Pedram Hayati

Evaluation of spam detection and prevention frameworks for email and image spam: a state of art

In recent years, online spam has become a major problem for the sustainability of the Internet. Excessive amounts of spam are not only reducing the quality of information available on the Internet but also creating concern amongst search engines and web users. This paper aims to analyse existing works in two different categories of spam domains - email spam and mage spam to gain a deeper understanding of this problem. Future reserch directions are also presented in these spam domains.

Toward spam 2.0: An evaluation of Web 2.0 anti-spam methods

Spammers have proven very powerfully adaptable, if we thwart all current spam methods, they will find new loophole to use them. Blogs, comments, forums, opinions, online communities, wikis and tags are nowadays targets for their campaigns. This paper presents analysis of current anti-spam methods in Web 2.0 for spam detection and prevention against our proposed evaluation framework. The framework is a comprehensive framework to evaluate anti-spam methods from different perspectives. Our framework shows that the need for more robust methods which are prevention based, unsupervised and do not increase user and system interaction complexity is highly demanded.

Web Spambot Detection Based on Web Navigation Behaviour

Web robots have been widely used for various beneficial and malicious activities. Web spambots are a type of web robot that spreads spam content throughout the web by typically targeting Web 2.0 applications. They are intelligently designed to replicate human behaviour in order to bypass system checks. Spam content not only wastes valuable resources but can also mislead users to unsolicited websites and award undeserved search engine rankings to spammers’ campaign websites. While most of the research in anti-spam filtering focuses on the identification of spam content on the web, only a few have investigated the origin of spam content, hence identification and detection of web spambots still remains an open area of research. In this paper, we describe an automated supervised machine learning solution which utilises web navigation behaviour to detect web spambots. We propose a new feature set (referred to as an action set) as a representation of user behaviour to differentiate web spambots from human users. Our experimental results show that our solution achieves a 96.24% accuracy in classifying web spambots.

HoneySpam 2.0: Profiling Web Spambot Behaviour

Internet bots have been widely used for various beneficial and malicious activities on the web. In this paper we provide new insights into a new kind of bot termed as web spambot which is primarily used for spreading spam content on the web. To gain insights into web spambots, we developed a tool (HoneySpam 2.0) to track their behaviour. This paper presents two main contributions, firstly it describes the design of HoneySpam 2.0 and secondly we outline the experimental results that characterise web spambot behaviour. By profiling web spambots, we provide the foundation for identifying such bots and preventing and filtering web spam content.

Definition of spam 2.0: New spamming boom

The most widely recognized form of spam is e-mail spam, however the term “spam” is used to describe similar abuses in other media and mediums. Spam 2.0 (or Web 2.0 Spam) is refereed to as spam content that is hosted on online Web 2.0 applications. In this paper: we provide a definition of Spam 2.0, identify and explain different entities within Spam 2.0, discuss new difficulties associated with Spam 2.0, outline its significance, and list possible countermeasure. The aim of this paper is to provide the reader with a complete understanding of this new form of spamming.

Behaviour-Based web spambot detection by utilising action time and action frequency

Web spam is an escalating problem that wastes valuable resources, misleads people and can manipulate search engines in achieving undeserved search rankings to promote spam content. Spammers have extensively used Web robots to distribute spam content within Web 2.0 platforms. We referred to these web robots as spambots that are capable of performing human tasks such as registering user accounts as well as browsing and posting content. Conventional content-based and link-based techniques are not effective in detecting and preventing web spambots as their focus is on spam content identification rather than spambot detection. We extend our previous research by proposing two action-based features sets known as action time and action frequency for spambot detection. We evaluate our new framework against a real dataset containing spambots and human users and achieve an average classification accuracy of 94.70%.

Assessing post usage for measuring the quality of forum posts

It has become difficult to discover quality content within forums websites due to the increasing amount of User Generated Content (UGC) on the Web. Many existing websites have relied on their users to explicitly rate content quality. The main problem with this approach is that the majority of content often receives insufficient rating. Current automated content rating solutions have evaluated linguistic features of UGC but are less effective for different types of online communities. We propose a novel approach that assesses post usage to measure the quality of forum posts. Post usage can be viewed as implicit user ratings derived from their usage behaviour. The proposed model is validated against an operational forum using Matthews Correlation Coefficient to measure performance. Our model serves as a basis of exploring content usage to measure content quality in forums and other Web 2.0 platforms.

Spammer and hacker, two old friends

Spammers are always looking for new ways to bypass filters and spread spam content. Currently, spammers have not only improved their spam methods but have also moved towards exploiting software security vulnerabilities in order to spread their spam content. Spammers use weaknesses inside web applications to inject their spam content into legitimate websites, redirect users to their own campaign, misuse web users resources, and hide their footprints. In this paper, we investigate security vulnerabilities that are exploited by spammers. We explain these security vulnerabilities, list their importance and provide a scenario of how spammers can exploit them. Additionally, we discuss two possible solutions to counter problems by patching and secure software development. The result of our work highlights importance of concerning security best-practices in developing secure software which lack of that would result to demotion of website popularity, blacklisting of website and lose of users’ trust.

Modeling Input Validation in UML

Security is an integral part of most software systems but it is not considered as an explicit part in the development process yet. Input validation is the most critical part of software security that is not covered in the design phase of software development life-cycle resulting in many security vulnerabilities. Our objective is to extend UML to new integrated framework for model driven security engineering leading to ideal way to design more secure software. Input validation in UML has not been addressed previously, hence we incorporate input validation into UML diagrams such as use case, class, sequence and activity. This approach has some advantages such as preventing from common input tampering attacks, having both security and convenience in software at high level of abstraction and ability of solving the problem of weak security background for developers.

Spam 2.0: the problem ahead

Webspam is one of the most challenging problems faced by major search engines in the social computing arena. Spammers exploit weaknesses of major search engine algorithms to get their website in the top 10 search results, which results in higher traffic and increased revenue. The development of web applications where users can contribute content has also increased spam, since many web applications like blogging tools, CMS etc are vulnerable to spam. Spammers have developed targeted bots that can create accounts on such applications, add content and even leave comments automatically. In this paper we introduce the field of webspam, what it refers to, how spambots are designed and propagated, why webspam is becoming a big problem. We then experiment to show how spambots can be identified without using CAPTCHA. We aim to increase the general understanding of the webspam problem which will assist web developers, software engineers and web engineers.