Design and Evalua.on of a Real- Time URL Spam Filtering Service

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Design and Evalua.on of a Real- Time URL Spam Filtering Service"

Transcription

1 Design and Evalua.on of a Real- Time URL Spam Filtering Service Kurt Thomas, Chris Grier, Jus.n Ma, Vern Paxson, Dawn Song University of California, Berkeley Interna.onal Computer Science Ins.tute

2 Mo.va.on Social Networks (Facebook, TwiMer) Spam Blogs, Services (Blogger, Yelp) Web Mail (Gmail, Live Mail)

3 Mo.va.on Exis.ng solu.ons: Blacklists Service- specific, account heuris.cs Develop new spam filter service: Filter spam: scams, phishing, malware Real-.me, fine- grained, generalizable

4 Overview Our system Monarch: Accepts millions of URLs from web service Crawls, labels each URL in real-.me Spam Classifica.on Decision based on URL content, page behavior, hos.ng Large- scale; distributed collec.on, classifica.on Implemented as a cloud service

5 Monarch in Ac.on URL Spam Account Social Network

6 Monarch in Ac.on URL Monarch Spam Account Social Network

7 3. Fetch Content Monarch in Ac.on URL Monarch Spam Account Social Network Spam URL Content

8 3. Fetch Content Monarch in Ac.on URL Monarch Spam Account Social Network Spam URL Content

9 3. Fetch Content Monarch in Ac.on URL Monarch Spam Account Social Network Message Recipients Spam URL Content

10 Challenges Accuracy Real- Time Scalability Tolerant to Feature Evolu.on

11 Outline Architecture Results & Performance Limita.ons Conclusion

12 System Architecture

13 System Architecture

14 System Architecture

15 System Architecture

16 URL Aggrega.on Source Spam URLs Blacklisted TwiMer URLs Non- spam TwiMer URLs Sample Size 1.25 million 567,000 9 million Collec.on period: 9/8/ /29/2010

17 Feature Collec.on High Fidelity Browser NavigaGon Lexical features of URLs (length, subdomains) Obfusca.on (directory opera.ons, nested encoding) HosGng IP/ASN A, NS, MX records Country, city if available

18 Feature Collec.on Content Common HTML templates, keywords Search engine op.miza.on Content of request, response headers Behavior Prevent naviga.ng away Pop- up windows Plugin, JavaScript redirects

19 Classifica.on Distributed LogisGc Regression Data overload for single machine

20 Classifica.on Distributed LogisGc Regression Data overload for single machine L1- regularizagon Reduces feature space, over- figng 50 million features - > 100,000 features

21 Implementa.on System implemented as a cloud service on Amazon EC2 AggregaGon: 1 machine Feature CollecGon: 20 machines Firefox, extension + modified source ClassificaGon & Feature ExtracGon: 50 machines Hadoop - Spark, Mesos Straighjorward to scale the architecture

22 Result Overview High- level summary: Performance Overall accuracy Highlight important features Feature evolu.on Spam independence between services

23 Performance Rate: 638,000 URLs/day Cost: $1,600/mo Process.me: 5.54 sec Network delay: 5.46 sec Can scale to 15 million URLs/day Es.mated $22,000/mo

24 Measuring Accuracy Dataset: 12 million URLs (<2 million spam) Sample 500K spam (half tweets, half ) Sample 500K non- spam Training, Tes.ng 5- fold valida.on Vary training folds non- spam:spam ra.o Test fold equal parts spam, non- spam

25 Overall Accuracy Training RaGo Accuracy False PosiGve Rate False NegaGve Rate 1:1 94% 4.23% 7.5% 4:1 91% 0.87% 17.6% 10:1 87% 0.29% 26.5% Correctly labeled samples Non- spam labeled as spam Spam labeled as non- spam

26 Overall Accuracy Training RaGo Accuracy False PosiGve Rate False NegaGve Rate 1:1 94% 4.23% 7.5% 4:1 91% 0.87% 17.6% 10:1 87% 0.29% 26.5% Correctly labeled samples Non- spam labeled as spam Spam labeled as non- spam

27 Error by Feature Error (%) Error False Posi.ve Rate Error = 1 - Accuracy

28 Error by Feature Error (%) Error False Posi.ve Rate Error = 1 - Accuracy

29 Error by Feature Error (%) Error False Posi.ve Rate Error = 1 - Accuracy

30 Feature Evolu.on Retraining Required Accuracy (%) Sep 16- Sep 20- Sep 24- Sep With Retraining Without Retraining

31 Spam Independence Unexpected result: TwiMer, spam qualita.vely different Training Set TesGng Set Accuracy False NegaGves TwiRer TwiRer 94% 22% TwiMer 81% 88% TwiMer 80% 99% 99% 4%

32 Spam Independence Unexpected result: TwiMer, spam qualita.vely different Training Set TesGng Set Accuracy False NegaGves TwiMer TwiMer 94% 22% TwiRer 81% 88% TwiRer 80% 99% 99% 4%

