Conference PaperPDF Available

Active e-mail system SMTP protocol monitoring algorithm

  • November 2009
DOI:10.1109/ICBNMT.2009.5348490
  • Conference: Broadband Network & Multimedia Technology, 2009. IC-BNMT '09. 2nd IEEE International Conference on
Authors:
Sureswaran Ramadass at Universiti Sains Malaysia
Sureswaran Ramadass
Hussein Al Bazar at Arab Open University - Saudi Arabia
Hussein Al Bazar
Omar Amer Abouabdalla at Limkokwing University of Creative Technology
Omar Amer Abouabdalla
Ahmad Manasrah at Yarmouk University
Ahmad Manasrah
Show all 5 authorsHide
Download full-text PDF
Read full-text
Download citation

Abstract and Figures

E-mail system is one of the most ubiquitous Internet-based applications today. It enables users to send and receive e-mail messages among each other within and from outside of the local area network. E-mail system is used every day in almost all organizations as a communication tool between managers, employees, customers, and partners for better information flow and conduct business which requires communication with people outside the organization, or from different geographical locations. The e-mail system offers a fast, reliable and easy solution for such communication. SMTP (simple mail transfer protocol) is a transportation protocol used to transfer e-mail messages over the Internet. All e-mail servers use the SMTP to send e-mails from one e-mail server to another. SMTP is also used to send e-mail messages from e-mail clients to e-mail servers. In this paper, the SMTP e-mail system protocol will be briefly explained. New active monitoring algorithm architecture is also proposed to improve the current e-mail system protocol functions and detect the SMTP protocol failure during the process of sending e-mail messages.
Figures - uploaded by Omar Amer Abouabdalla
Author content
All figure content in this area was uploaded by Omar Amer Abouabdalla
Content may be subject to copyright.
Content uploaded by Omar Amer Abouabdalla
Author content
All content in this area was uploaded by Omar Amer Abouabdalla
Content may be subject to copyright.
Proceedings of IC-BNMT2009
ACTIVE E-MAIL SYSTEM SMTP PROTOCOL
MONITORING ALGORITHM
R. Sureswaran, Hussein Al Bazar, O. Abouabdalla,
Ahmad M.Manasrah, Homam El-Taj
National Advanced IPv6 Centre (NAv6)
Universiti Sains Malaysia
Penang, Malaysia.
{sures, hussein,omar,ahmad,homam}@nav6.org
Abstract
E-mail system is one of the most ubiquitous
Internet-based applications today. It enables users
to send and receive E-mail messages among each
other within and from outside of the local area
network. E-mail system is used every day in almost
all organizations as a communication tool between
managers, employees, customers, and partners for
better information flow and conduct business which
requires communication with people outside the
organization, or from different geographical
locations. The E-mail system offers a fast, reliable
and easy solution for such communication. SMTP
(Simple Mail Transfer Protocol) is a transportation
protocol used to transfer E-mail messages over the
Internet. All E-mail servers use the SMTP to send
E-mails from one E-mail server to another. SMTP
is also used to send E-mail messages from E-mail
clients to E-mail servers. In this paper, the SMTP
E-mail system protocol will be briefly explained.
New Active monitoring algorithm architecture is
also proposed to improve the current E-mail system
protocol functions and detect the SMTP protocol
failure during the process of sending E-mail
messages.
Keywords: E-mail server, SMTP, Active
monitoring.
1 Introduction
E-mail system has many protocols, each of which
has a specific function to accomplish the process of
sending or receiving an E-mail message. The
commonly used E-mail system protocols are SMTP
protocol for sending E-mail messages and POP3 or
IMAP4 protocol for retrieving E-mail messages. E-
mail system consists of two important components
which are E-mail client and E-mail server. The E-
mail client has software that is responsible of
providing user interface view to the E-mail system,
manage E-mail messages’ functions such as
compose, send, receive and read E-mail messages.
This software is named Mail User Agent (MUA).
