Why Healthcare Companies should look towards Web Scraping

Why Healthcare Companies should look towards Web Scraping

The internet is a massive storehouse of information which is available in the form of text, media and other formats. To be competitive in this modern world, most businesses need access to this storehouse of information. But, all this information is not freely accessible as several websites do not allow you to save the data. This is where the process of Web Scraping comes in handy.

Web scraping is not new—it has been widely used by financial organizations, for detecting fraud; by marketers, for marketing and cross-selling; and by manufacturers for maintenance scheduling and quality control. Web scraping has endless uses for business and personal users. Every business or individual can have his or her own particular need for collecting data. You might want to access data belonging to a particular category from several websites. The different websites belonging to the particular category display information in non-uniform formats. Even if you are surfing a single website, you may not be able to access all the data at one place.

The data may be distributed across multiple pages under various heads. In a market that is vast and evolving rapidly, strategic decision-making demands accurate and thorough data to be analyzed, and on a periodic basis. The process of web scraping can help you mine data from several websites and store it in a single place so that it becomes convenient for you to a alyze the data and deliver results.

In the context of healthcare, web scraping is gaining foothold gradually but qualitatively. Several factors have led to the use of web scraping in healthcare. The voluminous amount of data produced by healthcare industry is too complex to be analyzed by traditional techniques. Web scraping along with data extraction can improve decision-making by determining trends and patterns in huge amounts of intricate data. Such intensive analyses are becoming progressively vital owing to financial pressures that have increased the need for healthcare organizations to arrive at conclusions based on the analysis of financial and clinical data. Furthermore, increasing cases of medical insurance fraud and abuse are encouraging healthcare insurers to resort to web scraping and data extraction techniques.

Healthcare is no longer a sector relying solely on person to person interaction. Healthcare has gone digital in its own way and different stakeholders of this industry such as doctors, nurses, patients and pharmacists are upping their ante technologically to remain in sync with the changing times. In the existing setup, where all choices are data-centric, web scraping in healthcare can impact lives, educate people, and create awareness. As people no more depend only on doctors and pharmacists, web scraping in healthcare can improve lives by offering rational solutions.

To be successful in the healthcare sector, it is important to come up with ways to gather and present information in innovative and informative ways to patients and customers. Web scraping offers a plethora of solutions for the healthcare industry. With web scraping and data extraction solutions, healthcare companies can monitor and gather information as well as track how their healthcare product is being received, used and implemented in different locales. It offers a safer and comprehensive access to data allowing healthcare experts to take the right decisions which ultimately lead to better clinical experience for the patients.

Web scraping not only gives healthcare professionals access to enterprise-wide information but also simplifies the process of data conversion for predictive analysis and reports. Analyzing user reviews in terms of precautions and symptoms for diseases that are incurable till date and are still undergoing medical research for effective treatments, can mitigate the fear in people. Data analysis can be based on data available with patients and is one way of creating awareness among people.

Hence, web scraping can increase the significance of data collection and help doctors make sense of the raw data. With web scraping and data extraction techniques, healthcare insurers can reduce the attempts of frauds, healthcare organizations can focus on better customer relationship management decisions, doctors can identify effective cure and best practices, and patients can get more affordable and better healthcare services.

Web scraping applications in healthcare can have remarkable utility and potential. However, the triumph of web scraping and data extraction techniques in healthcare sector depends on the accessibility to clean healthcare data. For this, it is imperative that the healthcare industry think about how data can be better recorded, stored, primed, and scraped. For instance, healthcare sector can consider standardizing clinical vocabulary and allow sharing of data across organizations to heighten the benefits from healthcare web scraping practices.

Healthcare sector is one of the top sectors where data is multiplying exponentially with time and requires a planned and structured storage of data. Continuous web scraping and data extraction is necessary to gain useful insights for renewing health insurance policies periodically as well as offer affordable and better public health solutions. Web scraping and data extraction together can process the mammoth mounds of healthcare data and transform it into information useful for decision making.

To reduce the gap between various components of healthcare sector-patients, doctors, pharmacies and hospitals, healthcare organizations and websites will have to tap the technology to collect data in all formats and present in a usable form. The healthcare sector needs to overcome the lag in implementing effective web scraping and data extraction techniques as well as intensify their pace of technology adoption. Web scraping can contribute enormously to the healthcare industry and facilitate organizations to methodically collect data and process it to identify inadequacies and best practices that improve patient care and reduce costs.

Source: https://www.promptcloud.com/blog/why-health-care-companies-should-use-web-scraping

Business Intelligence & Data Warehousing in a Business Perspective

Business Intelligence & Data Warehousing in a Business Perspective

Business Intelligence

Business Intelligence has become a very important activity in the business arena irrespective of the domain due to the fact that managers need to analyze comprehensively in order to face the challenges.

