Presentation is loading. Please wait.

Presentation is loading. Please wait.

A False Positive Safe Neural Network for Spam Detection Alexandru Catalin Cosoi

Published byJob McDowell Modified over 9 years ago

Similar presentations

Presentation on theme: "A False Positive Safe Neural Network for Spam Detection Alexandru Catalin Cosoi"— Presentation transcript:

1 A False Positive Safe Neural Network for Spam Detection Alexandru Catalin Cosoi acosoi@bitdefender.com

2 Does this look familiar?

3 Anatrim

4 Oh boy, it’s getting worst!!!

5

6 Bad Bad Spammer!!! Databases: D: Random legitimate text D 1 : Different rephrases of a certain spam phrase D 2 : Different rephrases of another spam phrase ………………… D n : Different rephrases of another spam phrase –Create spam message script: –Choose a random phrase from D 1 –Choose random text from D –Choose a random phrase from D 2 –Choose random text from D –……………. –Chose random phrase from D n Send message. 40 samples of different subjects 50 samples of different titles 30 samples of different titles (part II) 60000 different combinations Appeared as a consequence of botnets

7 Features Larger time frame – KeyWord!!!! Weak features –Words like “Anatrim”, “Viagra”, “Xanax”, “Stock” –Simple word combinations like “Stock alert”, “Strong buy” –Simple Header Heuristics (for both spam and ham) like: valid reply, weird message id, forged headers Example: –Top 500 spammy words from a Bayesian dictionary –Some simple header heuristics from spamassasins’ SARE Ninjas –Trainer’s personal flavour

8 Why ART? Training occurs by modifying the weights of each neuron For large amounts of data, forgetting important details might actually happen Solves the stability-plasticity dilemma Based on template detection Unlimited number of templates involves unlimited number of patterns 2 self organizing neural networks + a mapping module = supervised organizing neural network

9 Adaptive Resonance Theory Similar to a cluster algorithm (as many clusters as needed) ARTMAP = ART a + ART b + MapField

10 ART Vigilance Small Value - Imprecise Big value - Fragmented A big value: Accepts small errors; Many small clusters; High precision A small value: Accepts high errors; A few big clusters; Errors can appear

11 ART ++

12 Algorithm

13 Corpus 2.5 million spam messages (sampled on waves with a high degree of variation) and around 1000 simple low relevance text heuristics (not counting the standard header heuristics). The first 1000 words (ordered by discrimination, but with a minimum of 10-30 hundred occurrences) from a bayesian dictionary trained on this corpus, and also standard header heuristics. Almost 1 million legitimate email messages 75% of the message corpus were used for training the neural network and, 25% were used in testing the neural network. 1.5 days to train!!!!

14 Results FP: 1%0.0001% FN: 4% 20 % On some corpuses (TREC 2006) we had … not so great results (but current heuristics) FN: 35% (  ) FP: 2 email messages! ( ) At least, just a few false positives!

15 Conclusions ART + Simple Features + Spam = Love ART + False Positives + Spam = OMG!!! (ART++) = Heuristic Filter + ARTMAP Must use a lot of email messages. It is highly difficult to find representative samples for individual waves. Can also be applied to other neural networks Interesting PowerPoint template…

16 Thanks QUESTIONS?

Download ppt "A False Positive Safe Neural Network for Spam Detection Alexandru Catalin Cosoi"

Similar presentations

Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.

Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.
Anti-SPAM experience at LAL Michel Jouvin LAL / IN2P3

Anti-SPAM experience at LAL Michel Jouvin LAL / IN2P3
Document Filtering Dr. Frank McCown Intro to Web Science Harding University This work is licensed under a Creative Commons Attribution-NonCommercial- ShareAlike.

Document Filtering Dr. Frank McCown Intro to Web Science Harding University This work is licensed under a Creative Commons Attribution-NonCommercial- ShareAlike.
Marković Miljan 3139/2011

Marković Miljan 3139/2011
Data mining in wireless sensor networks based on artificial neural-networks algorithms Authors: Andrea Kulakov and Danco Davcev Presentation by: Niyati.

