flickr requires <30% of community size
(20-400 GKs)
● Increased Reachability via GKs
● LENS is scalable
○ With 100s GK, a Recipient can be reached by
millions of users (>40 % of users in F and F)
○ but , in RE, we get 0.051% and 0.25%
respectively
28. Evaluation of LENS(Cont’d)- Effectiveness
● Data sets from Enron & Log files from Kiel
Un’ MS.
● Social Network Graph created
○ Edge: Between people who exchanged at least
3 emails
● Filters applied
○ With Friends only ( 20% of mail were
rejected)
○ Comm( <20% rejected)
○ LENS (0% rejected)
● But, the number of gatekeepers was
reasonable
29. Evaluation of LENS(Cont’d)- Performance of GK Sel. Prot.
● Latency of GK selection protocol when MS
are located in different countries
○ PlanetLab is used with 20 nodes
● Each node sends a random GK selection
request to the rest
● Average executıon tıme of stage 1 GK sel.Pr.
● An extra step sınce GK are suggested by FoF.
● At stage 3, there is no extra step involved
○ Therefore, the execution time reduces
● Success rate is at >94.6%
● Few nodes did not achieve 100% (nodes
overloading by too many connections)
30. Evaluation of LENS(Cont’d)- Performance of Email Proc.
● Objective
○ How the size of the message affects the
time required to process it
● How
○ 50k messages were sent every second
○ Size varying from 1 to 50 kb
● In 4 Scenarios;
○ S1: SMTP runs postfix only
○ S2: SpamAssassin is used as Content based
F.
○ S3: MailAvenger-Postfix-LENS
○ S4: similar to S3 with added functionality
of emails based on GKs of the recipient
● Message Size
● SpamAssassin processing delay
increases with the message size
31. Evaluation of LENS(Cont’d)- Performance of Email Proc.
● Objective
○ How the size of the message affects the
time required to process it
● How
○ 50k messages were sent every second
○ Size varying from 1 to 50 kb
● In 4 Scenarios;
○ S1: SMTP runs postfix only
○ S2: SpamAssassin is used as Content based
F.
○ S3: MailAvenger-Postfix-LENS
○ S4: similar to S3 with added functionality
of emails based on GKs of the recipient
● To measure throughput, the sender
bombards the MS with 1000 messages of
8kb each as rapid as possible.
● Throughput
● S1, with no filters makes it by accepting
11 messages per second.
32. Evaluation of LENS(Cont’d)- Performance of Email Proc.
● Objective
○ How the size of the message affects the
time required to process it
● How
○ 50k messages were sent every second
○ Size varying from 1 to 50 kb
● In 4 Scenarios;
○ S1: SMTP runs postfix only
○ S2: SpamAssassin is used as Content based
F.
○ S3: MailAvenger-Postfix-LENS
○ S4: similar to S3 with added functionality
of emails based on GKs of the recipient
● CPU & Memory
○ S2 consumes more CPU (many fılters)
○ S2 requıres also hıgh memory.
● CPU Usage
● MemoryUsage
33. CONCLUSION
● This paper was explaining the design, implementation of LENS
● Evaluation was made on Online Social Networks (OSN)
● The evaluation proved how LENS is scalable when compared to other methods
anti spams
● Its effectiveness was proved by accepting all incoming e mails
● LENS consumes up to 75% less CPU and 9 % less memory as traditional
solutions like SpamAssassin.