33 Dis.nct , TwiMer Features

34 Features Shorter Lived

35 Limita.ons Adversarial Machine Learning We provide oracle to spammers Can adversaries tweak content un.l passing? Time- based Evasion Change content aser URL submimed for verifica.on Crawler Fingerprin.ng Iden.fy IP space of Monarch, fingerprint Monarch browser client Dual- personality DNS, page behavior

36 Related Work C. WhiMaker, B. Ryner, and M. Nazif, Large- Scale Automa1c Classifica1on of Phishing Pages J. Ma, L. Saul, S. Savage, and G. Voelker, Iden1fying suspicious URLs: an applica1on of large- scale online learning Y. Zhang, J. Hong, and L. Cranor, Can1na: a content- based approach to detec1ng phishing web sites M. Cova, C. Kruegel, and G. Vigna, Detec1on and analysis of drive- by- download afacks and malicious JavaScript code

37 Conclusion Monarch provides: Real-.me scam, phishing, malware detec.on Experiments show 91% accuracy, 0.87% false posi.ves Readily scalable cloud service Applicable to all URL- based spam Spam not guaranteed to overlap between web services TwiMer, qualita.vely different Despite overlap, can s.ll provide generalizable filtering Require training data from each service

Design and Evaluation of a Real-Time URL Spam Filtering Service

Design and Evaluation of a Real-Time URL Spam Filtering Service Design and Evaluation of a Real-Time URL Spam Filtering Service Geraldo Franciscani 15 de Maio de 2012 Teacher: Ponnurangam K (PK) Introduction Initial Presentation Monarch is a real-time system for filtering

More information

Detection of Malicious URLs by Correlating the Chains of Redirection in an Online Social Network (Twitter)

Detection of Malicious URLs by Correlating the Chains of Redirection in an Online Social Network (Twitter) International Journal of Research Studies in Computer Science and Engineering (IJRSCSE) Volume 1, Issue 3, July 2014, PP 33-38 ISSN 2349-4840 (Print) & ISSN 2349-4859 (Online) www.arcjournals.org Detection

More information

A Fast and Precise Malicious PDF Filter. Wei Xu, Xinran Wang, Huagang Xie, Yanxin Zhang Palo Alto Networks Sep 26, 2012

A Fast and Precise Malicious PDF Filter. Wei Xu, Xinran Wang, Huagang Xie, Yanxin Zhang Palo Alto Networks Sep 26, 2012 A Fast and Precise Malicious PDF Filter Wei Xu, Xinran Wang, Huagang Xie, Yanxin Zhang Palo Alto Networks Sep 26, 2012 Outline Introduc4on Portable Document Format (PDF) Overview Design Evalua4on Summary

More information

Gyrus: A Framework for User- Intent Monitoring of Text- Based Networked ApplicaAons

Gyrus: A Framework for User- Intent Monitoring of Text- Based Networked ApplicaAons Gyrus: A Framework for User- Intent Monitoring of Text- Based Networked ApplicaAons Yeongjin Jang*, Simon P. Chung*, Bryan D. Payne, and Wenke Lee* *Georgia Ins=tute of Technology Nebula, Inc 1 Tradi=onal

More information

Design and Evaluation of a Real-Time URL Spam Filtering Service

Design and Evaluation of a Real-Time URL Spam Filtering Service Design and Evaluation of a Real-Time URL Spam Filtering Service Kurt Thomas *, Chris Grier *, Justin Ma *, Vern Paxson *, Dawn Song * {kthomas, grier, jtma, vern, dawnsong}@cs.berkeley.edu * University

More information

Design and Evaluation of a Real-Time URL Spam Filtering Service

Design and Evaluation of a Real-Time URL Spam Filtering Service 2011 IEEE Symposium on Security and Privacy Design and Evaluation of a Real-Time URL Spam Filtering Service Kurt Thomas *, Chris Grier *, Justin Ma *, Vern Paxson *, Dawn Song * {kthomas, grier, jtma,

More information

Botnets: a Growing Threat

Botnets: a Growing Threat Studying Spamming nets Using Lab Arvind Krishnamurthy Joint work with: John John, Alex Moshchuk, Steve Gribble University of Washington nets: a Growing Threat Increasing awareness, but there is a dearth

More information

LASTLINE WHITEPAPER. Large-Scale Detection of Malicious Web Pages

LASTLINE WHITEPAPER. Large-Scale Detection of Malicious Web Pages LASTLINE WHITEPAPER Large-Scale Detection of Malicious Web Pages Abstract Malicious web pages that host drive-by-download exploits have become a popular means for compromising hosts on the Internet and,

More information

Twi$erEcho: a Distributed Focused Crawler to Support Open Research with TwiLer Data

Twi$erEcho: a Distributed Focused Crawler to Support Open Research with TwiLer Data Intl. Workshop on Social Media Applica6ons in News and Entertainment SMANE 2012 @ WWW 2012 v Lyon, April 16th 2012 Twi$erEcho: a Distributed Focused Crawler to Support Open Research with TwiLer Data Matko

More information

Gyrus: A Framework for User- Intent Monitoring of Text- Based Networked ApplicaAons

Gyrus: A Framework for User- Intent Monitoring of Text- Based Networked ApplicaAons Gyrus: A Framework for User- Intent Monitoring of Text- Based Networked ApplicaAons Yeongjin Jang*, Simon P. Chung*, Bryan D. Payne, and Wenke Lee* *Georgia Ins=tute of Technology Nebula, Inc 1 Tradi=onal

