Pro-Active Data Breach Detection: Examining Accuracy and Applicability on Personal Information Detected
Uloženo v:
| Vydáno v: | International Conference on Cyber Warfare and Security (2016), p. 47-56 |
|---|---|
| Hlavní autor: | |
| Další autoři: | , |
| Vydáno: |
Academic Conferences International Limited
|
| Témata: | |
| On-line přístup: | Citation/Abstract Full Text Full Text - PDF |
| Tagy: |
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 1779928021 | ||
| 003 | UK-CbPIL | ||
| 035 | |a 1779928021 | ||
| 045 | 2 | |b d20160101 |b d20161231 | |
| 084 | |a 142229 |2 nlm | ||
| 100 | 1 | |a Botha, Johnny | |
| 245 | 1 | |a Pro-Active Data Breach Detection: Examining Accuracy and Applicability on Personal Information Detected | |
| 260 | |b Academic Conferences International Limited |c 2016 | ||
| 513 | |a Feature | ||
| 520 | 3 | |a Data breaches remain a common occurrence affecting both companies and individuals alike, despite promulgated data protection legislation worldwide. It is unlikely that factors causing data breaches such as incorrect device configuration or negligence will stop unless effective enforcement of relevant legislation is applied. While several information privacy regulators exist, the dominant norm is to respond reactively on reported incidents. Reactive response is useful for cleaning up detected breaches but does not provide a clear indication of the level of personal information available on the internet since only reported incidents are taken into account. The possibility of pro-active automated breach detection has previously been discussed as a capability augmentation for existing privacy regulators. By pro-actively detecting leaked information, detection times can potentially be reduced to limit the exposure time of Personal Identifiable Information (PII) on publicly accessible networks. At present the average time for data breach detection is in excess of three months internationally and breach discovery it most often not by the data owner but an external third party increasing exposure of leaked information. The duration of time that data is exposed on the internet has severe negative implications since a significant portion of information disclosed in data breaches have been proven to be used for cybercrime activities. It could then be argued that any reduction of data breach exposure time should directly reduce the opportunity for associated cyber-crime. While pro-active breach detection has been proven as potentially viable in previous work, numerous aspects of such a system remain in question. Aspects such as legality, detection accuracy and communication with affected parties and alignment with privacy regulator operating procedures are all unexplored. The research presented in this paper considers the results obtained from two iterations of such an experimental system that was conducted on the South African .co.za domain. The first iteration conducted in early 2014 was used as a baseline for the second iteration that was conducted one year later in 2015. While the experiment was conducted on the South African cyber domain, the concepts are applicable to the international environment. | |
| 651 | 4 | |a South Africa | |
| 653 | |a Privacy | ||
| 653 | |a Data integrity | ||
| 653 | |a Accuracy | ||
| 653 | |a Legislation | ||
| 653 | |a Experiments | ||
| 653 | |a Data processing | ||
| 653 | |a Cellular telephones | ||
| 653 | |a Internet | ||
| 653 | |a Leaking of information | ||
| 653 | |a Electronic documents | ||
| 653 | |a Personal information | ||
| 653 | |a Disclosure | ||
| 653 | |a Websites | ||
| 653 | |a Automation | ||
| 653 | |a Cybercrime | ||
| 653 | |a Credit cards | ||
| 653 | |a Time | ||
| 653 | |a Legality | ||
| 653 | |a Crime prevention | ||
| 653 | |a Enforcement | ||
| 653 | |a Crime | ||
| 653 | |a Cleaning | ||
| 653 | |a Negligence | ||
| 653 | |a Data | ||
| 653 | |a Information | ||
| 700 | 1 | |a Eloff, M | |
| 700 | 1 | |a Swart, Ignus | |
| 773 | 0 | |t International Conference on Cyber Warfare and Security |g (2016), p. 47-56 | |
| 786 | 0 | |d ProQuest |t Political Science Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/1779928021/abstract/embedded/BA9OR7M064GU0OXK?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/1779928021/fulltext/embedded/BA9OR7M064GU0OXK?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/1779928021/fulltextPDF/embedded/BA9OR7M064GU0OXK?source=fedsrch |