New research explores the practice of “doxing” — the collecting and publishing of sensitive information online with the purpose of harming others.
Researchers at the New York University (NYU) Tandon School of Engineering and the University of Illinois at Chicago (UIC) say the low-tech, high-harm form of online harassment is a method to exact revenge, seek justice, or intimidate victims.
In the first of a kind study, the researchers created a custom text classifier that allowed them to identify and analyze “dox” files, which often include highly identifying personal information, including links to social media accounts.
The study revealed that doxing, an abbreviation of the word “documents,” exacts a significant toll on victims, who are far likelier than others to close or increase the privacy settings of social media accounts following an attack.
However, new abuse filters deployed on Facebook and Instagram appear to be effective in making victims feel safer.
The primary motivations for doxing are revenge and justice, with competition and politics far behind, at just over one percent each of the reasons discerned by the study.
“This study adds significantly to our understanding of this deeply damaging form of online abuse,” said Dr. Damon McCoy, an assistant professor of computer science and engineering at NYU Tandon.
“The ability to detect doxing and identify the primary motivations for these attacks is key to helping Internet service providers, law enforcement, and social media networks better protect users from harassment.”
The research team also includes Peter Snyder, a doctoral student in computer science, and Dr. Chris Kanich, an assistant professor of computer science, both from UIC; and Periwinkle Doerfler, a doctoral candidate at NYU Tandon.
Their paper was recently presented at the Internet Measurement Conference in London.
The team focused on several websites well known for hosting doxed files and captured more than 1.7 million text files shared on those sites over two six to seven week periods.
Using their custom text classifier, the researchers identified and analyzed more than 5,500 files associated with doxing.
According to the study, 32 percent of doxing victims closed or changed the privacy settings on their Instagram account, and 25 percent adjusted the settings on a Facebook account after an attack.
But Facebook and Instagram serendipitously debuted new abuse filters to curb online harassment during the study’s data collection period, and they were apparently effective. Just 10 percent of doxing victims altered their Instagram account once anti-abuse measures were in place, and three percent changed their settings on Facebook.
“This is an indicator that these filters can help mitigate some of the harmful impacts of doxing,” Snyder said. However, he noted that much of the doxing occurs on field-specific sites that cater to the hacker or gaming communities, where reputations can be damaged among valued peers.
More than 90 percent of the doxed files included the victim’s address, 61 percent included a phone number, and 53 percent included an email address.
Forty percent of victims’ online user names were made public, and the same percentage revealed a victim’s IP address.
While less common, sensitive information such as credit card numbers (4.3 percent), Social Security numbers (2.6 percent), or other financial information (8.8 percent) was also revealed.
“Most of what we know about doxing thus far has been anecdotal and based on a small number of high-profile cases,” said Snyder.
“It’s our hope that by bringing a quantitative approach to this phenomenon, we can provide a fuller understanding of doxing and inform efforts to reduce the damage.”
Source: New York University