More information

Secure Because Math: Understanding ML- based Security Products (#SecureBecauseMath)

Secure Because Math: Understanding ML- based Security Products (#SecureBecauseMath) Secure Because Math: Understanding ML- based Security Products (#SecureBecauseMath) Alex Pinto Chief Data Scien2st Niddel / MLSec Project @alexcpsec @MLSecProject @NiddelCorp Agenda Security Singularity

More information

10 Giorni in una Botnet

10 Giorni in una Botnet In collaborazione con Lorenzo Cavallaro, Bob Gilbert, Bre8 Stone- Gross, Mar

More information

ECBDL 14: Evolu/onary Computa/on for Big Data and Big Learning Workshop July 13 th, 2014 Big Data Compe//on

ECBDL 14: Evolu/onary Computa/on for Big Data and Big Learning Workshop July 13 th, 2014 Big Data Compe//on ECBDL 14: Evolu/onary Computa/on for Big Data and Big Learning Workshop July 13 th, 2014 Big Data Compe//on Jaume Bacardit jaume.bacardit@ncl.ac.uk The Interdisciplinary Compu/ng and Complex BioSystems

More information

Understanding and Detec.ng Real- World Performance Bugs

Understanding and Detec.ng Real- World Performance Bugs Understanding and Detec.ng Real- World Performance Bugs Gouliang Jin, Linhai Song, Xiaoming Shi, Joel Scherpelz, and Shan Lu Presented by Cindy Rubio- González Feb 10 th, 2015 Mo.va.on Performance bugs

More information

Processing of Mix- Sensi0vity Video Surveillance Streams on Hybrid Clouds

Processing of Mix- Sensi0vity Video Surveillance Streams on Hybrid Clouds Processing of Mix- Sensi0vity Video Surveillance Streams on Hybrid Clouds Chunwang Zhang, Ee- Chien Chang School of Compu2ng, Na2onal University of Singapore 28 th June, 2014 Outline 1. Mo0va0on 2. Hybrid

More information

Observing Common Spam in Tweets and Email

Observing Common Spam in Tweets and Email Observing Common Spam in Tweets and Email Cristian Lumezanu NEC Laboratories America Princeton, NJ lume@nec-labs.com Nick Feamster University of Maryland College Park, MD feamster@cs.umd.edu ABSTRACT Spam

More information

Domain Name System Security

Domain Name System Security Domain Name System Security Guevara Noubir Network Security Northeastern University 1 Domain Name System DNS is a fundamental applica=on layer protocol Not visible but invoked every =me a remote site is

More information

Email Security. Guevara Noubir Network Security Northeastern University

Email Security. Guevara Noubir Network Security Northeastern University Guevara Noubir Network Security Northeastern University 1 Email One of the most widely used applica>ons of the Internet but s>ll rela>vely insecure Designed without security concerns How does email work?

More information

New DNS Traffic Analysis Techniques to Identify Global Internet Threats. Dhia Mahjoub and Thomas Mathew January 12 th, 2016

New DNS Traffic Analysis Techniques to Identify Global Internet Threats. Dhia Mahjoub and Thomas Mathew January 12 th, 2016 New DNS Traffic Analysis Techniques to Identify Global Internet Threats Dhia Mahjoub and Thomas Mathew January 12 th, 2016 1 Dhia Mahjoub Technical Leader at OpenDNS PhD Graph Theory Applied on Sensor

More information

Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna University of California, Santa Barbara 26 th ACSAC(December, 2010)

Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna University of California, Santa Barbara 26 th ACSAC(December, 2010) Gianluca Stringhini, Christopher Kruegel, Giovanni Vigna University of California, Santa Barbara 26 th ACSAC(December, 2010) Presented by Alankrit Chona 2009CS10176 Nikita Gupta 2009CS50248 Motivation

More information

So#ware quality assurance - introduc4on. Dr Ana Magazinius

So#ware quality assurance - introduc4on. Dr Ana Magazinius So#ware quality assurance - introduc4on Dr Ana Magazinius 1 What is quality? 2 What is a good quality car? 2 and 2 2 minutes 3 characteris4cs 3 What is quality? 4 What is quality? How good or bad something

More information

Extrac'ng People s Hobby and Interest Informa'on from Social Media Content

Extrac'ng People s Hobby and Interest Informa'on from Social Media Content Extrac'ng People s Hobby and Interest Informa'on from Social Media Content Thomas Forss, Shuhua Liu and Kaj- Mikael Björk Dept of Business Administra?on and Analy?cs Arcada University of Applied Sciences

More information

The power of whitelists. Melinda Plemel Return Path

The power of whitelists. Melinda Plemel Return Path The power of whitelists Melinda Plemel Return Path Spam filter Heuristics Speculative Algorithm = Rule Result of applied rule = A Numerical Score The result of the final equation is known as the Spam

More information

Search engine optimization: Black hat Cloaking Detection technique

Search engine optimization: Black hat Cloaking Detection technique Search engine optimization: Black hat Cloaking Detection technique Patel Trupti 1, Kachhadiya Kajal 2, Panchani Asha 3, Mistry Pooja 4 Shrimad Rajchandra Institute of Management and Computer Application

More information

Introduc8on to Apache Spark

Introduc8on to Apache Spark Introduc8on to Apache Spark Jordan Volz, Systems Engineer @ Cloudera 1 Analyzing Data on Large Data Sets Python, R, etc. are popular tools among data scien8sts/analysts, sta8s8cians, etc. Why are these

More information

CS 558 Internet Systems and Technologies

CS 558 Internet Systems and Technologies CS 558 Internet Systems and Technologies Dimitris Deyannis deyannis@csd.uoc.gr 881 Heat seeking Honeypots: Design and Experience Abstract Compromised Web servers are used to perform many malicious activities.

