КІБЕРБЕЗПЕКА РОЗУМНИХ МІСТ: СОЦІАЛЬНІ АСПЕКТИ, РИЗИКИ ДЕАНОНІМІЗАЦІЇ І ДОКСІНГУ
Array
Ключові слова:
розумне місто, деанонімізація, доксінг, персональні дані, кібербезпека, ризикиАнотація
У статті аналізується поняття та схема здійснення доксінгу, розкривається сутність деанонімізації та виявляються пов’язані з цими процесами загрози приватності і безпеці мешканців розумних міст. Пропонується комплекс заходів для захисту персональних даних, що зберігаються в інформаційних системах, які дозволять знизити ризики зламу таких даних та мінімізувати шкоду від деанонімізації та доксінгу.
Посилання
1. Deakin M., Waer H.A. (2011). From intelligent to smart cities. Intelligent Buildings International. — Taylor & Francis, Vol. 3, no. 3. P. 140–152.
2. Caird S.P., Hallett S.H. (2019). Towards evaluation design for smart city development. Journal of Urban Design. — Routledge, Vol. 24, no. 2. P. 188–209.
3. Yigitcanlar T. (2015). Smart cities: An effective urban development and management model?. Australian Planner. — Routledge, Vol. 52, no. 1. P. 27–34.
4. Bastidas V., Helfert M., Bezbradica M. (2018). A requirements framework for the design of smart city reference architectures. Proceedings of the 51st hawaii international conference on system sciences. Retrieved from https://pdfs.semanticscholar.org/b01d/7901f131540cf7f0d03041a03f5e2f8589a8.pdf
5. Boyko V., Vasilenko N. (2020). Smart city in the context of cybersecurity: Incidents, risks, threats. Municipal economy of cities. Vol. 4, no. 157. 184–191.
6. Cross M. (2013). Social media security: Leveraging social networking while mitigating risk. — Newnes, 346.
7. Pahwa N. Individuals’ rights at risk in the digital age. Digital Debates. — P. 12.
8. Dox | definition of dox by merriam-webster (2020). Retrieved from https://www.merriam-webster.com/dictionary/dox.
9. Boardman M. (2019). Doxing: An increased (and increasing) privacy risk. Retrieved from https://blogs.ischool.berkeley.edu/w231/2019/02/26/doxing-an-increased-and-increasing-privacy-risk/.
10. Peters F., Hanvey S., Veluru S., Mady A. E., Boubekeur M., Nuseibeh B. (2018). Generating privacy zones in smart cities. 2018 ieee international smart cities conference (isc2). 1–8.
11. Chang L. Y., Zhu J. (2020). Taking justice into their own hands: Predictors of netilantism among cyber citizens in hong kong. Frontiers in Psychology. — Frontiers Media SA, Vol. 11. 1–8.
12. Coleman G. (2013). Anonymous in context: The politics and power behind the mask. No 3. Retrieved from https://www.cigionline.org/sites/default/files/no3_8.pdf
13. Kerk I. van de. (2015). Data use versus privacy protection in public safety in smart cities: Master’s thesis.
Retrieved from https://dspace.library.uu.nl/handle/1874/318131
14. Rebollo-Monedero D., Bartoli A., Hernández-Serrano J., Forné J., Soriano M. (2014). Reconciling privacy and efficient utility management in smart cities // Transactions on Emerging Telecommunications Technologies. — Wiley Online Library, Vol. 25, no. 1. 94–108.
15. Popescul D., Genete L.-D. (2016). Data security in smart cities: Challenges and solutions. Informatica Economică. Vol. 20, no. 1. 29–39.
16. Howard P.N., Gulyas O. (2014). Data breaches in europe: Reported breaches of compromised personal records in europe, 2005-2014 // Available at SSRN 2554352. 22.
17. Nicola C. Almost 700 doxxing cases reported since june, majority directed at hong kong police (2020). Retrieved from https://www.scmp.com/yp/discover/news/hong-kong/article/3066122/almost-700-doxxing-cases-reported-june-majority-directed.
