View
37
Download
0
Category
Tags:
Preview:
DESCRIPTION
P reventing D ata L eakage via E mail ADD Presentation. Academic Advisor: Dr. Yuval Elovici Technical Advisor : Polina Zilberman Team Members : Dmitry Kaganov Rostislav Pinski Eli Shtein Alexander Gorohovski Web site : http://www.cs.bgu.ac.il/~grorhovs/project/Main. - PowerPoint PPT Presentation
Citation preview
Academic Advisor: Dr. Yuval Elovici
Technical Advisor:Polina Zilberman
Team Members: Dmitry KaganovRostislav Pinski
Eli ShteinAlexander Gorohovski
Web site:http://www.cs.bgu.ac.il/~grorhovs/project/Main
Simple User
Send an e-mail
Check e-mail
validity
Add new user
Set systems’ configuration
sLog in to
the system as a system administrat
or
Remove existing
user
Administrator
E-mail client Exchange server
<<Exten
ds>>
<<Extends>>
<<Extends>>
<<Extends
>>
<<Extends
>>
<<
Extends
>>
Simple User
<<Extends
>>
Administrator
Update existing
user
Deal with e-mails marked by a question
mark
Log out from the
administrator mode
Mark e-mail as got / sent by mistake
Use Cases DiagramUse Cases Diagram
Update system’s
model
User
Outlook Plug-in
Server
Exchange server
Middle-ware
HostSystem core
Figure 1.1 – System architecture
Global ArchitectureGlobal Architecture
Same computer
Plug-in Middle-ware Server
Data base
Management ConsoleLog filesSystem Core
Figure 1.2 – System Core architecture
System ArchitectureSystem Architecture
Data Flow DiagramData Flow Diagram
E-mail to classify, e.g. query <s,r,c<
E-mail to .classify, e.g query <s,r,c<
Link's thresholdSimilarity score
Link's thresholdSimilarity score
Every two users that exchanged emails in the past define a link, and all emails exchanged between these two users are associated with the link.
The classification of an e-mail with content c sent from s to r is performed as follows: the e-mail is compared with the link defined by the users s and r. If the received similarity score is lower than the link's threshold similarity score, then sending the e-mail is considered a potential leak.
Purposed Solution – The Theoretical Purposed Solution – The Theoretical ModelModel
Link communication analysis Link communication analysis
Orange circles represent the emails taken into account when
classifying an email sent from Bob to Alice.
Assume Alice and Bob belong to a group that communicates topic T, and Bob sends an email with content T to Alice. Alice won't be considered a wrong recipient, even if Alice and Bob have never exchanged communication with content T before.
Group communication analysisGroup communication analysis
No
NoNo
Apparently, cascading the group-based and link-based classifiers will take advantage of the “strong” points of both classifiers, and eliminate their “weak” points.
Cascading the modelsCascading the models
Overview of User InterfaceOverview of User InterfaceSimple User InterfaceSimple User Interface
Overview of User InterfaceOverview of User InterfaceAdministrator InterfaceAdministrator Interface
Plug-In – Main ClassesPlug-In – Main Classes
““Middle Ware” – Main ClassesMiddle Ware” – Main Classes
Model + Server – Main ClassesModel + Server – Main Classes
Management Console– Main Classes– Main Classes
Data Base Information Data Base Information
Recommended