Data sourcing, data analysing, extracting the correct information for a given criteria, assessing the risks and finally supporting the decision making process are the main components of BI.

In a business perspective, core stakeholders need to be well aware of all the above stages and be crystal clear on expectations. The person, who is being assigned with the role of Business Analyst (BA) for the BI initiative either from the BI solution providers' side or the company itself, needs to take the full responsibility on assuring that all the above steps are correctly being carried out, in a way that it would ultimately give the business the expected leverage. The management, who will be the users of the BI solution, and the business stakeholders, need to communicate with the BA correctly and elaborately on their expectations and help him throughout the process.

Data sourcing is an initial yet crucial step that would have a direct impact on the system where extracting information from multiple sources of data has to be carried out. The data may be on text documents such as memos, reports, email messages, and it may be on the formats such as photographs, images, sounds, and they can be on more computer oriented sources like databases, formatted tables, web pages and URL lists. The key to data sourcing is to obtain the information in electronic form. Therefore, typically scanners, digital cameras, database queries, web searches, computer file access etc, would play significant roles. In a business perspective, emphasis should be placed on the identification of the correct relevant data sources, the granularity of the data to be extracted, possibility of data being extracted from identified sources and the confirmation that only correct and accurate data is extracted and passed on to the data analysis stage of the BI process.

Business oriented stake holders guided by the BA need to put in lot of thought during the analyzing stage as well, which is the second phase. Synthesizing useful knowledge from collections of data should be done in an analytical way using the in-depth business knowledge whilst estimating current trends, integrating and summarizing disparate information, validating models of understanding, and predicting missing information or future trends. This process of data analysis is also called data mining or knowledge discovery. Probability theory, statistical analysis methods, operational research and artificial intelligence are the tools to be used within this stage. It is not expected that business oriented stake holders (including the BA) are experts of all the above theoretical concepts and application methodologies, but they need to be able to guide the relevant resources in order to achieve the ultimate expectations of BI, which they know best.

Identifying relevant criteria, conditions and parameters of report generation is solely based on business requirements, which need to be well communicated by the users and correctly captured by the BA. Ultimately, correct decision support will be facilitated through the BI initiative and it aims to provide warnings on important events, such as takeovers, market changes, and poor staff performance, so that preventative steps could be taken. It seeks to help analyze and make better business decisions, to improve sales or customer satisfaction or staff morale. It presents the information that manager's need, as and when they need it.

In a business sense, BI should go several steps forward bypassing the mere conventional reporting, which should explain "what has happened?" through baseline metrics. The value addition will be higher if it can produce descriptive metrics, which will explain "why has it happened?" and the value added to the business will be much higher if predictive metrics could be provided to explain "what will happen?" Therefore, when providing a BI solution, it is important to think in these additional value adding lines.

Data warehousing

In the context of BI, data warehousing (DW) is also a critical resource to be implemented to maximize the effectiveness of the BI process. BI and DW are two terminologies that go in line. It has come to a level where a true BI system is ineffective without a powerful DW, in order to understand the reality behind this statement, it's important to have an insight in to what DW really is.

A data warehouse is one large data store for the business in concern which has integrated, time variant, non volatile collection of data in support of management's decision making process. It will mainly have transactional data which would facilitate effective querying, analyzing and report generation, which in turn would give the management the required level of information for the decision making.

The reasons to have BI together with DW

At this point, it should be made clear why a BI tool is more effective with a powerful DW. To query, analyze and generate worthy reports, the systems should have information available. Importantly, transactional information such as sales data, human resources data etc. are available normally in different applications of the enterprise, which would obviously be physically held in different databases. Therefore, data is not at one particular place, hence making it very difficult to generate intelligent information.

The level of reports expected today, are not merely independent for each department, but managers today want to analyze data and relationships across the enterprise so that their BI process is effective. Therefore, having data coming from all the sources to one location in the form of a data warehouse is crucial for the success of the BI initiative. In a business viewpoint, this message should be passed and sold to the managements of enterprises so that they understand the value of the investment. Once invested, its gains could be achieved over several years, in turn marking a high ROI.

Investment costs for a DW in the short term may look quite high, but it's important to re-iterate that the gains are much higher and it will span over many years to come. It also reduces future development cost since with the DW any requested report or view could be easily facilitated. However, it is important to find the right business sponsor for the project. He or she needs to communicate regularly with executives to ensure that they understand the value of what's being built. Business sponsors need to be decisive, take an enterprise-wide perspective and have the authority to enforce their decisions.

Process

Implementation of a DW itself overlaps with some phases of the above explained BI process and it's important to note that in a process standpoint, DW falls in to the first few phases of the entire BI initiative. Gaining highly valuable information out of DW is the latter part of the BI process. This can be done in many ways. DW can be used as the data repository of application servers that run decision support systems, management Information Systems, Expert systems etc., through them, intelligent information could be achieved.