Users use MUA such as Outlook Express, Pine,
Eudora and Mozilla to compose their E-mail
messages, specify the sender’s and recipient’s E-
mail addresses and send the E-mail messages to the
E-mail server. MUA which is in the SMTP client
side is used to communicate between the client and
the local E-mail server without having connection
to the Internet [8,9]. Once the TCP connection is
created between the E-mail client and E-mail server,
the E-mail message is sent to the sender’s E-mail
server using the SMTP protocol. Using the same
protocol, the E-mail server sends the E-mail
message to another E-mail server or directly to the
recipients’ E-mail server using the E-mail gateway
[3]. The SMTP protocol is a client/server procedure
which starts when the client in the local network
wants to send an E-mail message to an address
outside the local network using the local E-mail
server, or when an E-mail messages is transferred
among the hosts in the same network. This
procedure commences by establishing a TCP
connection between the E-mail client and E-mail
server on port 25. Then, it performs a set of
commands dialogue till the E-mail message is
transferred to the sender’s E-mail server and quits
the communication with the E- mail server when
the client does not have any other new messages to
be sent [1,2,3].
Active network monitoring technique is one of the
network monitoring techniques that works by
sending packets from the monitoring agent to the
server or application to measure the network
performance and detect the network protocols’
failures. In this technique, sending a small number
of packets on the network traffic can be used to
acquire the required information. On the other hand,
sending a large number of packets on the network
traffic sometimes leads to the creation of extra load
on the network traffic. The active technique gives
accurate information about the services on the
network [4,5].
This paper is organized as follows: In the next
section, the E-mail system sending protocol
procedure is reviewed; Section III explains the

___________________________________
978-1-4244-4591-2/09/$25.00 ©2009 IEEE
Authorized licensed use limited to: Vimal Jyothi Engineering College. Downloaded on August 16,2010 at 08:46:58 UTC from IEEE Xplore. Restrictions apply.
proposed active SMTP protocol monitoring
algorithms. In section IV the proposed monitoring
algorithm is implemented in real-working
environment. Finally the conclusion is presented.
2 E-mail system protocols procedures
In this section, the client/server commands dialogue
of the SMTP protocol procedure and the set of
commands used to access the sending or retrieving
session are explained in brief.
SMTP is an E-mail system transferring protocol,
which is responsible for delivering the E-mail
messages from the sender to the recipient. SMTP
protocol is a client/server procedure, where the
client establishes two-way transmission channel
with the local E-mail server, followed by
performing client specific commands and finally
transfers the E-mail message to the local E-mail
server. Once the E-mail server receives the client’s
E-mail message, it takes responsible for delivering
the E-mail message to the recipient’s E-mail server.
This is performed by starting the routing process of
the E-mail message over the Internet network till
the sender’s E-mail message is delivered to the
recipient's E-mail server.
DNS system and TCP protocol are used in the
sending procedure, where DNS is used to lookup
for the domain name belonging to the recipient’s
address. Then, the domain name is resolved to an IP
address and it is used to map the E-mail message
from the sender’s E-mail server to the recipient’s E-
mail server. The client has to establish TCP
connection on port 25 with the E-mail server before
sending the E-mail message. It uses this connection
to process the operation of transferring the E-mail
message data. The processes of establishing
connection, transferring E-mail message data and
terminating the connection are the main procedures
of SMTP. However, the SMTP client/server
procedures start when the client in the local
network wants to send an E-mail message to an
address outside the local network using the local E-
mail server, or when the E-mail message is
transferred among the hosts in the same network
SMTP procedure starts at the client’s side. The
procedure starts with the client using DNS to
lookup if the address of the E-mail server is known.
This is followed by establishing a new TCP
connection using the standard three-way handshake
between the client and the E-mail server on port 25.
This connection is used to transfer the control
commands and E-mail message data to the SMTP
E-mail server. Once the TCP connection is
established; a greeting 220 reply codes will be sent
from the E-mail server to the client. This greeting
message is used to identify the domain name of the
server, version of SMTP E-mail server software
and some additional information. The sender cannot
send any command to the E-mail server until the
greeting message is received. Once the client
receives the server’s greeting, an acknowledgment
will be sent back to the server by sending using
HELO or EHLO commands. This greeting message
contains the client's identity and E-mail server
confirms back using 250 (OK) reply codes.. After
that, the E-mail client performs MAIL, RCPT,
DATA and QUIT commands to accomplish the
sending procedure. Figure 1 shows the illustration
of the SMTP client/server procedure.
Figure 1. SMTP Client/Server Procedure.
In this section, not all the commands dialogue
protocol procedure which is performed after the
access request and the E-mail server’s greeting
received at the client side are explained in detail.
For full explanation of SMTP protocol, refer to the
RFCs references [1].