18. 32-year-old male technician sentenced to 2 years in prison for doxxing - dimsum daily (2020). Retrieved from https://www.dimsumdaily.hk/32-year-old-male-technician-sentenced-to-2-years-in-prison-for-doxxing/.
19. Wheatley S., Maillart T., Sornette D. (2016). The extreme risk of personal data breaches and the erosion of privacy. The European Physical Journal B. — Springer, Vol. 89, no. 1. 1–12.
20. Eling M., Wirfs J. (2019). What are the actual costs of cyber risk events?. European Journal of Operational Research. Vol. 272, no. 3. 1109–1119.
21. Qian J., Li X.-Y., Zhang C., Chen L. (2016). Deanonymizing social networks and inferring private attributes using knowledge graphs. IEEE infocom 2016-the 35th annual ieee international conference on computer communications. — IEEE, 1–9.
22. Alasdair A., Pete W. (2020). Got an iPhone or 3G iPad? Apple is recording your moves - o’Reilly radar. Retrieved from http://radar.oreilly.com/2011/04/apple-location-tracking.html.
23. Abalenkovs D., Bondarenko P., Pathapati V. K., Nordbø A., Piatkivskyi D., Rekdal J. E., Ruthven P. B. (2012). Mobile forensics: Comparison of extraction and analyzing methods of ios and android // Gjovik University College, Gjovik, Norway. Retrieved from https://www.semanticscholar.org/paper/Mobile-Forensics-%3A-Comparison-of-extraction-and-of-Abalenkovs-Bondarenko/ed402e51fdc47b5459ec804f6bdbeb05cd75d96e.
24. Beltramelli T., Risi S. (2015). Deep-spying: Spying using smartwatch and deep learning // CoRR. Vol. abs/1512.05616. Retrieved from https://www.researchgate.net/publication/287249444_Deep-Spying_Spying_using_Smartwatch_and_Deep_Learning/link/572ceb7008aee02297598033/download
25. Souza A., Pereira J., Batista T., Cavalcante E., Cacho N., Lopes F., Almeida A. (2018). A geographic-layered data middleware for smart cities. Proceedings of the 24th brazilian symposium on multimedia and the web. 411–414.
26. Mazhelis O., Hämäläinen A., Asp T., Tyrväinen P. (2016). Towards enabling privacy preserving smart city apps. 2016 ieee international smart cities conference (isc2). 1–7.
27. Strava data heat maps expose military base locations around the world (2020). Retrieved from https://www.wired.com/story/strava-heat-map-military-bases-fitness-trackers-privacy/.
28. Strava suggests military users ’opt out’ of heatmap as row deepens | technology (2020). — https://www.theguardian.com/technology/2018/jan/29/strava-secret-army-base-locations-heatmap-public-users-military-ban.
29. Why was it so easy for hackers to take down the internet – cnet (2020). — https://www.cnet.com/how-to/ddos-iot-connected-devices-easily-hacked-internet-outage-webcam-dvr/.
30. Lagnese N., Lacey Henning E. B., Kimball T., Reagan B. Lizard squad. — 2018.
31. Peeping into 73,000 unsecured security cameras via default passwords | cso online (2020). Retrieved from https://www.csoonline.com/article/2844283/peeping-into-73-000-unsecured-security-cameras-thanks-to-default-passwords.html.
32. Marketer of internet-connected home security video cameras settles ftc charges it failed to protect consumers’ privacy | federal trade commission (2020). Retrieved from https://www.ftc.gov/news-events/press-releases/2013/09/marketer-internet-connected-home-security-video-cameras-settles.
33. Beckers K. (2012). Comparing privacy requirements engineering approaches. 2012 seventh international conference on availability, reliability and security. 574–581.
34. Spiekermann S., Cranor L.F. (2009). Engineering privacy. IEEE Transactions on Software Engineering. Vol. 35, no. 1. 67–82.