But one of the latest strategies is to build cubes out of the DW and allow users to analyze data in multiple dimensions, and also provide with powerful analytical supporting such as drill down information in to granular levels. Cube is a concept that is different to the traditional relational 2-dimensional tabular view, and it has multiple dimensions, allowing a manager to analyze data based on multiple factors, and not just two factors. On the other hand, it allows the user to select whatever the dimension he wish to choose for analyzing purposes and not be limited by one fixed view of data, which is called as slice & dice in DW terminology.

BI for a serious enterprise is not just a phase of a computerization process, but it is one of the major strategies behind the entire organizational drivers. Therefore management should sit down and build up a BI strategy for the company and identify the information they require in each business direction within the enterprise. Given this, BA needs to analyze the organizational data sources in order to build up the most effective DW which would help the strategized BI process.

High level Ideas on Implementation

At the heart of the data warehousing process is the extract, transform, and load (ETL) process. Implementation of this merely is a technical concern but it's a business concern to make sure it is designed in such a way that it ultimately helps to satisfy the business requirements. This process is responsible for connecting to and extracting data from one or more transactional systems (source systems), transforming it according to the business rules defined through the business objectives, and loading it into the all important data model. It is at this point where data quality should be gained. Of the many responsibilities of the data warehouse, the ETL process represents a significant portion of all the moving parts of the warehousing process.

Creation of a powerful DW depends on the correctness of data modeling, which is the responsibility of the database architect of the project, but BA needs to play a pivotal role providing him with correct data sources, data requirements and most importantly business dimensions. Business Dimensional modeling is a special method used for DW projects and this normally should be carried out by the BA and from there onwards technical experts should take up the work. Dimensions are perspectives specific to a business that could be used for analysis purposes. As an example, for a sales database, the dimensions could include Product, Time, Store, etc. Obviously these dimensions differ from one business to another and hence for each DW initiative those dimensions should be correctly identified and that could be very well done by a person who has experience in the DW domain and understands the business as well, making it apparent that DW BA is the person responsible.

Each of the identified dimensions would be turned in to a dimension table at the implementation phase, and the objective of the above explained ETL process is to fill up these dimension tables, which in turn will be taken to the level of the DW after performing some more database activities based on a strong underlying data model. Implementation details are not important for a business stakeholder but being aware of high level process to this level is important so that they are also on the same pitch as that of the developers and can confirm that developers are actually doing what they are supposed to do and would ultimately deliver what they are supposed to deliver.

Security is also vital in this regard, since this entire effort deals with highly sensitive information and identification of access right to specific people to specific information should be correctly identified and captured at the requirements analysis stage.

Advantages

There are so many advantages of BI system. More presentation of analytics directly to the customer or supply chain partner will be possible. Customer scores, customer campaigns and new product bundles can all be produced from analytic structures resulting in high customer retention and creation of unique products. More collaboration within information can be achieved from effective BI. Rather than middle managers getting great reports and making their own areas look good, information will be conveyed into other functions and rapidly shared to create collaborative decisions increasing the efficiency and accuracy. The return on human capital will be greatly increased.

Managers at all levels will save their time on data analysis, and hence saving money for the enterprise, as the time of managers is equal to money in a financial perspective. Since powerful BI would enable monitoring internal processes of the enterprises more closely and allow making them more efficient, the overall success of the organization would automatically grow. All these would help to derive a high ROI on BI together with a strong DW. It is a common experience to notice very high ROI figures on such implementations, and it is also important to note that there are many non-measurable gains whilst we consider most of the measurable gains for the ROI calculation. However, at a stage where it is intended to take the management buy-in for the BI initiative, it's important to convert all the non measurable gains in to monitory values as much as possible, for example, saving of managers time can be converted in to a monitory value using his compensation.

The author has knowledge in both Business and IT. Started career as a Software Engineer and moved to work in the business analysis area of a premier US based software company.

Source: http://ezinearticles.com/?Business-Intelligence-and-Data-Warehousing-in-a-Business-Perspective&id=35640

Getting Data from the Web

Getting Data from the Web

You’ve tried everything else, and you haven’t managed to get your hands on the data you want. You’ve found the data on the web, but, alas — no download options are available and copy-paste has failed you. Fear not, there may still be a way to get the data out. For example you can:

Get data from web-based APIs, such as interfaces provided by online databases and many modern web applications (including Twitter, Facebook and many others). This is a fantastic way to access government or commercial data, as well as data from social media sites.

Extract data from PDFs. This is very difficult, as PDF is a language for printers and does not retain much information on the structure of the data that is displayed within a document. Extracting information from PDFs is beyond the scope of this book, but there are some tools and tutorials that may help you do it.

Screen scrape web sites. During screen scraping, you’re extracting structured content from a normal web page with the help of a scraping utility or by writing a small piece of code. While this method is very powerful and can be used in many places, it requires a bit of understanding about how the web works.