3 Proposed monitoring algorithm
In this section an active monitoring algorithm to
monitor the E-mail system SMTP protocol is
proposed. The main idea that came from the active
technique is to monitor the services availability and
protocol functionality by using the services itself.
Thus, the SMTP protocol is monitored and tested
by the protocol itself.
As mentioned in section II, the procedure of SMTP
protocol starts by creating a TCP connection
session on port 25, followed by starting the
commands dialogue procedure between the E-mail
client and E-mail server to achieve the sending
process of the E-mail messages. This monitoring
algorithm tests two major parts of the SMTP
protocol on the subject of the SMTP procedure. The

Authorized licensed use limited to: Vimal Jyothi Engineering College. Downloaded on August 16,2010 at 08:46:58 UTC from IEEE Xplore. Restrictions apply.
first part tests the E-mail server’s ability to accept
an incoming TCP connection establishment request
from the E-mail clients to the E-mail server on port
25, starting with the handshake procedure and
establish connection between the E-mail client and
E-mail server on that port. The second part of this
monitoring algorithm is testing the E-mail server’s
ability to start the SMTP commands dialogue
procedure with the E-mail client and respond
correctly without any error response.
This monitoring algorithm starts by generating
SMTP request session from the monitoring agent to
the Email server on port 25, requesting the E-mail
server to establish TCP connection on that port. The
monitoring agent monitors the E-mail server’s
response. In normal cases, this response contains an
acknowledgment from the E-mail server which is
the 220 reply codes. This response indicates that the
E-mail server is ready to receive E-mail message
from the E-mail client and sends it to the specific
destination address. If the E-mail server fails to
send the 220 reply codes or send an error response,
then the monitoring agent will generate a warning
message to the network administrator which
indicates that the TCP connection on port 25 among
the E-mail server is unavailable. Otherwise, the
monitoring agent will continue to execute this
monitoring algorithm and start testing the second
case of this algorithm.
Once the TCP connection is created on port 25, the
second part of this algorithm can be achieved by
generating the HELO or EHLO command from the
monitoring agent to the E-mail server and monitors
the E-mail server’s response. In normal cases, this
response contains an acknowledgment from the E-
mail server which is the 250 OK reply codes. This
response indicates that the E-mail server is ready to
receive the E-mail message information and
continue the commands dialogue session. If the E-
mail server fails to send the 250 OK reply codes or
send an error response, then the monitoring agent
will generate a warning message to the network
administrator indicating that the SMTP protocol has
a problem.
The error response from the E-mail server for the
HELO or EHLO command is also sent with the
warning message. Otherwise; the monitoring
system generates the QUIT command and the E-
mail server terminates the TCP connection and
sends 221 OK reply codes to the monitoring agent.
The time required to accomplish this monitoring
algorithm test is calculated and stored in the
monitoring system database. Algorithm 1:
describes the SMTP protocol monitoring algorithm.
Algorithm1: SMTP Protocol Monitoring.
Inputs: SMTP Request Session, SMTP
Commands.
Output: SMTP Protocol Status.
Method:
Start
1- Generate SMTP session request from the
monitoring agent to the SMTP port 25.
2- monitor the E-mail server respond where:
- If the E-mail server responds using 220 reply
code, then go to step number 3.
- If the E-mail server responds using Error reply
code, then generate a warning message to inform
about the TCP connection problem on port 25.
3- Generate HELO/EHLO command from the
monitoring agent to the E-mail server.
4- Monitor the E-mail server respond where:
- If the E-mail server responds using 250 reply
code, then go to step number 5.
- If the E-mail server responds using Error reply
code, then generate a warning message to inform
about the SMTP protocol problem.
5- Generate QUIT command to close the SMTP
protocol session on port 25.
6- Calculate the time, which is required for the
TCP connection establishment, send the
commands, receive the responds and store it in
the monitoring system database.
End
4 Monitoring and results
In this section, the real-working environment
monitoring results for the proposed E-mail system
protocols monitoring algorithms are presented.
Plug-in JAVA software is developed to monitor one
of the E-mail servers in the National Advanced
IPv6 Center (NAv6). Every 15 seconds the
monitoring protocols algorithm is executed
automatically in order to calculate the E-mail
server’s respond time in the form of milliseconds,
generate protocol chart behavior of the SMTP
protocol and select the minimum E-mail server
respond time, maximum E-mail server respond time,
as well as the average E-mail server respond time.
