Wednesday, November 08, 2006
new blog about content filtering
I had opened a new blog about content filtering. Now it is in Russian. You can found it here.
Tuesday, November 07, 2006
stopping the image spam
Tumbleweed had announced yesterday a new technology to fight the spam, that going as an image. They call this technology "Adaptive Image Filtering", and use combination of wavelet transformation with fuzzy matching.
This is looks interesting, but i need to test this technology to say about results
This is looks interesting, but i need to test this technology to say about results
Monday, October 09, 2006
web-filtering in web 2.0 env
Introduction of Web 2.0 technologies - Ajax, etc. is headache for developers of Web-filtering products. Information in such web applications smeared between different connections, and sometimes, we can't analyze data properly.
Now i think about developing a new mechanisms for filtering of this applications (many of them are web-mail, chats, etc., that could lead to information leakage). Currently i hold in head blured image of possible approach, but still doesn't have a clear idea.
Now i think about developing a new mechanisms for filtering of this applications (many of them are web-mail, chats, etc., that could lead to information leakage). Currently i hold in head blured image of possible approach, but still doesn't have a clear idea.
Wednesday, September 27, 2006
information interception
last time, many russian customers (and also customers from other countries) ask us about solutions to intercept internet traffic (web, mail, im, voip). Some of them also want to use this system together with usual phones interception systems.
As i know, in Russia exists some systems, that implement this in some way. But no one do interception of all types of traffic. And we, also trying to play in this game - we has several approaches to this, all based on out MailBoss product, combined with different sniffers and dissectors for various protocols, that produce mail like messages and send them into MailBoss, that do text & datatype detection, and process it with different filtering rules.
But interception of full traffic, has different disadvantages - we need to store anormal amount in information, and we can't use usual relational database to do this. So, currently i thinking about implementing something like data storage, used by web search systems.
As i know, in Russia exists some systems, that implement this in some way. But no one do interception of all types of traffic. And we, also trying to play in this game - we has several approaches to this, all based on out MailBoss product, combined with different sniffers and dissectors for various protocols, that produce mail like messages and send them into MailBoss, that do text & datatype detection, and process it with different filtering rules.
But interception of full traffic, has different disadvantages - we need to store anormal amount in information, and we can't use usual relational database to do this. So, currently i thinking about implementing something like data storage, used by web search systems.
Tuesday, September 19, 2006
Content filtering vendors consolidation?
Looking back to the summer's time, i think that security products vendors are started big consolidation process. What we'll have from this process - improved products, that cover all aspects of content-filtering and security, or not? Or they just to trying increase their market share?
I hope, that they go first way, not second ;-)
But i also hope, that not only market share will main decision for customers, and also will select products by they functionality
I hope, that they go first way, not second ;-)
But i also hope, that not only market share will main decision for customers, and also will select products by they functionality
WebBoss again
We had started development of a new version of our WebBoss (aka SKVT) software. In this version we'll provide following features:
- conditions on HTTP commands, quota's and much more ;-)
- integration with ISS & NetStar URL databases
- authentification of users by IP & MAC addresses
- storing POST's data in database archive
- replace objects with given data
- new web-based interface with heavy use of Ajax
We has too little time to implement this (until the end of the year), but we'll do this!
- conditions on HTTP commands, quota's and much more ;-)
- integration with ISS & NetStar URL databases
- authentification of users by IP & MAC addresses
- storing POST's data in database archive
- replace objects with given data
- new web-based interface with heavy use of Ajax
We has too little time to implement this (until the end of the year), but we'll do this!
Thursday, August 24, 2006
IBM acquires ISS!
Got news that IBM buys Internet Security Systems - this is very big strike to the another computer security companies. With IBM's channels ISS will move their products to more number of customers
Wednesday, August 23, 2006
content filtering of IM
Alladin had developed a new function for their eSafe product - control of IM file transfer. This is very handy feature for companies, who are using IM for their work
DansGuardian. Code quality in open source projects
Today i had look again to the dansguardian code, and had found, that they still converted upper/lowercase with arifmetics operation - they doesn't use locale information, provided by using standard tolower/toupper functions. This wonder me, as i sent my patcht to fix this about 2 years ago, when i planned to use DG in some of open source projects.