With all those great technical options, don’t forget the simple options: often it is worth to spend some time searching for a file with machine-readable data or to call the institution which is holding the data you want.

In this chapter we walk through a very basic example of scraping data from an HTML web page.
What is machine-readable data?

The goal for most of these methods is to get access to machine-readable data. Machine readable data is created for processing by a computer, instead of the presentation to a human user. The structure of such data relates to contained information, and not the way it is displayed eventually. Examples of easily machine-readable formats include CSV, XML, JSON and Excel files, while formats like Word documents, HTML pages and PDF files are more concerned with the visual layout of the information. PDF for example is a language which talks directly to your printer, it’s concerned with position of lines and dots on a page, rather than distinguishable characters.
Scraping web sites: what for?

Everyone has done this: you go to a web site, see an interesting table and try to copy it over to Excel so you can add some numbers up or store it for later. Yet this often does not really work, or the information you want is spread across a large number of web sites. Copying by hand can quickly become very tedious, so it makes sense to use a bit of code to do it.

The advantage of scraping is that you can do it with virtually any web site — from weather forecasts to government spending, even if that site does not have an API for raw data access.
What you can and cannot scrape

There are, of course, limits to what can be scraped. Some factors that make it harder to scrape a site include:

Badly formatted HTML code with little or no structural information e.g. older government websites.

Authentication systems that are supposed to prevent automatic access e.g. CAPTCHA codes and paywalls.

Session-based systems that use browser cookies to keep track of what the user has been doing.

A lack of complete item listings and possibilities for wildcard search.

Blocking of bulk access by the server administrators.

Another set of limitations are legal barriers: some countries recognize database rights, which may limit your right to re-use information that has been published online. Sometimes, you can choose to ignore the license and do it anyway — depending on your jurisdiction, you may have special rights as a journalist. Scraping freely available Government data should be fine, but you may wish to double check before you publish. Commercial organizations — and certain NGOs — react with less tolerance and may try to claim that you’re “sabotaging” their systems. Other information may infringe the privacy of individuals and thereby violate data privacy laws or professional ethics.
Tools that help you scrape

There are many programs that can be used to extract bulk information from a web site, including browser extensions and some web services. Depending on your browser, tools like Readability (which helps extract text from a page) or DownThemAll (which allows you to download many files at once) will help you automate some tedious tasks, while Chrome’s Scraper extension was explicitly built to extract tables from web sites. Developer extensions like FireBug (for Firefox, the same thing is already included in Chrome, Safari and IE) let you track exactly how a web site is structured and what communications happen between your browser and the server.

ScraperWiki is a web site that allows you to code scrapers in a number of different programming languages, including Python, Ruby and PHP. If you want to get started with scraping without the hassle of setting up a programming environment on your computer, this is the way to go. Other web services, such as Google Spreadsheets and Yahoo! Pipes also allow you to perform some extraction from other web sites.
How does a web scraper work?

Web scrapers are usually small pieces of code written in a programming language such as Python, Ruby or PHP. Choosing the right language is largely a question of which community you have access to: if there is someone in your newsroom or city already working with one of these languages, then it makes sense to adopt the same language.

While some of the click-and-point scraping tools mentioned before may be helpful to get started, the real complexity involved in scraping a web site is in addressing the right pages and the right elements within these pages to extract the desired information. These tasks aren’t about programming, but understanding the structure of the web site and database.

When displaying a web site, your browser will almost always make use of two technologies: HTTP is a way for it to communicate with the server and to request specific resource, such as documents, images or videos. HTML is the language in which web sites are composed.
The anatomy of a web page

Any HTML page is structured as a hierarchy of boxes (which are defined by HTML “tags”). A large box will contain many smaller ones — for example a table that has many smaller divisions: rows and cells. There are many types of tags that perform different functions — some produce boxes, others tables, images or links. Tags can also have additional properties (e.g. they can be unique identifiers) and can belong to groups called ‘classes’, which makes it possible to target and capture individual elements within a document. Selecting the appropriate elements this way and extracting their content is the key to writing a scraper.

Viewing the elements in a web page: everything can be broken up into boxes within boxes.

To scrape web pages, you’ll need to learn a bit about the different types of elements that can be in an HTML document. For example, the <table> element wraps a whole table, which has <tr> (table row) elements for its rows, which in turn contain <td> (table data) for each cell. The most common element type you will encounter is <div>, which can basically mean any block of content. The easiest way to get a feel for these elements is by using the developer toolbar in your browser: they will allow you to hover over any part of a web page and see what the underlying code is.

Tags work like book ends, marking the start and the end of a unit. For example <em> signifies the start of an italicized or emphasized piece of text and </em> signifies the end of that section. Easy.