More information

Phishing Scams Security Update Best Practices for General User

Phishing Scams Security Update Best Practices for General User Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to

More information

Email/Endpoint Security and More Rondi Jamison

Email/Endpoint Security and More Rondi Jamison Email/Endpoint Security and More Rondi Jamison Sr. Marke)ng Manager - Enterprise Security Strategy Agenda 1 Why Symantec? 2 Partnership 3 APS2 Packages 4 What s next Copyright 2014 Symantec Corpora)on

More information

Who will win the battle - Spammers or Service Providers?

Who will win the battle - Spammers or Service Providers? Who will win the battle - Spammers or Service Providers? Pranaya Krishna. E* Spam Analyst and Digital Evidence Analyst, TATA Consultancy Services Ltd. (pranaya.enugulapally@tcs.com) Abstract Spam is abuse

More information

FTC Data Security Standard

FTC Data Security Standard FTC Data Security Standard The FTC takes the posi6on (Being tested now in li6ga6on) that Sec6on 5 of the FTC Act requires Reasonable Security under the circumstances: that companies have reasonable controls

More information

Business Con*nuity with Docker

Business Con*nuity with Docker CloudOpen Japan 2015 Business Con*nuity with Docker 2015/06/04 Yoshitaka Kuwata Muroran Ins*tute of Technology Overview of Talk 1. Who is Talking 2. Mo*va*on of Disaster Recovery 3. Exis*ng Solu*ons 4.

More information

Recurrent Patterns Detection Technology. White Paper

Recurrent Patterns Detection Technology. White Paper SeCure your Network Recurrent Patterns Detection Technology White Paper January, 2007 Powered by RPD Technology Network Based Protection against Email-Borne Threats Spam, Phishing and email-borne Malware

More information

Cloud Based Tes,ng & Capacity Planning (CloudPerf)

Cloud Based Tes,ng & Capacity Planning (CloudPerf) Cloud Based Tes,ng & Capacity Planning (CloudPerf) Joan A. Smith Emory University Libraries joan.smith@emory.edu Frank Owen Owenworks Inc. frank@owenworks.biz Full presenta,on materials and CloudPerf screencast

More information

A Practical Attack to De Anonymize Social Network Users

A Practical Attack to De Anonymize Social Network Users A Practical Attack to De Anonymize Social Network Users Gilbert Wondracek () Thorsten Holz () Engin Kirda (Institute Eurecom) Christopher Kruegel (UC Santa Barbara) http://iseclab.org 1 Attack Overview

More information

80 % Section I: Web Page Analysis TOP 5 WORDS URL DESCRIPTION TAG TITLE TAG SPEED COPY. ocean19.com

80 % Section I: Web Page Analysis TOP 5 WORDS URL DESCRIPTION TAG TITLE TAG SPEED COPY. ocean19.com Section I: Web Page Analysis This section analyzes the specific web page at the URL you entered within your website or competitor's website, and determines how optimized it is for the keyword(s): chicago

More information

Making Sense of Big Data. Dr. Thomas E. Potok Computa2onal Data Analy2cs Group Leader Oak Ridge Na2onal Laboratory potokte@ornl.

Making Sense of Big Data. Dr. Thomas E. Potok Computa2onal Data Analy2cs Group Leader Oak Ridge Na2onal Laboratory potokte@ornl. Making Sense of Big Data Dr. Thomas E. Potok Computa2onal Data Analy2cs Group Leader Oak Ridge Na2onal Laboratory potokte@ornl.gov 865-574- 0834 ORNL s Big Data Legacy Science National Security Energy

More information

SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015

SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015 SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015 The Usual Players Indebtedness for driving on toll road Transaction receipts Notice to appear Major and Emerging Trends

More information

Merit Member Conference 2015 Does Migra+ng to a Virtualized Data Center Make Sense in Higher Educa+on?