35. Yang M., Yu Y., Bandara A. K., Nuseibeh B. (2014). Adaptive sharing for online social networks: A trade-off between privacy risk and social benefit. 2014 ieee 13th international conference on trust, security and privacy in computing and communications. P. 45–52.
36. Ye X., Zhu Z. (2009). Privacy compliance engineering process. 2009 second international symposium on electronic commerce and security. Vol. 1. 255–259.
37. El Masri A.A., Sousa J.P. (2009). Limiting private data exposure in online transactions: A user-based online privacy assurance model. 2009 international conference on computational science and engineering. Vol. 3. 438–443.
38. American bank systems hit by ransomware attack, full 53 gb data dump leaked - security report (2020). Retrieved from https://securityreport.com/american-bank-systems-hit-by-ransomware-attack-full-53-gb-data-dump-leaked/.
39. McCallister E., Grance T., Scarfone K.A. (2010). Sp 800-122. Guide to protecting the confidentiality of personally identifiable information (pii). — National Institute of Standards & Technology, Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-122.pdf.
40. Jutla D.N., Bodorik P. (2015). PAUSE: A privacy architecture for heterogeneous big data environments. 2015 ieee international conference on big data (big data). 1919–1928.
41. Solomon M.G., Sunderam V., Xiong L., Li M. (2016). Enabling mutually private location proximity services in smart cities: A comparative assessment. 2016 ieee international smart cities conference (isc2). 1–8.
2. Caird S.P., Hallett S.H. (2019). Towards evaluation design for smart city development. Journal of Urban Design. — Routledge, Vol. 24, no. 2. P. 188–209.
3. Yigitcanlar T. (2015). Smart cities: An effective urban development and management model?. Australian Planner. — Routledge, Vol. 52, no. 1. P. 27–34.
4. Bastidas V., Helfert M., Bezbradica M. (2018). A requirements framework for the design of smart city reference architectures. Proceedings of the 51st hawaii international conference on system sciences. Retrieved from https://pdfs.semanticscholar.org/b01d/7901f131540cf7f0d03041a03f5e2f8589a8.pdf
5. Boyko V., Vasilenko N. (2020). Smart city in the context of cybersecurity: Incidents, risks, threats. Municipal economy of cities. Vol. 4, no. 157. 184–191.
6. Cross M. (2013). Social media security: Leveraging social networking while mitigating risk. — Newnes, 346.
7. Pahwa N. Individuals’ rights at risk in the digital age. Digital Debates. — P. 12.
8. Dox | definition of dox by merriam-webster (2020). Retrieved from https://www.merriam-webster.com/dictionary/dox.
9. Boardman M. (2019). Doxing: An increased (and increasing) privacy risk. Retrieved from https://blogs.ischool.berkeley.edu/w231/2019/02/26/doxing-an-increased-and-increasing-privacy-risk/.
10. Peters F., Hanvey S., Veluru S., Mady A. E., Boubekeur M., Nuseibeh B. (2018). Generating privacy zones in smart cities. 2018 ieee international smart cities conference (isc2). 1–8.
11. Chang L. Y., Zhu J. (2020). Taking justice into their own hands: Predictors of netilantism among cyber citizens in hong kong. Frontiers in Psychology. — Frontiers Media SA, Vol. 11. 1–8.
12. Coleman G. (2013). Anonymous in context: The politics and power behind the mask. No 3. Retrieved from https://www.cigionline.org/sites/default/files/no3_8.pdf
13. Kerk I. van de. (2015). Data use versus privacy protection in public safety in smart cities: Master’s thesis.
Retrieved from https://dspace.library.uu.nl/handle/1874/318131
14. Rebollo-Monedero D., Bartoli A., Hernández-Serrano J., Forné J., Soriano M. (2014). Reconciling privacy and efficient utility management in smart cities // Transactions on Emerging Telecommunications Technologies. — Wiley Online Library, Vol. 25, no. 1. 94–108.