As i know - both DG developers working in SmoothWall, and if they programm CorporateGuardian in style of DansGuardian, i wonder how it works!
As i know - both DG developers working in SmoothWall, and if they programm CorporateGuardian in style of DansGuardian, i wonder how it works!
Thursday, August 17, 2006
New version of MailBoss
We had released new version of our mail-filtering software released. Official press release is available here. The fourth version of MailBoss is available at ftp://ftp.jet.msk.su/pub/dozor/dozor-4.0/
Now we have only russian documentation, but in few days we'll released an english version of documentation
Now we have only russian documentation, but in few days we'll released an english version of documentation
Friday, July 28, 2006
ahhh, another acquision
In start of July SonicWall had acquered MailFrontier company with their e-mail security products
continue to read google alerts
found an article, in that says, that content-filtering products must make real-time analysis, and don't use pre-defined URL databases. We always use real-time analysis in our products (first product was offered to customers 6 years ago).
There are many approaches to the real-time analysis. Some of them use statistical approach, some of them use genetic analysis technics. Statistical techniques are simple to implement, but powerfull, while genetic is more precise, but harder to implement.
There are many approaches to the real-time analysis. Some of them use statistical approach, some of them use genetic analysis technics. Statistical techniques are simple to implement, but powerfull, while genetic is more precise, but harder to implement.
another acquision
Had found other news about acquision in security market - SurfControl had buyed BlackSpider -- provider of managed security services.
Interesting news, but who will next? How many companies will acquered by market leaders?
Interesting news, but who will next? How many companies will acquered by market leaders?
acquisions in security market
Only today, i had found news, that Secure Computing acquired CipherTrust. This acquision will bring Secure Computing to the higher level of secure information management. Secure Computing had acquired Cyberguard about year ago, with it good web-filtering products. And now, Secure Computing got good mail-filtering products.
I'll need to evaluate their products in near future, to see how they compose together products from different vendors
I'll need to evaluate their products in near future, to see how they compose together products from different vendors
Wednesday, July 19, 2006
new version of WebBoss almost ready
I'm pleased to announce, that we almost ready to release a new minor version of our web-filtering product WebBoss. In new version we had increase speed of data processing and robustness of system
Monday, July 17, 2006
URL's categorisation
Currently our company is on finish line in process of agreement on inclusion of ISS (Cobion) URL database in our web-filtering product. ISS provide good coverage of Internet, working in many languages. One problem is - we need to integrate ISS's categories into our category list.
There are no standard categories, that will be supported by all URL's categories vendors, so i need to map ISS categories into our categories. And there are many such things.
In near future i'll integrate URL list from another vendor, and also will write mapping between their and our categories.
There are no standard categories, that will be supported by all URL's categories vendors, so i need to map ISS categories into our categories. And there are many such things.
In near future i'll integrate URL list from another vendor, and also will write mapping between their and our categories.
Tuesday, June 27, 2006
Long time ago, when i discussed with Kaspersky's staff usage of Bayesian approach to catch spam, they spoke that it's inappropriate to use, and "one good thing to use" = usage of external spam databases.
But in last version of Kaspersky Internet Security, they announced, that they use new technology to spam catching - based on the Bayesian approach ;-)
But in last version of Kaspersky Internet Security, they announced, that they use new technology to spam catching - based on the Bayesian approach ;-)
Monday, June 26, 2006
web filtering with ICAP
Some time ago i had evaluated possibility of ICAP-server implementation in our Web filtering product. It's good idea to split into the communication & filtering parts, but there are some things, that does not allow to effectively implement ICAP-based solutions:
- ICAP-client must be smart enougth to make some content filtering tasks before forwarding to ICAP-server, file type detection, for example
- Sometimes, during filtering, filtering engine must have more information, that does not provided by ICAP-client
- To provide URL-filtering service, connection to ICAP-server is overhead
Friday, June 23, 2006
Content security for Kids in Australia
Goverment of Australia wants to provide free content-filtering products for home computers, to provide filtering of content for kids (pornography-blocking). This news comes from News.com.