Moreover, the proposed monitoring results are
obtained from 12 hours of continues monitoring,
starting from 10:00AM, and stopped at 10:00PM.
For the SMTP protocol, the minimum respond time
for an E-mail server to accomplish the process of
creating TCP connection session, receive E-mail
server greeting message, send HELO command,
and terminate the connection is 16 MS. On the
other hand, the maximum E-mail server’s respond
time is 828 MS. During the test period, some
anomalous results were met which are more than 10
seconds per test. In the test, the anomalous results
are ignored, and the average response time for 12
hours monitoring of 2880 active tests is calculated,

Authorized licensed use limited to: Vimal Jyothi Engineering College. Downloaded on August 16,2010 at 08:46:58 UTC from IEEE Xplore. Restrictions apply.
which is 50 MS. The monitoring algorithm did not
detect any protocol failure during the monitoring
time, whereas in other monitoring the proposed
algorithm improved its efficiency, and accuracy in
detecting all the E-mail system protocol error
respond, delay respond, and failures to accomplish
the monitoring design. To accomplish the
monitoring processes, the E-mail server’s respond
time on port 25 is ranged between 16 to 900 MS,
where in some cases there are abnormal behaviors
which are due to E-mail server load or delay
problems. Figure 2 depicts the 12 hours SMTP
protocol monitoring behavior.
Figure 2. SMTP protocol monitoring behavior.
This monitoring algorithm is able to detect any
problem that occurs during the monitoring period.
The problem can be in the TCP establishing
procedure, where the connection on port 25 is not
available. In this case the E-mail server sends back
an error message, for example, “Could not connect
to the SMTP server name”. The commands
dialogue procedure and the responds from the E-
mail server’s end can be monitored and detect any
problem in the protocol if there’s any. Table1
describes the possible E-mail server responds for
each command in this monitoring algorithm.
Table 1 SMTP E-mail server replies.
Command Reply Description
Connect TCP 220 Service ready
421 Service not available
HELO/EHLO 250 Requested action okay
500 Command unrecognized
501 Syntax error
504 Command parameter not
implemented
521 Does not accept mail
421 Service not available
550 Not implemented
QUIT 221 Service closing
transmission channel
500 Command unrecognized
5 Conclusion
E-mail system uses the transaction protocols to
send and retrieve E-mail messages over the local
network and Internet networks. This paper
proposed an active E-mail system SMTP protocol
monitoring algorithm using the active monitoring
technique, to provide more efficient tools which are
able to monitor the E-mail system protocol in real-
working environment and detect any problems
related to the SMTP protocol. The paper also tested
out the proposed algorithms and presented the
output of the experiments on that algorithm.
References
[1] J. Klensin, “Simple Mail Transfer Protocol”,
RFC 2821, April 2001.
[2] M. H. Haggag "ENHANCED DELIVERY
THROUGH A SMART SMTP CLIENT".
The International Journal on Intelligent
Cooperative Information, VOL. 4, NO. 1,
January 2004.
[3] P. Tzerefos, C. Smythe, I. Stergiou, and S.
Cvetkovic, “A Comparative Study of Simple
Mail Transfer Protocol (SMTP), Post Office
Protocol (POP) and X.400 Electronic Mail
Protocols”, Proceedings of the IEEE 1997
22nd Conference on Local Computer
Networks - LCN, pp 545-554, 199.
[4] G. Bartlett, J. Heidemann, C. Papadopoulos,
“Understanding Passive and Active Service
Discovery”, 7th ACM SIGCOMM conference
of Internet Measurement Conference. VOL 7,
2007.
[5] MOHYUDDIN, A. & DOWLAND, P. S.
(2007) The Art of Network Monitoring
Advances in Network & Communication
Engineering 4. University of Plymouth UK.
[6] Giencke, P. (1995). The future of email or
when will Grandma be on the net? Paper
presented at the Electro/95 International.
Professional Program Proceedings.
[7] ROMAN, H. T. (2007) You’ve Got Mail!
Understanding How E-mails Works. Tech
Directions, 66, 2.
[8] Halsall, F. (2005). Computer Networking and
the Internet (Fifth ed.): Addison-Wesley.
[9] Lam, H.-y. (2007). A Learning Approach to
SPAM Detection Based on Social Network.
The Hong Kong University of Science and
Technology, Hong Kong.