An example: scraping nuclear incidents with Python

NEWS is the International Atomic Energy Agency’s (IAEA) portal on world-wide radiation incidents (and a strong contender for membership in the Weird Title Club!). The web page lists incidents in a simple, blog-like site that can be easily scraped.

To start, create a new Python scraper on ScraperWiki and you will be presented with a text area that is mostly empty, except for some scaffolding code. In another browser window, open the IAEA site and open the developer toolbar in your browser. In the “Elements” view, try to find the HTML element for one of the news item titles. Your browser’s developer toolbar helps you connect elements on the web page with the underlying HTML code.

Investigating this page will reveal that the titles are <h4> elements within a <table>. Each event is a <tr> row, which also contains a description and a date. If we want to extract the titles of all events, we should find a way to select each row in the table sequentially, while fetching all the text within the title elements.

In order to turn this process into code, we need to make ourselves aware of all the steps involved. To get a feeling for the kind of steps required, let’s play a simple game: In your ScraperWiki window, try to write up individual instructions for yourself, for each thing you are going to do while writing this scraper, like steps in a recipe (prefix each line with a hash sign to tell Python that this not real computer code). For example:

  # Look for all rows in the table
  # Unicorn must not overflow on left side.

Try to be as precise as you can and don’t assume that the program knows anything about the page you’re attempting to scrape.

Once you’ve written down some pseudo-code, let’s compare this to the essential code for our first scraper:

  import scraperwiki
  from lxml import html

In this first section, we’re importing existing functionality from libraries — snippets of pre-written code. scraperwiki will give us the ability to download web sites, while lxml is a tool for the structured analysis of HTML documents. Good news: if you are writing a Python scraper with ScraperWiki, these two lines will always be the same.

  url = "http://www-news.iaea.org/EventList.aspx"
  doc_text = scraperwiki.scrape(url)
  doc = html.fromstring(doc_text)

Next, the code makes a name (variable): url, and assigns the URL of the IAEA page as its value. This tells the scraper that this thing exists and we want to pay attention to it. Note that the URL itself is in quotes as it is not part of the program code but a string, a sequence of characters.

We then use the url variable as input to a function, scraperwiki.scrape. A function will provide some defined job — in this case it’ll download a web page. When it’s finished, it’ll assign its output to another variable, doc_text. doc_text will now hold the actual text of the website — not the visual form you see in your browser, but the source code, including all the tags. Since this form is not very easy to parse, we’ll use another function, html.fromstring, to generate a special representation where we can easily address elements, the so-called document object model (DOM).

  for row in doc.cssselect("#tblEvents tr"):
  link_in_header = row.cssselect("h4 a").pop()
  event_title = link_in_header.text
  print event_title

In this final step, we use the DOM to find each row in our table and extract the event’s title from its header. Two new concepts are used: the for loop and element selection (.cssselect). The for loop essentially does what its name implies; it will traverse a list of items, assigning each a temporary alias (row in this case) and then run any indented instructions for each item.

The other new concept, element selection, is making use of a special language to find elements in the document. CSS selectors are normally used to add layout information to HTML elements and can be used to precisely pick an element out of a page. In this case (Line. 6) we’re selecting #tblEvents tr which will match each <tr> within the table element with the ID tblEvents (the hash simply signifies ID). Note that this will return a list of <tr> elements.

As can be seen on the next line (Line. 7), where we’re applying another selector to find any <a> (which is a hyperlink) within a <h4> (a title). Here we only want to look at a single element (there’s just one title per row), so we have to pop it off the top of the list returned by our selector with the .pop() function.

Note that some elements in the DOM contain actual text, i.e. text that is not part of any markup language, which we can access using the [element].text syntax seen on line 8. Finally, in line 9, we’re printing that text to the ScraperWiki console. If you hit run in your scraper, the smaller window should now start listing the event’s names from the IAEA web site.

  figs/incoming/04-DD.png
  Figure 58. A scraper in action (ScraperWiki)

You can now see a basic scraper operating: it downloads the web page, transforms it into the DOM form and then allows you to pick and extract certain content. Given this skeleton, you can try and solve some of the remaining problems using the ScraperWiki and Python documentation:

Can you find the address for the link in each event’s title?

Can you select the small box that contains the date and place by using its CSS class name and extract the element’s text?

ScraperWiki offers a small database to each scraper so you can store the results; copy the relevant example from their docs and adapt it so it will save the event titles, links and dates.

The event list has many pages; can you scrape multiple pages to get historic events as well?

As you’re trying to solve these challenges, have a look around ScraperWiki: there are many useful examples in the existing scrapers — and quite often, the data is pretty exciting, too. This way, you don’t need to start off your scraper from scratch: just choose one that is similar, fork it and adapt to your problem.

