Doxing is the act of publicly publishing private or identifying information about an individual on the internet without their consent. There have been various proposed methods for automatic detection of doxing, including the use of machine learning algorithms and natural language processing techniques to analyze text and identify instances of personal information being shared.
These methods aim to quickly identify and remove instances of doxing, reducing the harm caused to the individuals targeted. However, it’s important to note that such methods are not perfect and can have limitations, such as difficulty in accurately identifying context and intent. Additionally, privacy and ethical considerations must be taken into account when developing and deploying such systems.
According to researchers from Penn State’s College of Information Sciences and Technology, a new automated approach to detecting doxing – a type of cyberbullying in which certain private or personally identifiable information is publicly shared without an individual’s consent or knowledge – may help social media platforms better protect their users.
The doxing research could result in more immediate flagging and removal of sensitive personal information that has been shared without the owner’s permission. To date, the research team has only looked at Twitter, where their novel proposed approach uses machine learning to determine which tweets containing personally identifiable information are maliciously shared and which are self-disclosed.
They discovered a method for automatically detecting doxing on Twitter with over 96% accuracy, which could help the platform and eventually other social media platforms – identify true cases of doxing more quickly and easily.
The goal is to identify cases where people collect sensitive personal information about others and publicly disclose it in order to scare, defame, threaten, or silence them.
Younes Karimi
“The goal is to identify cases where people collect sensitive personal information about others and publicly disclose it in order to scare, defame, threaten, or silence them,” said Younes Karimi, the paper’s lead author and doctoral candidate. “This is risky because once this information is posted, it can quickly be shared with a large number of people and even spread beyond Twitter. The person to whom the information belongs must be safeguarded.”
In their work, the researchers collected and curated a dataset of nearly 180,000 tweets that were likely to contain doxed information. Using machine learning techniques, they classified the data as containing personal information tied to either an individual’s identity — their social security number or an individual’s location — their IP address and manually labeled more than 3,100 of the tweets that contained either piece of information. They then classified the data further to differentiate malicious disclosures from self-disclosures.
The researchers then examined the tweets for common potential motivations behind disclosures, determining whether the intent was likely defensive or malicious, and indicating whether it could be classified as doxing.
“Not all doxing instances are necessarily malicious,” explained Karimi. “For example, a parent of a missing child might benignly share their private information with the desperate hope of finding them.”
The researchers then used nine different approaches based on existing natural language processing methods and models to detect instances of doxing and malicious disclosures of two types of highly sensitive private information, social security number and IP address, in their collected dataset. They compared the results and determined the approach with the highest accuracy rate, presenting their findings at the 25th ACM Conference on Computer-Supported Cooperative Work and Social Computing in November.
According to Karimi, this work is especially important at a time when major social media platforms, such as Twitter, are mass-laying off employees, reducing the number of workers responsible for reviewing content that may violate the platforms’ terms of service. According to one platform’s policy, unless there is clearly abusive intent in a case of doxing, the owner of the publicly shared information or their authorized representative must contact the platform before enforcement action is taken. Private information may remain publicly available for long periods of time under this policy if the owner is unaware that it has been shared.
“While there have been some prior studies on the detection of private information in general, and some automated approaches for detecting cyberbullying are used by social media platforms, they do not distinguish self-disclosures from malicious disclosures of second- and third-parties in tweets,” he explained. “Because fewer people are now in charge of taking action on these manual user reports, adding automation can help them narrow down and prioritize the most important and sensitive reports.”