Authorized licensed use limited to: Vimal Jyothi Engineering College. Downloaded on August 16,2010 at 08:46:58 UTC from IEEE Xplore. Restrictions apply.
... [9] reported in her publication about the history and origin of mushroom cultivation, overall production rate in our country, nutritional value, success stories of mushroom cultivation in various states of India. [10][11][12] reported about use of ESP32 Cam module for machine learning, visual inspections in the field of IOT. ...
... To monitor Milky Mushroom farm from large distance the owner needs to access all the hardware data regarding the farm environment in his personal device from distance, Internet of things extends the wireless connectivity of hardware with software from large distance, [4] which enables the communication between hardware and software to exchange information through internet, Milky Mushroom monitoring system uses the principles of Internet of Things, where sensors in the farm is connected to server where the sensor data is processed and sent to the owner through user interface, [11] this enables owner to read the sensor values displaying temperature, humidity, soil moisture level, air quality and light intensity of the Mily Mushroom farm from his place at any time. The owner also has direct access to supply resources like water and pesticides to the milky mushrooms whenever required, this is possible just by clicking a single button on his personal device like laptop or phone. ...
... [3] It is pictorially represented in Fig.5. 1. Creating web server to display temperature, humidity, soil moisture level, air quality, and control the pump activities of the Milky Mushroom farm. [11] 2. To send mail alert to the client/owner of the farm whenever any unusual rodent motion is being detected. [10] 3. Enabling visual inspection of the farm through video streaming [12] ...
Automation of milky mushroom cultivation and its prospects
Conference Paper
  • Dec 2022
Milky Mushrooms are tactful towards their growth environment, The parameters required for creating a healthy growth environment for cultivation of milky mushrooms mainly involve Temperature, Humidity, Soil moisture, Lower light intensity, good air quality. Over the time mushroom production has been affected severely even after keeping track of the mushroom farm by manual inspection throughout days, the owners of the milky mushroom farm still face sudden risk as they fail to identify the drastic change in temperature, humidity, soil moisture level, light intensity, Carbon di oxide level or air quality level, unable to supply the required resources at appropriate time, threat of rodents, unfortunately due to the misunderstandings and assumptions the manual inspections has failed multiple times as the manual inspection isn't consistent nor accurate. In this project, we try to find the convenient solution that could help the Milky Mushroom cultivators by reducing the risk of loss and also simplifies the hard challenges faced due to the need of regular farm visit, this project is the study and design of a monitoring system that has an ability to measure accurate temperature, humidity, soil moisture level, light intensity, air quality and facilitating the supply of resources like water and pesticide at accurate time, also takes care of the farm safety by rodent inspection from large distance. Taking the help of Internet of Things in monitoring the Milky mushroom makes things better and easier by achieving the most suitable environment for Milky mushroom cultivation at appropriate time and this can increase the yield at minimal cost and less efforts.
... After receiving the client's email message, the email server is in charge of sending the message to the recipient's email server. This is accomplished by starting the email message routing procedure through the Internet network and continuing until the sender's email message is delivered to the recipient's email server [6]. ...
Fatigue Detection System Based on Heart Rate and Eye Blink Equipped with Email and Buzzers Alerts to Increase Health Workers Productivity
Experiment Findings
Full-text available
  • Apr 2022
During COVID-19 pandemic, health workers have a crucial role in promotion, prevention, communication, and education to the public. Fatigue of health worker due to limited resources affect productivity and quality of health services. Fatigue detection system is developed to prevent excessive fatigue based on heart rate and eye blink. For heart rate based fatigue detection system, a heart rate sensor sends a signal to Arduino, which is programmed to classify the signal as normal heart rate or not. For eye blink based fatigue detection system , Raspberry Pi is launched to performs face detection with a camera, in order to calculate eye aspect ratio in real time. If the heart rate value outside the specified range or eye aspect ratio falls below the limit, the microcontroller will command the buzzer to turned on and send an email. Based on the test results, it can be concluded that the heart rate based fatigue detection program only sends alerts if the heart rate value out of predetermined range in an interval of more than five seconds in order to overcome the shortcomings of the photoplethysmography-based sensor.
... Further, an active E-mail system SMTP protocol monitoring algorithm has been proposed which monitors the SMTP protocol in real-time in a real working environment and detects any problems or failures resulting because of the SMTP protocol [26]. ...
