Monday, November 13, 2017

Why people dox others --- Doxing = malicious release of personal sensitive information

Fifteen Minutes of Unwanted Fame: Detecting and Characterizing Doxing. Peter Snyder, Periwinkle Doerfler, Chris Kanich, and Damon McCoy. In Proceedings of IMC ’17 (November 1–3, 2017, London, UK). ACM, New York, 13 pages.

Abstract: Doxing is online abuse where a malicious party harms another by releasing identifying or sensitive information. Motivations for doxing include personal, competitive, and political reasons, and web users of all ages, genders and internet experience have been targeted. Existing research on doxing is primarily qualitative. This work improves our understanding of doxing by being the first to take a quantitative approach. We do so by designing and deploying a tool which can detect dox files and measure the frequency, content, targets, and effects of doxing on popular dox-posting sites. This work analyzes over 1.7 million text files posted to, and, sites frequently used to share doxes online, over a combined period of approximately thirteen weeks. Notable findings in this work include that approximately 0.3% of shared files are doxes, that online social networking accounts mentioned in these dox files are more likely to close than typical accounts, that justice and revenge are the most often cited motivations for doxing, and that dox files target males more frequently than females. We also find that recent anti-abuse efforts by social networks have reduced how frequently these doxing victims closed or restricted their accounts after being attacked. We also propose mitigation steps, such a service that can inform people when their accounts have been shared in a dox file, or law enforcement notification tools to inform authorities when individuals are at heightened risk of abuse.

We identified four general motivations for doxing. Some doxers gave a competitive motivation for attacking their victim, such as wanting to demonstrate their “superior” abilities, or demonstrating that a target claiming to be “un-doxable” was vulnerable.

Another common motivation was revenge, or the doxer attacking because of something the target had done to the doxer. Examples of revenge motivations included the doxee “stealing” a significant other from the doxer, or the doxee being an “attention whore” in an online forum or chat.

A third recurring motivation was justice, or the doxer attacking the doxee because the doxee had previously done something immoral or unfair to a third party. This is different from a revenge motivation, where the harm being “avenged” is committed against the doxer. Examples of justice-motivated doxings include targets who were alleged to have scammed other people in an online forum, or who worked with law enforcement.

A fourth motivation we observed was political, or doxing in support of a larger goal than simply targeting individuals. Examples of political doxes included de-anonymizing KKK members, suspected child-pornography trading groups, or people working in industries that the doxers considered to be abusive to animals.

No comments:

Post a Comment