Presentation is loading. Please wait.

Presentation is loading. Please wait.

Academic Advisor: Dr. Yuval Elovici Technical Advisor: Polina Zilberman Team Members: Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Academic Advisor: Dr. Yuval Elovici Technical Advisor: Polina Zilberman Team Members: Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski."— Presentation transcript:

1

2 Academic Advisor: Dr. Yuval Elovici Technical Advisor: Polina Zilberman Team Members: Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski Web site: http://www.cs.bgu.ac.il/~grorhovs/project/ Main

3  Most people who use e-mail communication can confirm that at least once they have sent an e-mail to the wrong recipient.  Modern business activities rely on extensive e-mail exchange. Email “wrong recipients” mistakes have become widespread.  The damage caused by such mistakes constitutes a disturbing problem for individuals but for organizations such mistakes may also cost a lot of money. Problem Domain

4  Various solutions to this problem are continuously emerging.  Commercial products, such as Symantec, Websense, and McAfee aim to prevent data leakage via electronic communication channels.  Google provides to its users an application named "Got The Wrong Bob“ Current Situation

5  However, there is still no “silver-bullet” solution.  Many e-mail addressing mistakes are not detected.  In many cases correct recipients are wrongly marked as potential addressing mistake. Current Situation (cond.)

6 User Outlook Plug-in Server Exchange server Middle-ware Host System core Figure 1.1 – System architecture Proposed Solution – Problem domain

7 Same computer Plug-in Middle-ware Server Data base Administrator's GUI Log files System Core Figure 1.2 – System Core architecture Proposed Solution – Software context

8 DescriptionFunctional requirement # Ability to listen to events occurrences from the outlook client, and receive messages from the Middle-Man. Monitor1 Ability to receive messages from the Middle-Man and to let the user edit the recipients \ e-mail Prompt the user 2 Ability to Collect the all relevant information from the mail client and send it to the Middle-Man. Send Monitored Data 3 Ability to activate automatically when Outlook starts.Activation4 Ability to choose to remove from the system an e-mail data that has been sent or received by mistake. Cancel E-mail5 Functional requirements – Plug-in

9 DescriptionFunctional requirement # Ability to create “base words” of all the words in the e-mail.Stemming1 Ability to encrypt all the stemmed words.Encryption2 Ability to send data (encrypted and stemmed words) to the server Send Data3 Ability to recommend additional recipients for the e-mail – only when the server is loaded. Advice For Additional Recipients (optional) 4 Ability to check if the recipient is valid – only when the server is loaded. Check Validity 5 Ability to log relevant data.Logging6 Ability to get all the text from all pdf and doc files attached to the e-mail. Read PDF And DOC Files 7 Functional requirements – Middle-ware

10 DescriptionFunctional requirement # Ability to send data to a client‘s Middle-Man.Send Data1 Ability to check if the recipient is valid. If the server is loaded send data to the Middle-Man for further treatment Check Validity2 Ability to recommend additional recipients for the e-mail. If the server is loaded send data to the Middle-Man for further treatment. Advice For Additional Recipients (optionally) 3 Ability to update the clusters once in two days.Update Clusters4 Ability back up, update, store, and delete old data from the database Dealing with Database 5 Functional requirements – Server

11 DescriptionFunctional requirement # Ability to configure all the parameters of the systemConfiguration Options 1 Ability to remove question marks (?) from emails in the database after they were confirmed as legal by the admin. Unmark E- mails Marked By Question Marks 2 Ability to delete from the database e-mails that were marked with question marks (?) after the admin decided they are illegal. Delete E- mails Marked By Question Marks 3 Ability to produce a summary for the whole system work.Statistics4 Functional requirements – Administrator’s GUI

12 Non-Functional requirements  The delay in sending the e-mails should be linear to the size of the e-mail and not longer than half a minute.  The system should be able to detect no less than 94% of the illegal recipients.  The upper bound on false alerts (wrong alerts on legitimate recipients) is 30%.  The data between server and client must be encrypted with SHA1 encryption.  The system must be available and functional at any time.

13 Non-Functional requirements (cond.)  The communication channel between server and client must be secured with SSL (Secure Sockets Layer).  The system disk space requirement must be linear to the number of e-mails sent\received.  The system should be able to sustain 2,000 client connections concurrently.  The system should be easily adaptable to other e-mail clients.

14 User Profiles – The actors  The E-mail client – the e-mail client which the user uses to work with his e-mail account. It passes e-mails data to the plug-in, which is a part of our system.  The Exchange server – e-mail server of the organization. It gets all the e-mails sent by people from the organization, all the e-mails sent to people from the organization and delivers them to their target.

15 User Profiles – The actors (cond.)  The Simple User – a person who uses the system. He can send e-mails, ignore the system’s recommendations, use the system’s recommendations to attach other users to the list of recipients of the e- mail, and mark e-mails as sent / received by mistake.  The Administrator – a person who configures the system. In addition to being a simple user, he is capable of configuring the system according to his desires, deal with groups of classifications, and dealing with sent e-mails that were considered by the system as leaks.