Multi-Recipient E-mail Messages: Privacy Issues and Possible Solutions
Article
  • Nov 2021
Chain and multi-recipient e-mails pose significant security and privacy threats such as phishing and the spread of Trojan horses. They also increase the chances of receiving spam e-mails. E-mails sent to multiple recipients at a time result in unwanted exposure of e-mail address to multiple recipients. The recipients of chain e-mails may include spammers or e-mail addresses of users whose e-mail account or device may have been compromised, thereby, exposing all e-mail addresses to spammers. Forwarding or sending a multi-recipient e-mail in a chain further increases the exposure of e-mail addresses to spammers. This paper discusses chain e-mails, multi-recipient e-mails and crucial security and privacy threats they pose to legitimate e-mail user. It also discusses various possible mechanisms to mitigate these threats and investigates their effectiveness. This study proposes a novel technique to counter these security risks by enhancing the default behaviour of e-mail client, SMPT server and SMTP protocol. The proposed technique has been implemented in the Java programming language which showed promising results against unnecessary exposure of multiple e-mail addresses while sending an e-mail to multiple recipients.
... where Pi is the probability of a tuple; D is the random information selected of the class Ci; and the reason for using log2 is that the information is coded in 2 bits; Info(D) is a way to identify the class label of a tuple D; and to find the information gain of each tuple [18], we must calculate before: ...
Email Classification for Forensic Analysis by Information Gain Technique
Article
Full-text available
  • Aug 2021
One of the most interesting fields nowadays is forensics. This field is based on the works of scientists who study evidence to help the police solve crimes. In the domain of computer science, the crimes within computer forensics are usually network attacks, and most attacks are over the email (the case of this study). Email has become a daily means of communication which is mainly accessible via internet. People receive thousands of emails in their inboxes and mail servers (in which people can find emails in those lists). The aim of this study is to secure email users by building an automatic checking and detecting system on servers to filter the bad emails from the good ones. In this paper, the authors will do a study based on a new method of emails clustering to extract the bad and good ones. The authors use the gain information technique like an algorithm of clustering, whose principle is to calculate the importance of each attribute (in this study, the authors talk about the attributes that constitute the email) to draw the importance tree and at the end extract the clusters.
Transport Fee Management System for Educational Institutions
Conference Paper
  • Jun 2022
Every educational institution's transportation department is one of the most important departments. This department's fee collection and management is a time-consuming operation. The student is allowed to enter the vehicle by the driver. Despite this, he is completely oblivious of the fee payments. Automation is required to preserve a healthy interaction between students and management. Parents of students who use institutional transportation are often concerned about their children's boarding and departure status. A web application can be utilized to serve both purposes. The Management obtains fee payment status by scanning the Radio Frequency Identification (RFID) tag, and electronic mail (email) notification of the student's entry and exit is provided to their parents using an RFID scanner attached to the ESP8266 hardware.
Cognitive HSE Risk Prediction and Notification Tool Based on Natural Language Processing
Conference Paper
  • Sep 2021
The focus of this work is on developing a cognitive tool that predicts the most frequent HSE hazards with the highest potential severity levels. The tool identifies these risks using a natural language processing algorithm on HSE leading and lagging indicator reports submitted to an oilfield services company’s global HSE reporting system. The purpose of the tool is to prioritize proactive actions and provide focus to raise workforce awareness. A natural language processing algorithm was developed to identify priority HSE risks based on potential severity levels and frequency of occurrence. The algorithm uses vectorization, compression, and clustering methods to categorize the risks by potential severity and frequency using a formulated risk index methodology. In the pilot study, a user interface was developed to configure the frequency and the number of the prioritized HSE risks that are to be communicated from the tool to those employees who opted to receive the information in a given location. From this pilot study using data reported in the company’s online HSE reporting system, the algorithm successfully identified five priority HSE risks across different hazard categories based on the risk index. Using a high volume of reporting data, the risk index factored multiple coefficients such as severity levels, frequency and cluster tightness to prioritize the HSE risks. The observations at each stage of the developed algorithm are as follows:In the data cleaning stage, all stop words (such as a, and, the) were removed, followed by tokenization to divide text in the HSE reports into tokens and remove punctuation.In the vectorization stage, many vectors were formed using the Term Frequency - Inverse Document Frequency (TF-IDF) method.In the compression stage, an autoencoder removed the noise from the input data.In the agglomerative clustering stage, HSE reports with similar words were grouped into clusters and the number of clusters generated per category were in the range of three to five. The novelty of this approach is its ability to prioritize a location’s HSE risks using an algorithm containing natural language processing techniques. This cognitive tool treats reported HSE information as data to identify and flag priority HSE risks factoring in the frequency of similar reports and their associated severity levels. The proof of concept has demonstrated the potential ability of the tool. The next stage would be to test predictive capabilities for injury prevention.