15. Popescul D., Genete L.-D. (2016). Data security in smart cities: Challenges and solutions. Informatica Economică. Vol. 20, no. 1. 29–39.
16. Howard P.N., Gulyas O. (2014). Data breaches in europe: Reported breaches of compromised personal records in europe, 2005-2014 // Available at SSRN 2554352. 22.
17. Nicola C. Almost 700 doxxing cases reported since june, majority directed at hong kong police (2020). Retrieved from https://www.scmp.com/yp/discover/news/hong-kong/article/3066122/almost-700-doxxing-cases-reported-june-majority-directed.
18. 32-year-old male technician sentenced to 2 years in prison for doxxing - dimsum daily (2020). Retrieved from https://www.dimsumdaily.hk/32-year-old-male-technician-sentenced-to-2-years-in-prison-for-doxxing/.
19. Wheatley S., Maillart T., Sornette D. (2016). The extreme risk of personal data breaches and the erosion of privacy. The European Physical Journal B. — Springer, Vol. 89, no. 1. 1–12.
20. Eling M., Wirfs J. (2019). What are the actual costs of cyber risk events?. European Journal of Operational Research. Vol. 272, no. 3. 1109–1119.
21. Qian J., Li X.-Y., Zhang C., Chen L. (2016). Deanonymizing social networks and inferring private attributes using knowledge graphs. IEEE infocom 2016-the 35th annual ieee international conference on computer communications. — IEEE, 1–9.
22. Alasdair A., Pete W. (2020). Got an iPhone or 3G iPad? Apple is recording your moves - o’Reilly radar. Retrieved from http://radar.oreilly.com/2011/04/apple-location-tracking.html.
23. Abalenkovs D., Bondarenko P., Pathapati V. K., Nordbø A., Piatkivskyi D., Rekdal J. E., Ruthven P. B. (2012). Mobile forensics: Comparison of extraction and analyzing methods of ios and android // Gjovik University College, Gjovik, Norway. Retrieved from https://www.semanticscholar.org/paper/Mobile-Forensics-%3A-Comparison-of-extraction-and-of-Abalenkovs-Bondarenko/ed402e51fdc47b5459ec804f6bdbeb05cd75d96e.
24. Beltramelli T., Risi S. (2015). Deep-spying: Spying using smartwatch and deep learning // CoRR. Vol. abs/1512.05616. Retrieved from https://www.researchgate.net/publication/287249444_Deep-Spying_Spying_using_Smartwatch_and_Deep_Learning/link/572ceb7008aee02297598033/download
25. Souza A., Pereira J., Batista T., Cavalcante E., Cacho N., Lopes F., Almeida A. (2018). A geographic-layered data middleware for smart cities. Proceedings of the 24th brazilian symposium on multimedia and the web. 411–414.
26. Mazhelis O., Hämäläinen A., Asp T., Tyrväinen P. (2016). Towards enabling privacy preserving smart city apps. 2016 ieee international smart cities conference (isc2). 1–7.
27. Strava data heat maps expose military base locations around the world (2020). Retrieved from https://www.wired.com/story/strava-heat-map-military-bases-fitness-trackers-privacy/.
28. Strava suggests military users ’opt out’ of heatmap as row deepens | technology (2020). — https://www.theguardian.com/technology/2018/jan/29/strava-secret-army-base-locations-heatmap-public-users-military-ban.
29. Why was it so easy for hackers to take down the internet – cnet (2020). — https://www.cnet.com/how-to/ddos-iot-connected-devices-easily-hacked-internet-outage-webcam-dvr/.
30. Lagnese N., Lacey Henning E. B., Kimball T., Reagan B. Lizard squad. — 2018.
31. Peeping into 73,000 unsecured security cameras via default passwords | cso online (2020). Retrieved from https://www.csoonline.com/article/2844283/peeping-into-73-000-unsecured-security-cameras-thanks-to-default-passwords.html.
