Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey

Riebe, Thea; Biselli, Tom; Kaufhold, Marc–André; Reuter, Christian

doi:10.56553/popets-2023-0028

Cited by 3 publications

(5 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Surveillance can be defined as the systematic monitoring of individuals or groups for a given purpose [32,52]. In the case of OSINT for cybersecurity, there are two kinds of systems: Cyber Threat Intelligence (CTI), which focuses on the detection and analysis of cyber threats, and risk mitigation systems, which work towards identifying actors and groups [46].…”

Section: Acceptance Of Surveillance Technologiesmentioning

confidence: 99%

“…Looking at the OSINT systems which were developed for cybersecurity purposes in a systematic study, Riebe et al [46] identified 73 systems, from which 11 discussed ELSI implications. Especially when systems aim at focusing on particular actors, this could include the profiling of individuals [14].…”

Section: Privacy Impact Of Osintmentioning

confidence: 99%

“…Therefore, particularly in the context of sensitive cybersecurity information, approaches that help to assess and manage risks from privacy conflicts in collaborative data sharing need to be taken into account for further research [21]. As Riebe et al [46] have shown, most OSINT systems for cyber security focus on detecting new cyber threats, and might offer additional analysis for incident managers. Concepts of contextual privacy could support this approach, for example, as part of limited data gathering approaches.…”

Section: Implications For Design and Organizationmentioning

confidence: 99%

“…As OSINT approaches to detect cyber threats mostly use social media data [38,49], many ethical and social questions arise at the complex intersection of privacy and security. In a systematic study of OSINT systems for cybersecurity, Riebe et al [46] have found that in 73 OSINT systems, only 11 discussed ethical and social implications, such as privacy impact. Therefore, the principles of "privacy by design," such as data minimization, must first be applied when using such tools to collect and analyze any individual's data.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey

Riebe¹

2023

Technology Assessment of Dual-Use ICTs

View full text Add to dashboard Cite

The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.

show abstract

Section: Acceptance Of Surveillance Technologiesmentioning

confidence: 99%

Section: Privacy Impact Of Osintmentioning

confidence: 99%

Section: Implications For Design and Organizationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey

Riebe¹

2023

Technology Assessment of Dual-Use ICTs

View full text Add to dashboard Cite

show abstract

“…There are many ethical considerations related to cybersecurity and data privacy. For example, there may be ethical concerns around the collection and use of personal data, the use of surveillance technologies, and the potential for discrimination or bias in algorithms and decision-making processes [7]- [9]. It is important to consider these ethical implications when designing policies and technologies related to cybersecurity and data privacy.…”

Section: Introductionmentioning

confidence: 99%

Islamic Perspectives on Cybersecurity and Data Privacy: Legal and Ethical Implications

Bakhrudin,

Margolang,

Sudarmanto

et al. 2023

WSLHR

View full text Add to dashboard Cite

In the rapidly evolving landscape of cybersecurity and data privacy, the interface between culture, ethics, and law plays a pivotal role. This study delves into "Islamic Perspectives on Cybersecurity and Data Privacy: Legal and Ethical Implications" to investigate how Islamic principles and values intersect with contemporary cybersecurity practices. Combining qualitative content analysis of Islamic texts with a quantitative survey, the research reveals a strong alignment between Islamic principles and modern cybersecurity norms, particularly in areas of privacy, honesty, and the prevention of harm. However, it also highlights the legal and ethical challenges that arise, such as reconciling the prohibition of 'gharar' and addressing the intersection of Islamic finance with digital transactions. The findings emphasize the need for inclusive and culturally sensitive approaches to cybersecurity, informed by a deeper understanding of Islamic ethics and jurisprudence.

show abstract

Enhanced Audio-Based Open-Source Intelligence Insights using Machine Learning

Muhammad Ayub,

Sidra Irum,

Dr. Zunera Jalil

2024

IJSRCSEIT

View full text Add to dashboard Cite

Nowadays, data collection methods and techniques are increasingly used to address intelligence needs in the sense of training models to predict correct information. Open-source intelligence (OSINT) could now incorporate Machine Learning (ML) by correlating diverse data types, such as text, images, audio, and video. In this research, we focused on an essential yet underdeveloped aspect of OSINT, extracting insights from audio data for military intelligence, especially in Pakistan's defence and focused on developing advanced tools for analyzing the expanding audio data, proposing a novel method to extract perfect information for intelligence purposes, specifically targeting key entities like Location, Rank, Operation, Date, and Weapon in military contexts. First, we developed a unique dataset containing 2000 transcribed sentences with annotations for the mentioned entities using an open-source NER annotator. Then, we trained four customized models using advanced NLP frameworks such as Hugging Face's Transformers (DistilBERT), spaCy, NLTK and Stanford CoreNLP, which are subject of assessment to determine their practical use in intelligence contexts. The selected models were evaluated, which proved that AI-based techniques are crucial for enhancing intelligence gathering in the dynamic OSINT landscape. The results also demonstrated the potential of AI integration in OSINT for audio data processing in military intelligence.

show abstract

Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey

Cited by 3 publications

References 43 publications

Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey

Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey

Islamic Perspectives on Cybersecurity and Data Privacy: Legal and Ethical Implications

Enhanced Audio-Based Open-Source Intelligence Insights using Machine Learning

Contact Info

Product

Resources

About