Merit Member Conference 2015 Does Migra+ng to a Virtualized Data Center Make Sense in Higher Educa+on? Merit Member Conference 2015 Does Migra+ng to a Virtualized Data Center Make Sense in Higher Educa+on? is underway with a pilot migra8on from a tradi8onal university data center to a scalable virtualized

More information

PATRIOT BANK CUSTOMERS. Corporate Account Takeover & Information Security Awareness

PATRIOT BANK CUSTOMERS. Corporate Account Takeover & Information Security Awareness PATRIOT BANK CUSTOMERS Corporate Account Takeover & Information Security Awareness What will be covered! What is Corporate Account Takeover?! How does it work?! Sta9s9cs! Current Trend Examples! What can

More information

User Guide to the Content Analysis Tool

User Guide to the Content Analysis Tool User Guide to the Content Analysis Tool User Guide To The Content Analysis Tool 1 Contents Introduction... 3 Setting Up a New Job... 3 The Dashboard... 7 Job Queue... 8 Completed Jobs List... 8 Job Details

More information

Peering Through the iframe

Peering Through the iframe Peering Through the iframe Brett Stone-Gross, Marco Cova, Christopher Kruegel, and Giovanni Vigna University of California, Santa Barbara University of Birmingham, United Kingdom {bstone,chris,vigna}@cs.ucsb.edu

More information

Detecting Malware P2P Traffic Using Network Flow and DNS Analysis. John Jerrim FloCon 2013

Detecting Malware P2P Traffic Using Network Flow and DNS Analysis. John Jerrim FloCon 2013 Detecting Malware P2P Traffic Using Network Flow and DNS Analysis John Jerrim FloCon 2013 11/16/2012 Copyright 2012 Damballa, Inc. All Rights Reserved Worldwide. 1 Overview More malware using P2P protocols

More information

Ipswitch IMail Server with Integrated Technology

Ipswitch IMail Server with Integrated Technology Ipswitch IMail Server with Integrated Technology As spammers grow in their cleverness, their means of inundating your life with spam continues to grow very ingeniously. The majority of spam messages these

More information

NGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age

NGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age NGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age Dynamic Threat Protection for Enterprise Edge and Data Center Rasmus Andersen Lead Security Sales Specialist

More information

Honeycomb Crea/ve Works is financed by the European Union s European Regional Development Fund through the INTERREG IVA Cross- border Programme

Honeycomb Crea/ve Works is financed by the European Union s European Regional Development Fund through the INTERREG IVA Cross- border Programme Honeycomb Crea/ve Works is financed by the European Union s European Regional Development Fund through the INTERREG IVA Cross- border Programme managed by the Special EU Programmes Body. Web Analy*cs In

More information

Protec'ng Communica'on Networks, Devices, and their Users: Technology and Psychology

Protec'ng Communica'on Networks, Devices, and their Users: Technology and Psychology Protec'ng Communica'on Networks, Devices, and their Users: Technology and Psychology Alexey Kirichenko, F- Secure Corpora7on ICT SHOK, Future Internet program 30.5.2012 Outline 1. Security WP (WP6) overview

More information

World Wide Web (WWW) Hypertext Transfer Protocol (HTTP) and discussion groups Usenet News Chat and instant messaging FTP Telnet

World Wide Web (WWW) Hypertext Transfer Protocol (HTTP)  and  discussion groups Usenet News Chat and instant messaging FTP Telnet World Wide Web (WWW) Hypertext Transfer Protocol (HTTP) E-Mail and E-Mail discussion groups Usenet News Chat and instant messaging FTP Telnet E-Commerce The World Wide Web Like an Internet library with

More information

A Brief Overview of the Mobile App Ecosystem. September 13, 2012

A Brief Overview of the Mobile App Ecosystem. September 13, 2012 A Brief Overview of the Mobile App Ecosystem September 13, 2012 Presenters Pam Dixon, Execu9ve Director, World Privacy Forum Jules Polonetsky, Director and Co- Chair, Future of Privacy Forum Nathan Good,

More information

SaaS and Web Services 7.1.0

SaaS  and Web Services 7.1.0 Release Notes Revision A SaaS Email and Web Services 7.1.0 Contents About this release New features Resolved issues Recommended environments Find McAfee SaaS service documentation Find product documentation

More information

benefit of virtualiza/on? Virtualiza/on An interpreter may not work! Requirements for Virtualiza/on 1/06/15 Which of the following is not a poten/al

benefit of virtualiza/on? Virtualiza/on An interpreter may not work! Requirements for Virtualiza/on 1/06/15 Which of the following is not a poten/al 1/06/15 Benefits of virtualiza/on Virtualiza/on Which of the following is not a poten/al benefit of virtualiza/on? A. cost effec/ve B. applica/on migra/on is easy C. improve applica/on performance D. run

More information

Adventures in Bouncerland. Nicholas J. Percoco Sean Schulte Trustwave SpiderLabs

Adventures in Bouncerland. Nicholas J. Percoco Sean Schulte Trustwave SpiderLabs Adventures in Bouncerland Nicholas J. Percoco Sean Schulte Trustwave SpiderLabs Agenda Introduc5ons Our Mo5va5ons What We Knew About Bouncer Research Approach & Process Phase 0 Phase 1 7 Final Test What

More information

Panda Cloud Email Protection

Panda Cloud Email Protection Panda Cloud Email Protection 1. Introduction a) What is spam? Spam is the term used to describe unsolicited messages or messages sent from unknown senders. They are usually sent in large (even massive)

More information

Connec(ng to the NC Educa(on Cloud

Connec(ng to the NC Educa(on Cloud NC Educa)on Cloud Connec(ng to the NC Educa(on Cloud May 2012 Update! http://cloud.fi.ncsu.edu! Dave Furiness, MCNC! Phil Emer, Friday Institute! 1 First Things First Year one was about planning we are

