Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach

Fangyu Lin; Yizhi Liu; Mohammadreza Ebrahimi; Zara Ahmad-Post; James Lee Hu; Jingyu Xin; Sagar Samtani; Weifeng Li; Hsinchun Chen

doi:10.1109/ICDMW51313.2020.00072

Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach

Fangyu Lin, Yizhi Liu, Mohammadreza Ebrahimi, Zara Ahmad-Post, James Lee Hu, Jingyu Xin, Sagar Samtani, Weifeng Li, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

The information privacy of the Internet users has become a major societal concern. The rapid growth of online services increases the risk of unauthorized access to Personally Identifiable Information (PII) of at-risk populations, who are unaware of their PII exposure. To proactively identify online at-risk populations and increase their privacy awareness, it is crucial to conduct a holistic privacy risk assessment across the internet. Current privacy risk assessment studies are limited to a single platform within either the surface web or the dark web. A comprehensive privacy risk assessment requires matching exposed PII on heterogeneous online platforms across the surface web and the dark web. However, due to the incompleteness and inaccuracy of PII records in each platform, linking the exposed PII to users is a non-trivial task. While Entity Resolution (ER) techniques can be used to facilitate this task, they often require ad-hoc, manual rule development and feature engineering. Recently, Deep Learning (DL)-based ER has outperformed manual entity matching rules by automatically extracting prominent features from incomplete or inaccurate records. In this study, we enhance the existing privacy risk assessment with a DL-based ER method, namely Multi-Context Attention (MCA), to comprehensively evaluate individuals' PII exposure across the different online platforms in the dark web and surface web. Evaluation against benchmark ER models indicates the efficacy of MCA. Using MCA on a random sample of data breach victims in the dark web, we are able to identify 4.3% of the victims on the surface web platforms and calculate their privacy risk scores.

Original language	English (US)
Title of host publication	Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020
Editors	Giuseppe Di Fatta, Victor Sheng, Alfredo Cuzzocrea, Carlo Zaniolo, Xindong Wu
Publisher	IEEE Computer Society
Pages	488-495
Number of pages	8
ISBN (Electronic)	9781728190129
DOIs	https://doi.org/10.1109/ICDMW51313.2020.00072
State	Published - Nov 2020
Event	20th IEEE International Conference on Data Mining Workshops, ICDMW 2020 - Virtual, Sorrento, Italy Duration: Nov 17 2020 → Nov 20 2020

Publication series

Name	IEEE International Conference on Data Mining Workshops, ICDMW
Volume	2020-November
ISSN (Print)	2375-9232
ISSN (Electronic)	2375-9259

Conference

Conference	20th IEEE International Conference on Data Mining Workshops, ICDMW 2020
Country/Territory	Italy
City	Virtual, Sorrento
Period	11/17/20 → 11/20/20

Keywords

Dark web
Data breach
Data collection
PII
Privacy
Surface web

ASJC Scopus subject areas

Computer Science Applications
Software

Access to Document

10.1109/ICDMW51313.2020.00072

Cite this

Lin, F., Liu, Y., Ebrahimi, M., Ahmad-Post, Z., Hu, J. L., Xin, J., Samtani, S., Li, W., & Chen, H. (2020). Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach. In G. Di Fatta, V. Sheng, A. Cuzzocrea, C. Zaniolo, & X. Wu (Eds.), Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020 (pp. 488-495). Article 9346504 (IEEE International Conference on Data Mining Workshops, ICDMW; Vol. 2020-November). IEEE Computer Society. https://doi.org/10.1109/ICDMW51313.2020.00072

Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach. / Lin, Fangyu; Liu, Yizhi; Ebrahimi, Mohammadreza et al.
Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020. ed. / Giuseppe Di Fatta; Victor Sheng; Alfredo Cuzzocrea; Carlo Zaniolo; Xindong Wu. IEEE Computer Society, 2020. p. 488-495 9346504 (IEEE International Conference on Data Mining Workshops, ICDMW; Vol. 2020-November).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lin, F, Liu, Y, Ebrahimi, M, Ahmad-Post, Z, Hu, JL, Xin, J, Samtani, S, Li, W & Chen, H 2020, Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach. in G Di Fatta, V Sheng, A Cuzzocrea, C Zaniolo & X Wu (eds), Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020., 9346504, IEEE International Conference on Data Mining Workshops, ICDMW, vol. 2020-November, IEEE Computer Society, pp. 488-495, 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020, Virtual, Sorrento, Italy, 11/17/20. https://doi.org/10.1109/ICDMW51313.2020.00072

Lin F, Liu Y, Ebrahimi M, Ahmad-Post Z, Hu JL, Xin J et al. Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach. In Di Fatta G, Sheng V, Cuzzocrea A, Zaniolo C, Wu X, editors, Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020. IEEE Computer Society. 2020. p. 488-495. 9346504. (IEEE International Conference on Data Mining Workshops, ICDMW). doi: 10.1109/ICDMW51313.2020.00072

Lin, Fangyu ; Liu, Yizhi ; Ebrahimi, Mohammadreza et al. / Linking Personally Identifiable Information from the Dark Web to the Surface Web : A Deep Entity Resolution Approach. Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020. editor / Giuseppe Di Fatta ; Victor Sheng ; Alfredo Cuzzocrea ; Carlo Zaniolo ; Xindong Wu. IEEE Computer Society, 2020. pp. 488-495 (IEEE International Conference on Data Mining Workshops, ICDMW).