Some ISP's can provide such content filtering as a service.
Currently we also has negotiations with one biggest russian telecommunications provider, to offer content-filtering as a service for schools, companies & goverment organisations
Some ISP's can provide such content filtering as a service.
Currently we also has negotiations with one biggest russian telecommunications provider, to offer content-filtering as a service for schools, companies & goverment organisations
Monday, June 19, 2006
forget to introduce myself
I forgot to introduce myself after creating this blog.
I'm working in the branch of content filtering and computer security for a 5 years. Currently i hold position of Head of software development department, that develop and supports 2 content filtering products - MailBoss (mail filtering) and WebBoss (web protocols filtering).
We make research in branches, tightly coupled with content filtering, such as - data format detection, language and encoding detection for the text fragments, information categorisation.
So, i hope, that my blog will interesting for you! Until the next post ;-)
I'm working in the branch of content filtering and computer security for a 5 years. Currently i hold position of Head of software development department, that develop and supports 2 content filtering products - MailBoss (mail filtering) and WebBoss (web protocols filtering).
We make research in branches, tightly coupled with content filtering, such as - data format detection, language and encoding detection for the text fragments, information categorisation.
So, i hope, that my blog will interesting for you! Until the next post ;-)
Friday, June 16, 2006
voip filtering
Currently we looks for solutions for VoIP detection, capturing and analyse. We had found open sourced Oreka, which can detect and capture VoIP stream. But main task - how we can analyse voice, extract phrases from it, and get normal text to analyse?
Voice (also as image) recognition is interesting theme, but we need to have there are many ressources to model and implement this task.
Is anybody knows solutions for voice recognition?
Voice (also as image) recognition is interesting theme, but we need to have there are many ressources to model and implement this task.
Is anybody knows solutions for voice recognition?
about text filtering
There are several approaches to the text filtering:
- searching of concrete words in text files - it is very simple to implement, and quick for processor;
- searching for regexps - also simple, when using external libraries, but more slow than simple text search;
- there is also another approach to the getting text category - using combination of words with weights. Using positive and negative weights values, we can select data, that match given category. This method is harder to implement, but it still simple. But, exist one problem - how to calculate weights for given words? Manual update of weights and words is hard problem, so it method is not good for use;
- another approach to the getting text category is in using something like Bayesian statistical text classification - we can use automatic text analyzing tools, by comparing texts in several categories and extracting needed information - words, weights, etc. This methid is slower, than others, but it provide good results, together with automatical informatiion extraction.
In our products we use some of these methods to classify texts - users can select which method to use, depending on tasks, that they want to do.
- searching of concrete words in text files - it is very simple to implement, and quick for processor;
- searching for regexps - also simple, when using external libraries, but more slow than simple text search;
- there is also another approach to the getting text category - using combination of words with weights. Using positive and negative weights values, we can select data, that match given category. This method is harder to implement, but it still simple. But, exist one problem - how to calculate weights for given words? Manual update of weights and words is hard problem, so it method is not good for use;
- another approach to the getting text category is in using something like Bayesian statistical text classification - we can use automatic text analyzing tools, by comparing texts in several categories and extracting needed information - words, weights, etc. This methid is slower, than others, but it provide good results, together with automatical informatiion extraction.
In our products we use some of these methods to classify texts - users can select which method to use, depending on tasks, that they want to do.
Tuesday, June 13, 2006
about this blog
I had posted different things about content filtering in my personal blog, but now i decide to move all content-filtering related things in dedicated blog.
So, i pleased to present you new blog about content-filtering techniques. I'll write about content filtering of e-mail, web, etc. About technical and moral aspects of this. I'll try to make posts frequently.
You're welcome!
So, i pleased to present you new blog about content-filtering techniques. I'll write about content filtering of e-mail, web, etc. About technical and moral aspects of this. I'll try to make posts frequently.
You're welcome!
Subscribe to:
Posts (Atom)