More information

Exchange of experience from a SuccessFactors LMS Implementa9on

Exchange of experience from a SuccessFactors LMS Implementa9on Exchange of experience from a SuccessFactors LMS Implementa9on Seen from a user perspective Hanne Vasshus Ask Competency Management Cau9onary Statement The following presenta9on includes forward- looking

More information

ARTIST Methodology and Tooling. Jesus Gorroñogoitia - Atos SOC Crete, 1 st July 2015

ARTIST Methodology and Tooling. Jesus Gorroñogoitia - Atos SOC Crete, 1 st July 2015 ARTIST Methodology and Tooling Jesus Gorroñogoitia - Atos SOC Crete, 1 st July 2015 Motivation: From SaaP to SaaS So#ware as a Product based Company So#ware as a Service based Company : Cloud Computing

More information

Mining DNS for Malicious Domain Registrations

Mining DNS for Malicious Domain Registrations Mining DNS for Malicious Domain Registrations Yuanchen He, Zhenyu Zhong, Sven Krasser, Yuchun Tang McAfee, Inc. 451 North Point Parkway, Suite 3 Alpharetta, GA 322, USA {yhe, ezhong, skrasser, ytang}@mcafee.com

More information

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server. Collax Mail Server Howto This howto describes the setup of a Collax server as mail server. Requirements Collax Business Server Collax Groupware Suite Collax Platform Server including Collax Communication

More information

Main Research Gaps in Cyber Security

Main Research Gaps in Cyber Security Comprehensive Approach to cyber roadmap coordina5on and development Main Research Gaps in Cyber Security María Pilar Torres Bruna everis Aerospace and Defence Index CAMINO WP2: Iden8fica8on and Analysis

More information

WEB CONTENT SCANNER SDK

WEB CONTENT SCANNER SDK WEB CONTENT SCANNER SDK Web Content Inspection for PCs and Mobile OVERVIEW Web Content Scanner SDK is a multi-platform SDK that enables an application to filter websites based on web content at very high

More information

Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages

Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages Davide Canali Marco Cova Giovanni Vigna Christopher Kruegel Institute Eurecom, France University of Birmingham, UK University

More information

WatchGuard QMS End User Guide

WatchGuard QMS End User Guide WatchGuard QMS End User Guide WatchGuard QMS Overview The WatchGuard QMS device enables spam messages from the WatchGuard XCS to be directed to a local quarantine area that provides spam storage for each

More information

Service description for SUNET mailfilter

Service description for SUNET mailfilter Service description for SUNET mailfilter Table of Contents Table of Contents... 2 Introduction... 3 Glossary... 4 Service description for SUNET mailfilter... 5 Introduction... 5 Service architecture...

More information

POP3 Connector for Exchange - Configuration

POP3 Connector for Exchange - Configuration Eclarsys PopGrabber POP3 Connector for Exchange - Configuration PopGrabber is an excellent replacement for the POP3 connector included in Windows SBS 2000 and 2003. It also works, of course, with Exchange

More information

Cloud Services. Email Anti-Spam. Admin Guide

Cloud Services. Email Anti-Spam. Admin Guide Cloud Services Email Anti-Spam Admin Guide 10/23/2014 CONTENTS Introduction to Anti- Spam... 4 About Anti- Spam... 4 Locating the Anti- Spam Pages in the Portal... 5 Anti- Spam Best Practice Settings...

More information

Email Spam and the Ethics of An3spam measures

Email Spam and the Ethics of An3spam measures Email Spam and the Ethics of An3spam measures Behrooz Sangchoolie Chalmers PhD Course in Ethics and Philosophy of Compu3ng 2015 What is an Email Spam? Emails that are sent to someone without that person

More information

DNS Traffic Monitoring. Dave Piscitello VP Security and ICT Coordina;on, ICANN

DNS Traffic Monitoring. Dave Piscitello VP Security and ICT Coordina;on, ICANN DNS Traffic Monitoring Dave Piscitello VP Security and ICT Coordina;on, ICANN Domain Names ICANN coordinates the administra2on of global iden2fier systems Domain names provide user friendly identification

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes

More information

Blue Medora VMware vcenter Opera3ons Manager Management Pack for Oracle Enterprise Manager

Blue Medora VMware vcenter Opera3ons Manager Management Pack for Oracle Enterprise Manager Blue Medora VMware vcenter Opera3ons Manager Management Pack for Oracle Enterprise Manager Oracle WebLogic J2EE on VMware Monitoring 203 Blue Medora LLC All rights reserved WebLogic on VMware Management

More information

IT Change Management Process Training

IT Change Management Process Training IT Change Management Process Training Before you begin: This course was prepared for all IT professionals with the goal of promo9ng awareness of the process. Those taking this course will have varied knowledge

More information

Three Step Redirect API

Three Step Redirect API Inspire Commerce &.pay Three Step Redirect API Inspire Commerce 800-261-3173 support@inspirecommerce.com Contents Overview... 3 Methodology... 3 XML Communica:on... 5 Transac:on Opera:ons... 6 Customer