Source: http://datajournalismhandbook.org/1.0/en/getting_data_3.html

Three Common Methods For Web Data Extraction

Three Common Methods For Web Data Extraction

Probably the most common technique used traditionally to extract data from web pages this is to cook up some regular expressions that match the pieces you want (e.g., URL's and link titles). Our screen-scraper software actually started out as an application written in Perl for this very reason. In addition to regular expressions, you might also use some code written in something like Java or Active Server Pages to parse out larger chunks of text. Using raw regular expressions to pull out the data can be a little intimidating to the uninitiated, and can get a bit messy when a script contains a lot of them. At the same time, if you're already familiar with regular expressions, and your scraping project is relatively small, they can be a great solution.

Other techniques for getting the data out can get very sophisticated as algorithms that make use of artificial intelligence and such are applied to the page. Some programs will actually analyze the semantic content of an HTML page, then intelligently pull out the pieces that are of interest. Still other approaches deal with developing "ontologies", or hierarchical vocabularies intended to represent the content domain.

There are a number of companies (including our own) that offer commercial applications specifically intended to do screen-scraping. The applications vary quite a bit, but for medium to large-sized projects they're often a good solution. Each one will have its own learning curve, so you should plan on taking time to learn the ins and outs of a new application. Especially if you plan on doing a fair amount of screen-scraping it's probably a good idea to at least shop around for a screen-scraping application, as it will likely save you time and money in the long run.

So what's the best approach to data extraction? It really depends on what your needs are, and what resources you have at your disposal. Here are some of the pros and cons of the various approaches, as well as suggestions on when you might use each one:

Raw regular expressions and code

Advantages:

- If you're already familiar with regular expressions and at least one programming language, this can be a quick solution.

- Regular expressions allow for a fair amount of "fuzziness" in the matching such that minor changes to the content won't break them.

- You likely don't need to learn any new languages or tools (again, assuming you're already familiar with regular expressions and a programming language).

- Regular expressions are supported in almost all modern programming languages. Heck, even VBScript has a regular expression engine. It's also nice because the various regular expression implementations don't vary too significantly in their syntax.

Disadvantages:

- They can be complex for those that don't have a lot of experience with them. Learning regular expressions isn't like going from Perl to Java. It's more like going from Perl to XSLT, where you have to wrap your mind around a completely different way of viewing the problem.

- They're often confusing to analyze. Take a look through some of the regular expressions people have created to match something as simple as an email address and you'll see what I mean.

- If the content you're trying to match changes (e.g., they change the web page by adding a new "font" tag) you'll likely need to update your regular expressions to account for the change.

- The data discovery portion of the process (traversing various web pages to get to the page containing the data you want) will still need to be handled, and can get fairly complex if you need to deal with cookies and such.

When to use this approach: You'll most likely use straight regular expressions in screen-scraping when you have a small job you want to get done quickly. Especially if you already know regular expressions, there's no sense in getting into other tools if all you need to do is pull some news headlines off of a site.

Ontologies and artificial intelligence

Advantages:

- You create it once and it can more or less extract the data from any page within the content domain you're targeting.

- The data model is generally built in. For example, if you're extracting data about cars from web sites the extraction engine already knows what the make, model, and price are, so it can easily map them to existing data structures (e.g., insert the data into the correct locations in your database).

- There is relatively little long-term maintenance required. As web sites change you likely will need to do very little to your extraction engine in order to account for the changes.

Disadvantages:

- It's relatively complex to create and work with such an engine. The level of expertise required to even understand an extraction engine that uses artificial intelligence and ontologies is much higher than what is required to deal with regular expressions.

- These types of engines are expensive to build. There are commercial offerings that will give you the basis for doing this type of data extraction, but you still need to configure them to work with the specific content domain you're targeting.

- You still have to deal with the data discovery portion of the process, which may not fit as well with this approach (meaning you may have to create an entirely separate engine to handle data discovery). Data discovery is the process of crawling web sites such that you arrive at the pages where you want to extract data.

When to use this approach: Typically you'll only get into ontologies and artificial intelligence when you're planning on extracting information from a very large number of sources. It also makes sense to do this when the data you're trying to extract is in a very unstructured format (e.g., newspaper classified ads). In cases where the data is very structured (meaning there are clear labels identifying the various data fields), it may make more sense to go with regular expressions or a screen-scraping application.

Screen-scraping software

Advantages:

- Abstracts most of the complicated stuff away. You can do some pretty sophisticated things in most screen-scraping applications without knowing anything about regular expressions, HTTP, or cookies.

- Dramatically reduces the amount of time required to set up a site to be scraped. Once you learn a particular screen-scraping application the amount of time it requires to scrape sites vs. other methods is significantly lowered.

- Support from a commercial company. If you run into trouble while using a commercial screen-scraping application, chances are there are support forums and help lines where you can get assistance.

Disadvantages:

- The learning curve. Each screen-scraping application has its own way of going about things. This may imply learning a new scripting language in addition to familiarizing yourself with how the core application works.