Connection status report generator
Article
Full-text available
  • May 2021
This paper presents “Connection Status Report Generator” which is an auto executable application and it generates a detailed textual and pictorial representation of the network connectivity status of a particular computer and sends the generated reports to the concerned party. The features developed in this paper aim to constantly monitor the network connectivity status as well as ease the troubleshooting process of finding the major cause of call-drops which is a popular problem in every industry. This paper is divided into three major sub-categories of real-time connection status tracker, report generator, and the image viewer interface. The proposed executable application is coded in Java and designed to run as a background application with minimal system prerequisites.
Video Surveillance System with Auto Informing Feature
Chapter
  • May 2021
The present document represents a thorough study of the making of an efficient surveillance system along with a feature of automatically informing the owner about the suspicious movement. In this moving world, normally people are suffering from the availability of time, so if any crime has happened at the site, it will take many days of searching for finding the actual presence of criminals, and thus a good chance for those burglars to flee away to protect themselves. For making the task possible, chose Python as the weapon for this battle and used different efficient techniques like COCO dataset for getting labeled and annotated images, LabelImg for making the annotation set of images, TensorFlow, object detection API for object detection and faster RCNN for training as faster RCNN has shown the highest accuracy for the COCO dataset so far. The owner can be informed in two ways: Either send a message to him via mail or phone or call at the time of suspicious image capturing. Here, both of these cases are used: For mail, the task is done via SMTP and for phone calls Twilio is used which provides us registered phone no. and can make both outbound and inbound calls. After using all the mentioned things and making the model in a way described above, it was found that faster RCNN is much more accurate than the other conventional methods. The results have been very well as RCNN show 86.7% accuracy and 100% has come out with the informing module as there simply the mail will be sent to the one whose mail is given in the code and the same is for Twilio calling.
A Learning Approach to Spam Detection based on Social Networks
Article
Full-text available
  • Dec 2008
The massive increase of spam is posing a very serious threat to email which has become an important means of communication. Not only does it annoy users, but it also consumes much of the bandwidth of the Internet. Most spam filters in existence are based on the content of email one way or the other. While these anti-spam tools have proven very useful, they do not prevent the bandwidth from being wasted and spammers are learning to bypass them via clever manipulation of the spam content. A very different approach to spam detection is based on the behavior of email senders. In this paper, we propose a learning approach to spam sender detection based on features extracted from social networks constructed from email exchange logs. Legitimacy scores are assigned to senders based on their likelihood of being a legitimate sender. Moreover, we also explore various spam filtering and resisting possibilities.
Understanding passive and active service discovery
Conference Paper
Full-text available
  • Oct 2007
Increasingly, network operators do not directly operate com- puters on their network, yet are responsible for assessing network vulnerabilities to ensure compliance with policies about information disclosure, and tracking services that af- fect provisioning. Thus, with decentralized network man- agement, service discovery becomes an important part of maintaining and protecting computer networks. We explore two approaches to service discovery: active probing and passive monitoring. Active probing finds all services currently on the network, except services temporar- ily unavailable or hidden by firewalls; however, it is often too invasive, especially if used across administrative boundaries. Passive monitoring can find transient services, but misses services that are idle. We compare the accuracy of passive and active approaches to service discovery and show that they are complimentary, highlighting the need for multiple active scans coupled with long-duration passive monitoring. We find passive monitoring is well suited for quickly finding popular services, finding servers responsible for 99% of in- coming connections within minutes. Active scanning is bet- ter suited to rapidly finding all servers, which is important for vulnerability detection-one scan finds 98% of services in two hours, missing only a handful. External scans are an unexpected ally to passive monitoring, speeding service discovery by the equivalent of 9-15 days of additional obser- vation. Finally, we show how the use of static or dynamic addresses changes the effectiveness of service discovery, both due to address reuse and VPN effects.