More information

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109 K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS v.109 1 The Exchange environment is an important entry point by which a threat or security risk can enter into a network. K7 Mail Security is a complete

More information

Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protec/ng Informa/on Assets Greg Senko

Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning. MIS 5206 Protec/ng Informa/on Assets Greg Senko Protec'ng Informa'on Assets - Week 8 - Business Continuity and Disaster Recovery Planning MIS5206 Week 8 In the News Readings In Class Case Study BCP/DRP Test Taking Tip Quiz In the News Discuss items

More information

A Measurement Study of Web Redirections in the Internet

A Measurement Study of Web Redirections in the Internet A Measurement Study of Web Redirections in the Internet Krishna Bhargrava Vangapandu Deparment of Computer Science University of Georgia 415 Boyd GSRC Athens, GA bhargav@uga.edu Douglas Brewer Deparment

More information

Commtouch RPD Technology. Network Based Protection Against Email-Borne Threats

Commtouch RPD Technology. Network Based Protection Against Email-Borne Threats Network Based Protection Against Email-Borne Threats Fighting Spam, Phishing and Malware Spam, phishing and email-borne malware such as viruses and worms are most often released in large quantities in

More information

Data Management in the Cloud: Limitations and Opportunities. Annies Ductan

Data Management in the Cloud: Limitations and Opportunities. Annies Ductan Data Management in the Cloud: Limitations and Opportunities Annies Ductan Discussion Outline: Introduc)on Overview Vision of Cloud Compu8ng Managing Data in The Cloud Cloud Characteris8cs Data Management

More information

Applying Machine Learning to Network Security Monitoring. Alex Pinto Chief Data Scien2st MLSec Project @alexcpsec @MLSecProject!

Applying Machine Learning to Network Security Monitoring. Alex Pinto Chief Data Scien2st MLSec Project @alexcpsec @MLSecProject! Applying Machine Learning to Network Security Monitoring Alex Pinto Chief Data Scien2st MLSec Project @alexcpsec @MLSecProject! whoami Almost 15 years in Informa2on Security, done a licle bit of everything.

More information

Evalua&ng Malware Mi&ga&on by Android Market Operators

Evalua&ng Malware Mi&ga&on by Android Market Operators Evalua&ng Malware Mi&ga&on by Android Market Operators Yosuke KIKUCHI*, Hiroshi MORI*, Hiroki NAKANO*, Katsunari YOSHIOKA*, Tsutomu MATSUMOTO*, Michel VAN EETEN** *Yokohama Na&onal University **DelI University

More information

Real Time Analy:cs for Big Data Lessons Learned from Facebook

Real Time Analy:cs for Big Data Lessons Learned from Facebook SINGLE PLATFORM. COMPLETE SCALABILITY. Real Time Analy:cs for Big Data Lessons Learned from Facebook @uri1803 Head of Product GigaSpaces About Me MTBK Junky A Proud Dad Technology addict Head of Product

More information

An analysis of the effectiveness of personalized spam using online social network public information

An analysis of the effectiveness of personalized spam using online social network public information An analysis of the effectiveness of personalized spam using online social network public information Enaitz Ezpeleta 1, Urko Zurutuza 1, and José María Gómez Hidalgo 2 1 Electronics and Computing Department,

More information

anomaly, thus reported to our central servers.

anomaly, thus reported to our central servers. Cloud Email Firewall Maximum email availability and protection against phishing and advanced threats. If the company email is not protected then the information is not safe Cloud Email Firewall is a solution

More information

Cloud Based Content Fetching: Using Cloud Infrastructure to Obfuscate Phishing Scam Analysis

Cloud Based Content Fetching: Using Cloud Infrastructure to Obfuscate Phishing Scam Analysis 2012 IEEE Eighth World Congress on Services Cloud Based Content Fetching: Using Cloud Infrastructure to Obfuscate Phishing Scam Analysis Edward Ferguson, Joseph Weber, and Ragib Hasan Department of Computer

More information

India s Integrated Taxpayer Data Management System (ITDMS) - A data mining tool for non-intrusive anti-tax evasion work

India s Integrated Taxpayer Data Management System (ITDMS) - A data mining tool for non-intrusive anti-tax evasion work India s Integrated Taxpayer Data Management System (ITDMS) - A data mining tool for non-intrusive anti-tax evasion work Winner of Prime Minister Award For Excellence In Public Administration April 2010

More information

Hosted Security Integration with Microsoft Office 365

Hosted  Security Integration with Microsoft Office 365 A Trend Micro Integration Guide I July 2016 Hosted Email Security Integration with Microsoft Office 365» This document highlights the benefits of Hosted Email Security (HES) for Microsoft Office 365 customers

More information

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Cyan Networks Secure Web vs. Websense Security Gateway Battle card URL Filtering CYAN Secure Web Database - over 30 million web sites organized into 31 categories updated daily, periodically refreshing the data and removing expired domains Updates of the URL database

More information

Achieve more with less

Achieve more with less Energy reduction Bayesian Filtering: the essentials - A Must-take approach in any organization s Anti-Spam Strategy - Whitepaper Achieve more with less What is Bayesian Filtering How Bayesian Filtering

More information

This is a picture of a kiqen

This is a picture of a kiqen Who am I? 11 years in InfoSec with 5 years of hobby work prior to that Primary interests: penetra;on tes;ng, intrusion detec;on, and log correla;on Currently employed as an InfoSec generalist at a cloud

More information

Keeping Pace with Big Data

Keeping Pace with Big Data - A Data Mining Perspec>ve Huan Liu, Tempe, AZ hep://www.public.asu.edu/~huanliu NSF Workshop on Big Data Analy6cs for Infrastructure and Building Resilience and Sustainability, Beijing, China Sept 19-20,

More information

ModusMail Software Instructions.

