Gathering and analyzing identity leaks for a proactive warning of affected users

Malderle, Timo; Wübbeling, Matthias; Knauer, Sven; Sykosch, Arnold; Meier, Michael

doi:10.1145/3203217.3203269

Cited by 13 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Nevertheless, it is natural to realize that, the computational time complexity can be very high for this detection method and also for the distributed environments, this method is prune to errors. The next method is one of the extensions, proposed by T. Malderle et al [8]. This work elaborates the mechanisms for collecting evidences of the data leakage and further validates the evidences against the prevention principles.…”

Section: Parallel Research Outcomes: Surveymentioning

confidence: 95%

Detection of Data Leaks through Large Scale Distributed Query Processing using Machine Learning

MVSV¹,

Haritha²

2021

IJACSA

View full text Add to dashboard Cite

With the growth in the distributed data processing and data being the fuel for each of the processes, the query processes of the data are expected to be significantly lower. Hence, the distribution of the data is highly expected and during the distributing of the data, the chances for data leakage increases to a significant extend. The data leakage problems are not generally caused by intentional errors, rather this is caused by the higher visibility of the data over multiple clusters. Henceforth, the detection process is also very critical. Many of the parallel research attempts have demonstrated various methods for the detection and as well as the prevention methods. The works in the direction of the detection of the data leaks are highly dependent either on the historical information of the leaks or depends on the contextual importance of the data. In both the cases, the outcomes of the detection process accuracy cannot be ensured. In the other hand, the preventive measures can also turn into a reactive process for detection by reversing the principles proposed in these research outcomes, but the computational complexities are significantly higher. Thus, this work proposes a novel strategy for detection of the data leakages after the data distribution during the query processing events. This work proposes an initial Occurrence Based Rule Set Extraction method using Adaptive Threshold for generating the rulesets, further for reducing the time complexity and reducing the loss of dataset attribute information, this work introduces yet another algorithm for Dynamic Inference-based Rule Set Reduction. After the inferences are generated, finally this work deploys the Attribute Subset Equivalence-based Leak Detection mechanism for final detection of the clusters with data leaks. This work demonstrates nearly 89% accuracy for the detection process.

show abstract

Section: Parallel Research Outcomes: Surveymentioning

confidence: 95%

Detection of Data Leaks through Large Scale Distributed Query Processing using Machine Learning

MVSV¹,

Haritha²

2021

IJACSA

View full text Add to dashboard Cite

show abstract

“…Topic #13 describes selling leaked user data from security breaches, in the form of combo lists, i.e. combinations of usernames/emails and passwords [28], which can be used for compromising accounts with the same credentials in other services, by means of credential stuffing attacks, as seen in Topic #5. Topic #14 involves mostly guides and e-books regarding carding and other methods of financial fraud.…”

Section: Topic Modellingmentioning

confidence: 99%

The Cynicism of Modern Cybercrime: Automating the Analysis of Surface Web Marketplaces

Lykousas¹,

Koutsokostas²,

Casino³

et al. 2021

Preprint

View full text Add to dashboard Cite

Cybercrime is continuously growing in numbers and becoming more sophisticated. Currently, there are various monetisation and money laundering methods, creating a huge, underground economy worldwide. A clear indicator of these activities is online marketplaces which allow cybercriminals to trade their stolen assets and services. While traditionally these marketplaces are available through the dark web, several of them have emerged in the surface web.In this work, we perform a longitudinal analysis of a surface web marketplace. The information was collected through targeted web scrapping that allowed us to identify hundreds of merchants' profiles for the most widely used surface web marketplaces. In this regard, we discuss the products traded in these markets, their prices, their availability, and the exchange currency. This analysis is performed in an automated way through a machine learning-based pipeline, allowing us to quickly and accurately extract the needed information. The outcomes of our analysis evince that illegal practices are leveraged in surface marketplaces and that there are not effective mechanisms towards their takedown at the time of writing.

show abstract

“…It is also possible that the controller responsible for a breach is no longer available, because the company went bankrupt or the service was terminated. For instance, unintentionally or unlawfully disclosed sensitive personal data originating from phishing attacks are freely available on the internet [18]. In these cases there is no controller to become aware of a breach.…”

Section: Data Breachesmentioning

confidence: 99%

Who You Gonna Call When There’s Something Wrong in Your Processing? Risk Assessment and Data Breach Notifications in Practice

Gonscherowski

Bieker

2019

Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data

View full text Add to dashboard Cite

With the assessment of the risk to the rights and freedoms of natural persons the GDPR introduces a novel concept. In a workshop participants were introduced to the notion of risk, based on the framework of the German data protection authorities, focusing on personal data breach notifications. This risk framework was then used by participants to assess case studies on data breaches. Taking the perspective of either a controller or a data protection authority, participants discussed the risks, the information provided and the necessary steps required by the GDPR after a data breach.

show abstract

Gathering and analyzing identity leaks for a proactive warning of affected users

Cited by 13 publications

References 6 publications

Detection of Data Leaks through Large Scale Distributed Query Processing using Machine Learning

Detection of Data Leaks through Large Scale Distributed Query Processing using Machine Learning

The Cynicism of Modern Cybercrime: Automating the Analysis of Surface Web Marketplaces

Who You Gonna Call When There’s Something Wrong in Your Processing? Risk Assessment and Data Breach Notifications in Practice

Contact Info

Product

Resources

About