Doxing is the act of publicly revealing or publishing private information about an individual without their consent. Automatic detection of doxing can be challenging, as it often involves natural language processing and machine learning techniques to identify potentially sensitive information and determine if it was shared without consent.
Researchers have proposed various methods for detecting doxing, including natural language processing techniques to identify the personal information in text, machine learning algorithms to classify text as doxing or non-doxing, and using crowdsourcing to gather examples of doxing for training machine learning models. It’s important to note that automatic detection is not foolproof and will have some error rate.
According to researchers from Penn State’s College of Information Sciences and Technology, a new automated approach to detecting doxing – a type of cyberbullying in which certain private or personally identifiable information is publicly shared without an individual’s consent or knowledge – may help social media platforms better protect their users.
The doxing research could result in more immediate flagging and removal of sensitive personal information that has been shared without the owner’s permission. To date, the research team has only looked at Twitter, where their novel proposed approach uses machine learning to determine which tweets containing personally identifiable information are maliciously shared and which are self-disclosed.
The focus is to identify cases where people collect sensitive personal information about others and publicly disclose it as a way of scaring, defaming, threatening or silencing them. This is dangerous because once this information is posted, it can quickly be shared with many people and even go beyond Twitter.
Younes Karimi
They have identified an approach that was able to automatically detect doxing on Twitter with over 96% accuracy, which could help the platform – and eventually other social media platforms – more quickly and easily identify true cases of doxing.
“The focus is to identify cases where people collect sensitive personal information about others and publicly disclose it as a way of scaring, defaming, threatening or silencing them,” said Younes Karimi, doctoral candidate and lead author on the paper. “This is dangerous because once this information is posted, it can quickly be shared with many people and even go beyond Twitter. The person to whom the information belongs needs to be protected.”
In their work, the researchers collected and curated a dataset of nearly 180,000 tweets that were likely to contain doxed information. Using machine learning techniques, they classified the data as containing personal information tied to either an individual’s identity their social security number, or an individual’s location — their IP address and manually labeled more than 3,100 of the tweets that contained either piece of information. They then classified the data further to differentiate malicious disclosures from self-disclosures. The researchers then examined the tweets for common potential motivations behind disclosures, determining whether the intent was likely defensive or malicious, and indicating whether it could be classified as doxing.
“Not all doxing instances are necessarily malicious,” explained Karimi. “For example, a parent of a missing child might benignly share their private information with the desperate hope of finding them.”
Next, the researchers used nine different approaches based on existing natural language processing methods and models to automatically detect instances of doxing and malicious disclosures of two types of most sensitive private information, social security number, and IP address, in their collected dataset. They compared the results and identified the approach with the highest accuracy rate, presenting their findings in November at the 25th ACM Conference on Computer-Supported Cooperative Work and Social Computing.
According to Karimi, this work is especially important at a time when major social media platforms, such as Twitter, are mass-laying off employees, reducing the number of workers responsible for reviewing content that may violate the platforms’ terms of service. According to one platform’s policy, unless there is clearly abusive intent in a case of doxing, the owner of the publicly shared information or their authorized representative must contact the platform before enforcement action is taken. Private information may remain publicly available for long periods of time under this policy if the owner is unaware that it has been shared.
“While there have been some prior studies on the detection of private information in general, and some automated approaches for detecting cyberbullying are used by social media platforms, they do not distinguish self-disclosures from malicious disclosures of second- and third-parties in tweets,” he explained. “Because fewer people are now in charge of taking action on these manual user reports, adding automation can help them narrow down and prioritize the most important and sensitive reports.”