32. Marketer of internet-connected home security video cameras settles ftc charges it failed to protect consumers’ privacy | federal trade commission (2020). Retrieved from https://www.ftc.gov/news-events/press-releases/2013/09/marketer-internet-connected-home-security-video-cameras-settles.
33. Beckers K. (2012). Comparing privacy requirements engineering approaches. 2012 seventh international conference on availability, reliability and security. 574–581.
34. Spiekermann S., Cranor L.F. (2009). Engineering privacy. IEEE Transactions on Software Engineering. Vol. 35, no. 1. 67–82.
35. Yang M., Yu Y., Bandara A. K., Nuseibeh B. (2014). Adaptive sharing for online social networks: A trade-off between privacy risk and social benefit. 2014 ieee 13th international conference on trust, security and privacy in computing and communications. P. 45–52.
36. Ye X., Zhu Z. (2009). Privacy compliance engineering process. 2009 second international symposium on electronic commerce and security. Vol. 1. 255–259.
37. El Masri A.A., Sousa J.P. (2009). Limiting private data exposure in online transactions: A user-based online privacy assurance model. 2009 international conference on computational science and engineering. Vol. 3. 438–443.
38. American bank systems hit by ransomware attack, full 53 gb data dump leaked - security report (2020). Retrieved from https://securityreport.com/american-bank-systems-hit-by-ransomware-attack-full-53-gb-data-dump-leaked/.
39. McCallister E., Grance T., Scarfone K.A. (2010). Sp 800-122. Guide to protecting the confidentiality of personally identifiable information (pii). — National Institute of Standards & Technology, Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-122.pdf.
40. Jutla D.N., Bodorik P. (2015). PAUSE: A privacy architecture for heterogeneous big data environments. 2015 ieee international conference on big data (big data). 1919–1928.
41. Solomon M.G., Sunderam V., Xiong L., Li M. (2016). Enabling mutually private location proximity services in smart cities: A comparative assessment. 2016 ieee international smart cities conference (isc2). 1–8.
##submission.downloads##
Опубліковано
2020-11-27
Як цитувати
Бойко, В., & Василенко, М. (2020). КІБЕРБЕЗПЕКА РОЗУМНИХ МІСТ: СОЦІАЛЬНІ АСПЕКТИ, РИЗИКИ ДЕАНОНІМІЗАЦІЇ І ДОКСІНГУ: Array. Комунальне господарство міст. Серія: «Економічні науки», 6(159), 186–195. вилучено із https://khges.kname.edu.ua/index.php/khges/article/view/5694
Номер
Розділ
статьи
Ліцензія
Автори, які публікуються у цьому збірнику, погоджуються з наступними умовами:
- Автори залишають за собою право на авторство своєї роботи та передають журналу право першої публікації цієї роботи на умовах ліцензії CC BY-NC-ND 4.0 (із Зазначенням Авторства – Некомерційна – Без Похідних 4.0 Міжнародна), котра дозволяє іншим особам вільно розповсюджувати опубліковану роботу з обов'язковим посиланням на авторів оригінальної роботи та першу публікацію роботи у цьому журналі.
- Автори мають право укладати самостійні додаткові угоди щодо неексклюзивного розповсюдження роботи у тому вигляді, в якому вона була опублікована цим журналом (наприклад, розміщувати роботу в електронному сховищі установи або публікувати у складі монографії), за умови збереження посилання на першу публікацію роботи у цьому журналі.
- Політика журналу дозволяє і заохочує розміщення авторами в мережі Інтернет (наприклад, у сховищах установ або на особистих веб-сайтах) рукопису роботи, як до подання цього рукопису до редакції, так і під час його редакційного опрацювання, оскільки це сприяє виникненню продуктивної наукової дискусії та позитивно позначається на оперативності та динаміці цитування опублікованої роботи (див. The Effect of Open Access).
