2.1 KiB
New User Registartion
Our goal is to allow user registration while prevent abusive user from being registered. That is give the limmited amount of inormation we have about the user, we need to classify or predict his intent.
Ideally we would not even allocate an id for the abusive users. Therefore we could separate our checks into two categories:
- preregistration checks: where user doesn't even have id allocated
- registration checks: user has an id
Preregistation
Registring
We have multiple mechanisms which help us to prevent registration of abusive users. Those are:
- ML Classifiers
- Regattacks
- Anomaly detection
As far as I understand, once we detect abusive user registration we send them to UFAC. UFAC then would propose a number of challenges and either clear the user, or confirm abusive character of the registration.
In that regard ufac_core table is a good source of data. Take a time and check what data it contains.
Some interesting Scuba queries are:
- UFAC enrollmets per reason
- UFAC clears per reason - in other words false positives (FP).
- UFAC enrollments per context
Some interesting columns/values in ufac_core are:
- Event - enrolled, cleared
- Violation Type - FAKE_ACCOUNT
Must Read
- The Life of a Registration model
- Describes registration model a bit more.
Code Ownership
One could use bunnylol ownership manager to get the list of assets we own.