Technology

Researchers Propose Methods for Detecting Doxing Automatically

Researchers Propose Methods for Detecting Doxing Automatically

Researchers were working on developing methods for automatically detecting doxing. “Doxing” is the act of publicly revealing or publishing private information about another person without their consent, usually with malicious intent.

According to researchers from Penn State’s College of Information Sciences and Technology, a new automated approach to detecting doxing – a type of cyberbullying in which certain private or personally identifiable information is publicly shared without an individual’s consent or knowledge – may help social media platforms better protect their users.

The doxing research could result in more immediate flagging and removal of sensitive personal information that has been shared without the owner’s permission. To date, the research team has only looked at Twitter, where their novel proposed approach uses machine learning to determine which tweets containing personally identifiable information are maliciously shared and which are self-disclosed.

They discovered a method for automatically detecting doxing on Twitter with over 96% accuracy, which could help the platform – and eventually other social media platforms – identify true cases of doxing more quickly and easily.

The focus is to identify cases where people collect sensitive personal information about others and publicly disclose it as a way of scaring, defaming, threatening or silencing them.

Younes Karimi

“The focus is to identify cases where people collect sensitive personal information about others and publicly disclose it as a way of scaring, defaming, threatening or silencing them,” said Younes Karimi, doctoral candidate and lead author on the paper. “This is dangerous because once this information is posted, it can quickly be shared with many people and even go beyond Twitter. The person to whom the information belongs needs to be protected.”

The researchers collected and curated a dataset of nearly 180,000 tweets that were likely to contain doxed information as part of their work. Using machine learning techniques, they classified the data as containing personal information tied to either an individual’s identity – their social security number – or an individual’s location – their IP address – and manually labeled more than 3,100 tweets that contained either piece of information.

They then classified the data further to distinguish malicious disclosures from self-disclosures. The researchers then examined the tweets for common potential motivations behind disclosures, determining whether the intent was defensive or malicious, and indicating whether it could be classified as doxing.

Researchers propose methods for automatic detection of doxing

“Not all doxing instances are necessarily malicious,” explained Karimi. “For example, a parent of a missing child might benignly share their private information with the desperate hope of finding them.”

Next, the researchers used nine different approaches based on existing natural language processing methods and models to automatically detect instances of doxing and malicious disclosures of two types of most sensitive private information, social security number and IP address, in their collected dataset. They compared the results and identified the approach with the highest accuracy rate, presenting their findings in November at the 25th ACM Conference on Computer-Supported Cooperative Work and Social Computing.

According to Karimi, this work is especially important at a time when major social media platforms, such as Twitter, are mass-laying off employees, reducing the number of workers responsible for reviewing content that may violate the platforms’ terms of service. According to one platform’s policy, unless there is clearly abusive intent in a case of doxing, the owner of the publicly shared information or their authorized representative must contact the platform before enforcement action is taken. Private information may remain publicly available for long periods of time under this policy if the owner is unaware that it has been shared.

“While there have been some prior studies on the detection of private information in general, and some automated approaches for detecting cyberbullying are used by social media platforms, they do not distinguish self-disclosures from malicious disclosures of second- and third-parties in tweets,” he explained. “Because fewer people are now in charge of taking action on these manual user reports, adding automation can help them narrow down and prioritize the most important and sensitive reports.”