RFC 2821Simple Mail Transfer Protocol
Article
  • Apr 2001
This document is a self-contained specification of the basic protocol for the Internet electronic mail transport. It consolidates, updates and clarifies, but doesn't add new or change existing functionality of the following: - the original SMTP (Simple Mail Transfer Protocol) specification of RFC 821 [30], - domain name system requirements and implications for mail transport from RFC 1035 [22] and RFC 974 [27], - the clarifications and applicability statements in RFC 1123 [2], and - material drawn from the SMTP Extension mechanisms [19]. It obsoletes RFC 821, RFC 974, and updates RFC 1123 (replaces the mail transport materials of RFC 1123). However, RFC 821 specifies some features that were not in significant use in the Internet by the mid-1990s and (in appendices) some additional transport models. Those sections are omitted here in the interest of clarity and brevity; readers needing them should refer to RFC 821. It also includes some additional material from RFC 1123 that required amplification. This material has been identified in multiple ways, mostly by tracking flaming on various lists and newsgroups and problems of unusual readings or interpretations that have appeared as the SMTP extensions have been deployed. Where this specification moves beyond consolidation and actually differs from earlier documents, it supersedes them technically as well as textually. Although SMTP was designed as a mail transport and delivery protocol, this specification also contains information that is important to its use as a 'mail submission' protocol, as recommended for POP [3, 26] and IMAP [6]. Additional submission issues are discussed in RFC 2476 [15]. Section 2.3 provides definitions of terms specific to this document. Except when the historical terminology is necessary for clarity, this document uses the current 'client' and 'server' terminology to identify the sending and receiving SMTP processes, respectively. A companion document [32] discusses message headers, message bodies and formats and structures for them, and their relationship. ---------------- Note that this document is considered obsolete and should probably not be referenced except for historical purposes. It has been replaced by RFC 5321 with the same title. Copies of them can be obtained from http://www.rfc-editor.org/info/rfc2821 or http://www.rfc-editor.org/info/rfc5321.
ENHANCED DELIVERY THROUGH A SMART SMTP CLIENT
Article
  • Feb 2004
Mail systems comprise different components to accomplish all mail activities. On the top of these mail system functions is the message submission, delivery, and retrieval on a target host. Simple Mail Transfer Protocol (SMPT) is the mail transport protocol used to transfer mail between hosts. In SMTP session, like any protocol, two participants are involved. The first is the client that initiates the session and manages connection by sending requests. The other, which is the server, waits for such requests that trigger responses. This paper presents an enhanced messages delivery approach through a proposed SMTP client. A proposed architecture implementation is presented as well as the algorithm workflow for processing mails by the SMTP client. The paper provides a per-host grouping strategy that minimizes the delivery time of messages queue to multiple hosts by processing all messages belonging to the same host mail server as a one bulk. A comparative study for messages delivery with and without the grouping mechanism proved a significant reduction the the time for delivering a queue of messages. In addition to grouping, the features contributed in threading and session handling, prioritized delivery, and pipelining enhanced the way and performance of mails delivery to destination hosts.
A comparative study of Simple Mail Transfer Protocol (SMTP), PostOffice Protocol (POP) and X.400 Electronic Mail Protocols
Conference Paper
  • Dec 1997
We present the main features and functionality of the three most widely used message transfer protocols. We study actual implementations and base our analysis on benchmarking. The performance of the protocols is compared in terms of end to end delay, volume of traffic and number of frames generated at the physical layer and frame length distribution. An analytical model is proposed for the approximation of the upper and lower bounds of volume generated by SMTP which can easily be extended for POP3. The model considers both explicit and piggyback acknowledgements at the TCP layer
The future of email or when will Grandma be on the net?
Conference Paper
  • Jul 1995
What is the role of electronic mail in the office of the future? Electronic mail is growing rapidly beyond the sending of simple text messages, messages today can include graphics and audio. As e-mail technology becomes more enriched, its role becomes increasingly important and widespread both for work and home use. This paper starts with a tutorial on what e-mail is all about and how the architecture of e-mail is evolving. Finally, it expounds on what role e-mail will have in the office of the future and in the home
The Art of Network Monitoring Advances in Network & Communication Engineering 4
  • Jan 2007
  • A Dowland
MOHYUDDIN, A. & DOWLAND, P. S. (2007) The Art of Network Monitoring Advances in Network & Communication Engineering 4. University of Plymouth UK.