- A potential cost. Most ready-to-go screen-scraping applications are commercial, so you'll likely be paying in dollars as well as time for this solution.

- A proprietary approach. Any time you use a proprietary application to solve a computing problem (and proprietary is obviously a matter of degree) you're locking yourself into using that approach. This may or may not be a big deal, but you should at least consider how well the application you're using will integrate with other software applications you currently have. For example, once the screen-scraping application has extracted the data how easy is it for you to get to that data from your own code?

When to use this approach: Screen-scraping applications vary widely in their ease-of-use, price, and suitability to tackle a broad range of scenarios. Chances are, though, that if you don't mind paying a bit, you can save yourself a significant amount of time by using one. If you're doing a quick scrape of a single page you can use just about any language with regular expressions. If you want to extract data from hundreds of web sites that are all formatted differently you're probably better off investing in a complex system that uses ontologies and/or artificial intelligence. For just about everything else, though, you may want to consider investing in an application specifically designed for screen-scraping.

As an aside, I thought I should also mention a recent project we've been involved with that has actually required a hybrid approach of two of the aforementioned methods. We're currently working on a project that deals with extracting newspaper classified ads. The data in classifieds is about as unstructured as you can get. For example, in a real estate ad the term "number of bedrooms" can be written about 25 different ways. The data extraction portion of the process is one that lends itself well to an ontologies-based approach, which is what we've done. However, we still had to handle the data discovery portion. We decided to use screen-scraper for that, and it's handling it just great. The basic process is that screen-scraper traverses the various pages of the site, pulling out raw chunks of data that constitute the classified ads. These ads then get passed to code we've written that uses ontologies in order to extract out the individual pieces we're after. Once the data has been extracted we then insert it into a database.

Source: http://ezinearticles.com/?Three-Common-Methods-For-Web-Data-Extraction&id=165416

Scraping LinkedIn Public Profiles for Fun and Profit

Scraping LinkedIn Public Profiles for Fun and Profit

Reconnaissance and Information Gathering is a part of almost every penetration testing engagement. Often, the tester will only perform network reconnaissance in an attempt to disclose and learn the company's network infrastructure (i.e. IP addresses, domain names, and etc), but there are other types of reconnaissance to conduct, and no, I'm not talking about dumpster diving. Thanks to social networks like LinkedIn, OSINT/WEBINT is now yielding more information. This information can then be used to help the tester test anything from social engineering to weak passwords.

In this blog post I will show you how to use Pythonect to easily generate potential passwords from LinkedIn public profiles. If you haven't heard about Pythonect yet, it is a new, experimental, general-purpose dataflow programming language based on the Python programming language. Pythonect is most suitable for creating applications that are themselves focused on the "flow" of the data. An application that generates passwords from the employees public LinkedIn profiles of a given company - have a coherence and clear dataflow:

(1) Find all the employees public LinkedIn profiles → (2) Scrap all the employees public LinkedIn profiles → (3) Crunch all the data into potential passwords

Now that we have the general concept and high-level overview out of the way, let's dive in to the details.

Finding all the employees public LinkedIn profiles will be done via Google Custom Search Engine, a free service by Google that allows anyone to create their own search engine by themselves. The idea is to create a search engine that when searching for a given company name - will return all the employees public LinkedIn profiles. How? When creating a Google Custom Search Engine it's possible to refine the search results to a specific site (i.e. 'Sites to search'), and we're going to limit ours to: linkedin.com. It's also possible to fine-tune the search results even further, e.g. uk.linkedin.com to find only employees from United Kingdom.

The access to the newly created Google Custom Search Engine will be made using a free API key obtained from Google API Console. Why go through the Google API? because it allows automation (No CAPTCHA's), and it also means that the search-result pages will be returned as JSON (as oppose to HTML). The only catch with using the free API key is that it's limited to 100 queries per day, but it's possible to buy an API key that will not be limited.

Scraping the profiles is a matter of iterating all over the hCards in all the search-result pages, and extracting the employee name from each hCard. Whats is a hCard? hCard is a micro format for publishing the contact details of people, companies, organizations, and places. hCard is also supported by social networks such as Facebook, Google+, LinkedIn and etc. for exporting public profiles. Google (when indexing) parses hCard, and when relevant, uses them in search-result pages. In other words, when search-result pages include LinkedIn public profiles, it will appear as hCards, and could be easily parsed.

Let's see the implementation of the above:

#!/usr/bin/python
#
# Copyright (C) 2012 Itzik Kotler
#
# scraper.py is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# scraper.py is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with scraper.py.  If not, see <http://www.gnu.org/licenses/>.

