Academic Advisor: Dr. Yuval Elovici

Technical Advisor:Polina Zilberman

Team Members: Dmitry KaganovRostislav Pinski

Eli ShteinAlexander Gorohovski

Web site:http://www.cs.bgu.ac.il/~grorhovs/project/Main

Simple User

Send an e-mail

Check e-mail

validity

Add new user

Set systems’ configuration

sLog in to

the system as a system administrat

or

Remove existing

user

Administrator

E-mail client Exchange server

<<Exten

ds>>

<<Extends>>

<<Extends>>

<<Extends

>>

<<Extends

>>

<<

Extends

>>

Simple User

<<Extends

>>

Administrator

Update existing

user

Deal with e-mails marked by a question

mark

Log out from the

administrator mode

Mark e-mail as got / sent by mistake

Use Cases DiagramUse Cases Diagram

Update system’s

model

User

Outlook Plug-in

Server

Exchange server

Middle-ware

HostSystem core

Figure 1.1 – System architecture

Global ArchitectureGlobal Architecture

Same computer

Plug-in Middle-ware Server

Data base

Management ConsoleLog filesSystem Core

Figure 1.2 – System Core architecture

System ArchitectureSystem Architecture

Data Flow DiagramData Flow Diagram

E-mail to classify, e.g. query <s,r,c<

E-mail to .classify, e.g query <s,r,c<

Link's thresholdSimilarity score

Link's thresholdSimilarity score

Every two users that exchanged emails in the past define a link, and all emails exchanged between these two users are associated with the link.

The classification of an e-mail with content c sent from s to r is performed as follows: the e-mail is compared with the link defined by the users s and r. If the received similarity score is lower than the link's threshold similarity score, then sending the e-mail is considered a potential leak.

Purposed Solution – The Theoretical Purposed Solution – The Theoretical ModelModel

Link communication analysis Link communication analysis

Orange circles represent the emails taken into account when

classifying an email sent from Bob to Alice.

Assume Alice and Bob belong to a group that communicates topic T, and Bob sends an email with content T to Alice. Alice won't be considered a wrong recipient, even if Alice and Bob have never exchanged communication with content T before.

Group communication analysisGroup communication analysis

No

NoNo

Apparently, cascading the group-based and link-based classifiers will take advantage of the “strong” points of both classifiers, and eliminate their “weak” points.

Cascading the modelsCascading the models

Overview of User InterfaceOverview of User InterfaceSimple User InterfaceSimple User Interface

Overview of User InterfaceOverview of User InterfaceAdministrator InterfaceAdministrator Interface

Plug-In – Main ClassesPlug-In – Main Classes

““Middle Ware” – Main ClassesMiddle Ware” – Main Classes

Model + Server – Main ClassesModel + Server – Main Classes

Management Console– Main Classes– Main Classes

Data Base Information Data Base Information