ResearchSpace

Pro-active data breach detection: examining accuracy and applicability on personal information detected

Show simple item record

dc.contributor.author Botha, J
dc.contributor.author Eloff, MM
dc.contributor.author Swart, I
dc.date.accessioned 2017-02-03T08:34:42Z
dc.date.available 2017-02-03T08:34:42Z
dc.date.issued 2016-03
dc.identifier.citation Botha, J., Eloff, M.M. and Swart, I. 2016. Pro-active data breach detection: examining accuracy and applicability on personal information detected. In: 11th International Conference on Cyber Warfare and Security: ICCWS2016, 17-18 March 2016, Boston USA en_US
dc.identifier.uri https://www.researchgate.net/publication/301295098_Pro-active_Data_Breach_Detection_Examining_Accuracy_and_Applicability_on_Personal_Information_Detected
dc.identifier.uri http://hdl.handle.net/10204/8926
dc.description 11th International Conference on Cyber Warfare and Security: ICCWS2016, 17-18 March 2016, Boston USA. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, please consult the publisher's website. en_US
dc.description.abstract Data breaches remain a common occurrence affecting both companies and individuals alike, despite promulgated data protection legislation worldwide. It is unlikely that factors causing data breaches such as incorrect device configuration or negligence will stop unless effective enforcement of relevant legislation is applied. While several information privacy regulators exist, the dominant norm is to respond reactively on reported incidents. Reactive response is useful for cleaning up detected breaches but does not provide a clear indication of the level of personal information available on the internet since only reported incidents are taken into account. The possibility of pro-active automated breach detection has previously been discussed as a capability augmentation for existing privacy regulators. By pro-actively detecting leaked information, detection times can potentially be reduced to limit the exposure time of Personal Identifiable Information (PII) on publicly accessible networks. At present the average time for data breach detection is in excess of three months internationally and breach discovery it most often not by the data owner but an external third party increasing exposure of leaked information. The duration of time that data is exposed on the internet has severe negative implications since a significant portion of information disclosed in data breaches have been proven to be used for cybercrime activities. It could then be argued that any reduction of data breach exposure time should directly reduce the opportunity for associated cyber-crime. While proactive breach detection has been proven as potentially viable in previous work, numerous aspects of such a system remain in question. Aspects such as legality, detection accuracy and communication with affected parties and alignment with privacy regulator operating procedures are all unexplored. The research presented in this paper considers the results obtained from two iterations of such an experimental system that was conducted on the South African .co.za domain. The first iteration conducted in early 2014 was used as a baseline for the second iteration that was conducted one year later in 2015. While the experiment was conducted on the South African cyber domain, the concepts are applicable to the international environment. en_US
dc.language.iso en en_US
dc.relation.ispartofseries Wokflow;17642
dc.subject Data Breach en_US
dc.subject Privacy en_US
dc.subject Legislation en_US
dc.subject Personal Identifiable Information en_US
dc.subject Protection of Personal Information Act en_US
dc.subject Pro-active security en_US
dc.title Pro-active data breach detection: examining accuracy and applicability on personal information detected en_US
dc.type Conference Presentation en_US
dc.identifier.apacitation Botha, J., Eloff, M., & Swart, I. (2016). Pro-active data breach detection: examining accuracy and applicability on personal information detected. http://hdl.handle.net/10204/8926 en_ZA
dc.identifier.chicagocitation Botha, J, MM Eloff, and I Swart. "Pro-active data breach detection: examining accuracy and applicability on personal information detected." (2016): http://hdl.handle.net/10204/8926 en_ZA
dc.identifier.vancouvercitation Botha J, Eloff M, Swart I, Pro-active data breach detection: examining accuracy and applicability on personal information detected; 2016. http://hdl.handle.net/10204/8926 . en_ZA
dc.identifier.ris TY - Conference Presentation AU - Botha, J AU - Eloff, MM AU - Swart, I AB - Data breaches remain a common occurrence affecting both companies and individuals alike, despite promulgated data protection legislation worldwide. It is unlikely that factors causing data breaches such as incorrect device configuration or negligence will stop unless effective enforcement of relevant legislation is applied. While several information privacy regulators exist, the dominant norm is to respond reactively on reported incidents. Reactive response is useful for cleaning up detected breaches but does not provide a clear indication of the level of personal information available on the internet since only reported incidents are taken into account. The possibility of pro-active automated breach detection has previously been discussed as a capability augmentation for existing privacy regulators. By pro-actively detecting leaked information, detection times can potentially be reduced to limit the exposure time of Personal Identifiable Information (PII) on publicly accessible networks. At present the average time for data breach detection is in excess of three months internationally and breach discovery it most often not by the data owner but an external third party increasing exposure of leaked information. The duration of time that data is exposed on the internet has severe negative implications since a significant portion of information disclosed in data breaches have been proven to be used for cybercrime activities. It could then be argued that any reduction of data breach exposure time should directly reduce the opportunity for associated cyber-crime. While proactive breach detection has been proven as potentially viable in previous work, numerous aspects of such a system remain in question. Aspects such as legality, detection accuracy and communication with affected parties and alignment with privacy regulator operating procedures are all unexplored. The research presented in this paper considers the results obtained from two iterations of such an experimental system that was conducted on the South African .co.za domain. The first iteration conducted in early 2014 was used as a baseline for the second iteration that was conducted one year later in 2015. While the experiment was conducted on the South African cyber domain, the concepts are applicable to the international environment. DA - 2016-03 DB - ResearchSpace DP - CSIR KW - Data Breach KW - Privacy KW - Legislation KW - Personal Identifiable Information KW - Protection of Personal Information Act KW - Pro-active security LK - https://researchspace.csir.co.za PY - 2016 T1 - Pro-active data breach detection: examining accuracy and applicability on personal information detected TI - Pro-active data breach detection: examining accuracy and applicability on personal information detected UR - http://hdl.handle.net/10204/8926 ER - en_ZA


Files in this item

This item appears in the following Collection(s)

Show simple item record