Roavin wrote:Belmaria wrote:Experienced raiders and defenders shouldn't be the only people with access to intelligence regarding potential attacks, and having an easy to use tool which can reliably identify potential raids would increase the amount of people interested in helping in the defense effort significantly. The rules-based detection project was an off-shoot from an original project with similar goals. We attempted to distribute a blacklist of known and suspected raiders in the form of a dossier file, so that regions could monitor activity and protect themselves from raiders. It failed because it couldn't detect new, "clean" nations, so we decided to create a rules-based engine that could be installed in most common browsers, which would assist non-defenders in keeping their individual regions safe from attack, without having to ask for help from organizations like the Wardens. However, we don't currently have a way to merge our code into a browser plugin, and also don't have stable detection rules.
As I've mentioned to a few others in private chat and telegrams, we're using Spam Assassin as the basis for our engine, and are finding it difficult to get SA working in a browser-only environment, which is why we need help from experienced programmers. We also need to gain more information about how to construct our SA rulesets, so as to increase the accuracy of our detection. And finally, we will need to create an integrated web interface for nations to use, similar to the altered interface provided by NS++. Without all of these components, the work we have accomplished will be pointless.
So to reiterate, we need help with statistics, Perl code (SA is written in it), Possibly Ruby on Rails, Possibly PHP/SQL, SA rulesets, and XHTML integration into NationStates. If anyone thinks they can help, and is interested, that's the purpose of this thread.
And as a PS, the misidentification of defender nations could be solved by whitelisting.
Eh, I really don't see SpamAssassin as the right tool for the job here. Would you send individual happenings through SpamAssassin as if they were emails, or how would this work? I can't think of a way this could work with SA even in theory, tbh. Plus, if this is supposed to work in the local browser, you'll need JavaScript, not PHP or Ruby.
For a spotting tool, something a bit more specialized would, I imagine, actually work and be helpful. Something that detects cross-endorsements and uses simple heuristics to detect raider puppets vs. normal nations.
The browser plugin wasn't the only component of the project originally. We were also planning on establishing a database of information to augment our human intelligence project, which is what the Ruby and PHP work would have been.
As for Spam Assassin not working in theory, we already have Spam Assassin natively installed and working with the world feed. We break up each individual happening into an individual message for SA to analyze, and use custom rules, combined with self-trained spam/ham, to determine the likelihood of a move or WA endorsement being spam. We were also planning on integrating regional statistics into the analysis, and determined that since SA only looks at one message at a time, in order to gain a big picture view, we would need to run multiple rounds of analysis on different data sets and correlate them together into one last "message" for SA to analyze to gain a view of the bigger picture. At present, it's still being tinkered with, but it's taken a back seat to our humanint project, as that has yielded more fruitful results.
Posted: Sun Jul 17, 2016 10:57 am