16 Simple User Send e-mail Check e- mail validity Add new user Set systems’ configurations Log in to the system as a system administrator Remove existing user Add new subject group Administrator E-mail client Exchange server > Simple User > Administrator > Update users’ subject groups Deal with mails marked by a question mark Remove existing subject group Log out from the administrator mode Mark e-mail as got / sent by mistake > Use Case Diagram

17 Use Case 1 – Check e-mail validity  Primary actors: E-mail client, Simple user, Exchange server.  Description: The simple user checks the validity of an e-mail.  Trigger: The user clicks the "send" button (at the first time).  Pre-conditions: 1. The plug-in is installed on the user’s e-mail account. 2. The "middle-man" is installed on the user's computer. 3. The server of the system is installed and runs on a server computer 4. The network is working correctly. 5. The e-mail is not empty. 6. The list of the recipients is not empty.

18 Use Case 1 – Check e-mail validity (cond.)  Post-conditions: In case all the recipients are valid: 1. The e-mail was sent to all of them. 2. The system's database was updated. 3. All the relevant information was written to the appropriate log files. In case at least one of the recipients is invalid: 1. The user gets on his monitor a list of users which the system advices to add to the recipients list (optionally). 2. The user gets on his monitor a list of users which the system advices not to send them the e-mail.

19

20 E-mail to classify, e.g. query Link's threshold Similarity score  Every two users that exchanged emails in the past define a link, and all emails exchanged between these two users are associated with the link.  The classification of an e- mail with content c sent from s to r is performed as follows: the e-mail is compared with the link defined by the users s and r. If the received similarity score is lower than the link's threshold similarity score, then sending the e-mail is considered a potential leak. Purposed Solution – The Theoretical Model Purposed Solution – The Theoretical Model Link communication analysis

21 Orange circles represent the emails taken into account when classifying an email sent from Bob to Alice.  Assume Alice and Bob belong to a group that communicates topic T, and Bob sends an email with content T to Alice. Alice won't be considered a wrong recipient, even if Alice and Bob have never exchanged communication with content T before. Group communication analysis

22 Yes No  Apparently, cascading the group-based and link-based classifiers will take advantage of the “strong” points of both classifiers, and eliminate their “weak” points. Cascading the models

23

24

Download ppt "Academic Advisor: Dr. Yuval Elovici Technical Advisor: Polina Zilberman Team Members: Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski."

Similar presentations

Academic Advisor: Dr. Yuval Elovici Technical Advisor: Polina Zilberman Team Members: Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski.

Academic Advisor: Dr. Yuval Elovici Technical Advisor: Polina Zilberman Team Members: Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
INVESTMENT GAME IN SOCIAL NETWORK Academic Advisor: Dr. Yuval Alovici Professional Advisor: Dr. Mayer Goldberg Team Members: Ido Bercovich Dikla Mordechay.

INVESTMENT GAME IN SOCIAL NETWORK Academic Advisor: Dr. Yuval Alovici Professional Advisor: Dr. Mayer Goldberg Team Members: Ido Bercovich Dikla Mordechay.
Computer Monitoring System for EE Faculty By Yaroslav Ross And Denis Zakrevsky Supervisor: Viktor Kulikov.

Computer Monitoring System for EE Faculty By Yaroslav Ross And Denis Zakrevsky Supervisor: Viktor Kulikov.
SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Prof. Elovici Yuval  Technical:

SOCIAL NETWORK INFORMATION CONSOLIDATION Developers:  Klasquin Tomer  Nisimov Yaron  Rabih Erez Advisors:  Academic: Prof. Elovici Yuval  Technical:
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Electronic Mail. Functionality First e-mail software allowed a user to send some text to another user connected to Internet; Current e-mail systems allow.

Electronic Mail. Functionality First software allowed a user to send some text to another user connected to Internet; Current systems allow.
Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky ADD Presentation.

Academic Advisor: Dr. Yuval Elovici Technical Advisor: Dr. Lidror Troyansky ADD Presentation.
P REVENTING D ATA L EAKAGE VIA E MAIL Rostislav Pinski Dmitry Kaganov Eli Shtein Alexander Gorohovski.

P REVENTING D ATA L EAKAGE VIA E MAIL Rostislav Pinski Dmitry Kaganov Eli Shtein Alexander Gorohovski.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.

Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
A quick course on the new. GCA Webmail can be accessed by clicking on the Webmail link in the GCA page, or by going to either www.gcaplace.org or email.gcasda.org.

A quick course on the new. GCA Webmail can be accessed by clicking on the Webmail link in the GCA page, or by going to either or .gcasda.org.
Email By Laura Trawin.

By Laura Trawin.
What is Dropbox ?– Dropbox is a file storage site which gives you an easy way to save your documents, files, and presentations online and access them from.

What is Dropbox ?– Dropbox is a file storage site which gives you an easy way to save your documents, files, and presentations online and access them from.
Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.

Introduction to the Secure SMTP Server service. Secure SMTP server is a secure, reliable SMTP mail relay server for your outgoing mail. Secure SMTP service.

Similar presentations

Ads by Google