ModusMail Software Instructions. ModusMail Software Instructions. Table of Contents Basic Quarantine Report Information. 2 Starting A WebMail Session. 3 WebMail Interface. 4 WebMail Setting overview (See Settings Interface).. 5 Account

More information

SonicWALL Email Security Quick Start Guide. Version 4.6

SonicWALL Email Security Quick Start Guide. Version 4.6 SonicWALL Email Security Quick Start Guide Version 4.6 Quick Start Guide - Introduction This document guides you through the most basic steps to set up and administer SonicWALL Email Security. For more

More information

Intro Fun. S#ck- figure strip humor sourced and courtesy of h8p://xkcd.com and is provided for informa#ve use only.

Intro Fun. S#ck- figure strip humor sourced and courtesy of h8p://xkcd.com and is provided for informa#ve use only. Intro Fun S#ck- figure strip humor sourced and courtesy of h8p://xkcd.com and is provided for informa#ve use only. Security & Trust Trends on security and trust within the Internet A focus on Phishing

More information

MTD Keystone s Multiple Service Platforms

MTD Keystone s Multiple Service Platforms MTD s Multiple Service Platforms uses the Microso/ Office pla5orm and is an MS Access applica:on with integra:on to the common Microso/ Office applica:ons, namely Excel, Word, and Outlook. may be installed

More information

OIS. Update on the anti spam system at CERN. Pawel Grzywaczewski, CERN IT/OIS HEPIX fall 2010

OIS. Update on the anti spam system at CERN. Pawel Grzywaczewski, CERN IT/OIS HEPIX fall 2010 OIS Update on the anti spam system at CERN Pawel Grzywaczewski, CERN IT/OIS HEPIX fall 2010 OIS Current mail infrastructure Mail service in numbers: ~18 000 mailboxes ~ 18 000 mailing lists (e-groups)

More information

Deciphering and Mitigating Blackhole Spam from Email-borne Threats

Deciphering and Mitigating Blackhole Spam from Email-borne Threats Deciphering and Mitigating Blackhole Spam from Email-borne Threats Samir Patil Symantec Deciphering and Mitigating Blackhole Spam from Email-borne Threats 1 Outline 1 Background 2 Detection Challenges

More information

Anti Spam Best Practices

Anti Spam Best Practices 53 Anti Spam Best Practices Anti Spam LIVE Service: Zero-Hour Protection An IceWarp White Paper October 2008 www.icewarp.com 54 Background As discussed in the IceWarp white paper entitled, Anti Spam Engine:

More information

TECHNICAL REPORT. An Analysis of Domain Silver, Inc..pl Domains

TECHNICAL REPORT. An Analysis of Domain Silver, Inc..pl Domains TECHNICAL REPORT An Analysis of Domain Silver, Inc..pl Domains July 31, 2013 CONTENTS Contents 1 Introduction 2 2 Registry, registrar and registrant 3 2.1 Rogue registrar..................................

More information

Web Crawling. David Kauchak cs160 Fall adapted from:

Web Crawling. David Kauchak cs160 Fall adapted from: Web Crawling David Kauchak cs160 Fall 2009 adapted from: http://www.stanford.edu/class/cs276/handouts/lecture14-crawling.ppt Administrative Midterm Collaboration on homeworks Possible topics with equations

More information

LOW COST PAGE QUALITY FACTORS TO DETECT WEB SPAM

LOW COST PAGE QUALITY FACTORS TO DETECT WEB SPAM LOW COST PAGE QUALITY FACTORS TO DETECT WEB SPAM Ashish Chandra, Mohammad Suaib, and Dr. Rizwan Beg Department of Computer Science & Engineering, Integral University, Lucknow, India ABSTRACT Web spam is

More information

Challenges in Cri-cal Infrastructure Security

Challenges in Cri-cal Infrastructure Security Challenges in Cri-cal Infrastructure Security Corrado Leita Symantec Research Labs 1 Symantec Research Labs CARD (Collabora*ve Advanced Research Department) group Sophia An*polis, FR Culver City, CA Herndon,

More information

Stream Deployments in the Real World: Enhance Opera?onal Intelligence Across Applica?on Delivery, IT Ops, Security, and More

Stream Deployments in the Real World: Enhance Opera?onal Intelligence Across Applica?on Delivery, IT Ops, Security, and More Copyright 2015 Splunk Inc. Stream Deployments in the Real World: Enhance Opera?onal Intelligence Across Applica?on Delivery, IT Ops, Security, and More Stela Udovicic Sr. Product Marke?ng Manager Clayton

More information