Data mining in wireless sensor networks based on artificial neural-networks algorithms Authors: Andrea Kulakov and Danco Davcev Presentation by: Niyati.
CRM114 TeamKNN and Hyperspace Spam Sorting1 Sorting Spam with K-Nearest Neighbor and Hyperspace Classifiers William Yerazunis 1 Fidelis Assis 2 Christian.

CRM114 TeamKNN and Hyperspace Spam Sorting1 Sorting Spam with K-Nearest Neighbor and Hyperspace Classifiers William Yerazunis 1 Fidelis Assis 2 Christian.
Neural Networks Chapter 9 Joost N. Kok Universiteit Leiden.

Neural Networks Chapter 9 Joost N. Kok Universiteit Leiden.
A Survey on Text Categorization with Machine Learning Chikayama lab. Dai Saito.

A Survey on Text Categorization with Machine Learning Chikayama lab. Dai Saito.
Presented by: Alex Misstear Spam Filtering An Artificial Intelligence Showcase.

Presented by: Alex Misstear Spam Filtering An Artificial Intelligence Showcase.
6/1/2015 Email Spam Filtering - Muthiyalu Jothir 1 Email Spam Filtering Computer Security Seminar N.Muthiyalu Jothir – 271120 Media Informatics.

6/1/2015 Spam Filtering - Muthiyalu Jothir 1 Spam Filtering Computer Security Seminar N.Muthiyalu Jothir – Media Informatics.
Search Engines and Information Retrieval

Search Engines and Information Retrieval
Introduction to Neural Networks John Paxton Montana State University Summer 2003.

Introduction to Neural Networks John Paxton Montana State University Summer 2003.
1 Abstract This study presents an analysis of two modified fuzzy ARTMAP neural networks. The modifications are first introduced mathematically. Then, the.

1 Abstract This study presents an analysis of two modified fuzzy ARTMAP neural networks. The modifications are first introduced mathematically. Then, the.
1 BotGraph: Large Scale Spamming Botnet Detection Yao Zhao EECS Department Northwestern University.

1 BotGraph: Large Scale Spamming Botnet Detection Yao Zhao EECS Department Northwestern University.
1 Spam Filtering Using Bayesian Approach Presented by: Nitin Kumar.

1 Spam Filtering Using Bayesian Approach Presented by: Nitin Kumar.
Data Mining.

Data Mining.
Document Classification Comparison Evangel Sarwar, Josh Woolever, Rebecca Zimmerman.

Document Classification Comparison Evangel Sarwar, Josh Woolever, Rebecca Zimmerman.
Bioinformatics Challenge  Learning in very high dimensions with very few samples  Acute leukemia dataset: 7129 # of gene vs. 72 samples  Colon cancer.

Bioinformatics Challenge  Learning in very high dimensions with very few samples  Acute leukemia dataset: 7129 # of gene vs. 72 samples  Colon cancer.
BotGraph: Large Scale Spamming Botnet Detection Yao Zhao Yinglian Xie *, Fang Yu *, Qifa Ke *, Yuan Yu *, Yan Chen and Eliot Gillum ‡ EECS Department,

BotGraph: Large Scale Spamming Botnet Detection Yao Zhao Yinglian Xie *, Fang Yu *, Qifa Ke *, Yuan Yu *, Yan Chen and Eliot Gillum ‡ EECS Department,
1 Authors: Anirudh Ramachandran, Nick Feamster, and Santosh Vempala Publication: ACM Conference on Computer and Communications Security 2007 Presenter:

1 Authors: Anirudh Ramachandran, Nick Feamster, and Santosh Vempala Publication: ACM Conference on Computer and Communications Security 2007 Presenter:

Similar presentations

Ads by Google