"""Simple LinkedIn public profiles scraper that uses Google Custom Search"""

import urllib
import simplejson


BASE_URL = "https://www.googleapis.com/customsearch/v1?key=<YOUR GOOGLE API KEY>&cx=<YOUR GOOGLE SEARCH ENGINE CX>"


def __get_all_hcards_from_query(query, index=0, hcards={}):

    url = query

    if index != 0:

        url = url + '&start=%d' % (index)

    json = simplejson.loads(urllib.urlopen(url).read())

    if json.has_key('error'):

        print "Stopping at %s due to Error!" % (url)

        print json

    else:

        for item in json['items']:

            try:

                hcards[item['pagemap']['hcard'][0]['fn']] = item['pagemap']['hcard'][0]['title']

            except KeyError as e:

                pass

        if json['queries'].has_key('nextPage'):

            return __get_all_hcards_from_query(query, json['queries']['nextPage'][0]['startIndex'], hcards)

    return hcards


def get_all_employees_by_company_via_linkedin(company):

    queries = ['"at %s" inurl:"in"', '"at %s" inurl:"pub"']

    result = {}

    for query in queries:

        _query = query % company

        result.update(__get_all_hcards_from_query(BASE_URL + '&q=' + _query))

    return list(result)

Replace <YOUR GOOGLE API KEY> and <YOUR GOOGLE SEARCH ENGINE CX> in the code above with your Google API Key and Google Search Engine CX respectively, save it to a file called scraper.py, and you're ready!

To kick-start, here is a simple program in Pythonect (that utilizes the scraper module) that searchs and prints all the Pythonect company employees full names:

"Pythonect" -> scraper.get_all_employees_by_company_via_linkedin -> print

The output should be:

Itzik Kotler

In my LinkedIn Profile, I have listed Pythonect as a company that I work for, and since no one else is working there, when searching for all the employees of Pythonect company - only my LinkedIn profile comes up.
For demonstration purposes I will keep using this example (i.e. "Pythonect" company, and "Itzik Kotler" employee), but go ahead and replace Pythonect with other, more popular, companies names and see the results.

Now that we have a working skeleton, let's take its output and start crunching it. Keep in mind that every "password generation forumla" is merely a guess. The examples below are only a sampling of what can be done. There are, obviously many more possibilities and you are encouraged to experiment. But first, let's normalize the output - this way it's going to be consistent before operations are performed on it:

"Pythonect" -> scraper.get_all_employees_by_company_via_linkedin -> string.lower(''.join(_.split()))

The normalization procedure is short and simple: convert the string to lowercase and remove any spaces, and so the output should be now:

itzikkotler

As for data manipulation, out of the box (Thanks to The Python Standard Library) we've got itertools and it's combinatoric generators. Let's start by applying itertools.product:

"Pythonect" -> scraper.get_all_employees_by_company_via_linkedin -> string.lower(''.join(_.split())) -> itertools.product(_, repeat=4) -> print

The code above will generate and print every 4 characters password from the letters: i, t, z, k, o, t, l , e, r. However, it won't cover passwords with uppercase letters in it. And so, here's a simple and straightforward implementation of a cycle_uppercase function that cycles the input letters yields a copy of the input with letter in uppercase:

def cycle_uppercase(i):
    s = ''.join(i)
    for idx in xrange(0, len(s)):
        yield s[:idx] + s[idx].upper() + s[idx+1:]

To use it, save it to a file called itertools2.py, and then simply add it to the Pythonect program after the itertools.product(_, repeat=4) block, as follows:

"Pythonect" -> scraper.get_all_employees_by_company_via_linkedin \
    -> string.lower(''.join(_.split())) \
        -> itertools.product(_, repeat=4) \
            -> itertools2.cycle_uppercase \
                -> print

Now, the program will also cover passwords that include a single uppercase letter in it. Moving on with the data manipulation, sometimes the password might contain symbols that are not found within the scrapped data. In this case, it is necessary to build a generator that will take the input and add symbols to it. Here is a short and simple generator implemented as a Generator Expression:

[_ + postfix for postfix in ['123','!','$']]

To use it, simply add it to the Pythonect program after the itertools2.cycle_uppercase block, as follows:

"Pythonect" -> scraper.get_all_employees_by_company_via_linkedin \
    -> string.lower(''.join(_.split())) \
        -> itertools.product(_, repeat=4) \
            -> itertools2.cycle_uppercase \
                -> [_ + postfix for postfix in ['123','!','$']] \
                    -> print

The result is that now the program adds the strings: '123', '!', and '$' to every generated password, which increases the chances of guessing the user's right password, or not, depends on the password :)

To summarize, it's possible to take OSINT/WEBINT data on a given person or company and use it to generate potential passwords, and it's easy to do with Pythonect. There are, of course, many different ways to manipulate the data into passwords and many programs and filters that can be used. In this aspect, Pythonect being a flow-oriented language makes it easy to experiment and research with different modules and programs in a "plug and play" manner.

Source:http://blog.ikotler.org/2012/12/scraping-linkedin-public-profiles-for.html