@inproceedings{5a3115b8bcb4437aa8643a9638db2bec,

title = "Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach",

abstract = "The information privacy of the Internet users has become a major societal concern. The rapid growth of online services increases the risk of unauthorized access to Personally Identifiable Information (PII) of at-risk populations, who are unaware of their PII exposure. To proactively identify online at-risk populations and increase their privacy awareness, it is crucial to conduct a holistic privacy risk assessment across the internet. Current privacy risk assessment studies are limited to a single platform within either the surface web or the dark web. A comprehensive privacy risk assessment requires matching exposed PII on heterogeneous online platforms across the surface web and the dark web. However, due to the incompleteness and inaccuracy of PII records in each platform, linking the exposed PII to users is a non-trivial task. While Entity Resolution (ER) techniques can be used to facilitate this task, they often require ad-hoc, manual rule development and feature engineering. Recently, Deep Learning (DL)-based ER has outperformed manual entity matching rules by automatically extracting prominent features from incomplete or inaccurate records. In this study, we enhance the existing privacy risk assessment with a DL-based ER method, namely Multi-Context Attention (MCA), to comprehensively evaluate individuals' PII exposure across the different online platforms in the dark web and surface web. Evaluation against benchmark ER models indicates the efficacy of MCA. Using MCA on a random sample of data breach victims in the dark web, we are able to identify 4.3% of the victims on the surface web platforms and calculate their privacy risk scores.",

keywords = "Dark web, Data breach, Data collection, PII, Privacy, Surface web",

author = "Fangyu Lin and Yizhi Liu and Mohammadreza Ebrahimi and Zara Ahmad-Post and Hu, {James Lee} and Jingyu Xin and Sagar Samtani and Weifeng Li and Hsinchun Chen",

note = "Funding Information: ACKNOWLEDGEMENT This material is based upon work supported by the National Science Foundation (NSF) under Secure and Trustworthy Cyberspace (grant No. 1936370), Cybersecurity Innovation for Cyber Infrastructure (grant No. 1917117), and CyberCorps Scholarship-for-Service (grant No. 1921485). Publisher Copyright: {\textcopyright} 2020 IEEE.; 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020 ; Conference date: 17-11-2020 Through 20-11-2020",

year = "2020",

month = nov,

doi = "10.1109/ICDMW51313.2020.00072",

language = "English (US)",

series = "IEEE International Conference on Data Mining Workshops, ICDMW",

publisher = "IEEE Computer Society",

pages = "488--495",

editor = "{Di Fatta}, Giuseppe and Victor Sheng and Alfredo Cuzzocrea and Carlo Zaniolo and Xindong Wu",

booktitle = "Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020",

}

TY - GEN

T1 - Linking Personally Identifiable Information from the Dark Web to the Surface Web

T2 - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020

AU - Lin, Fangyu

AU - Liu, Yizhi

AU - Ebrahimi, Mohammadreza

AU - Ahmad-Post, Zara

AU - Hu, James Lee

AU - Xin, Jingyu

AU - Samtani, Sagar

AU - Li, Weifeng

AU - Chen, Hsinchun

N1 - Funding Information: ACKNOWLEDGEMENT This material is based upon work supported by the National Science Foundation (NSF) under Secure and Trustworthy Cyberspace (grant No. 1936370), Cybersecurity Innovation for Cyber Infrastructure (grant No. 1917117), and CyberCorps Scholarship-for-Service (grant No. 1921485). Publisher Copyright: © 2020 IEEE.

PY - 2020/11

Y1 - 2020/11

N2 - The information privacy of the Internet users has become a major societal concern. The rapid growth of online services increases the risk of unauthorized access to Personally Identifiable Information (PII) of at-risk populations, who are unaware of their PII exposure. To proactively identify online at-risk populations and increase their privacy awareness, it is crucial to conduct a holistic privacy risk assessment across the internet. Current privacy risk assessment studies are limited to a single platform within either the surface web or the dark web. A comprehensive privacy risk assessment requires matching exposed PII on heterogeneous online platforms across the surface web and the dark web. However, due to the incompleteness and inaccuracy of PII records in each platform, linking the exposed PII to users is a non-trivial task. While Entity Resolution (ER) techniques can be used to facilitate this task, they often require ad-hoc, manual rule development and feature engineering. Recently, Deep Learning (DL)-based ER has outperformed manual entity matching rules by automatically extracting prominent features from incomplete or inaccurate records. In this study, we enhance the existing privacy risk assessment with a DL-based ER method, namely Multi-Context Attention (MCA), to comprehensively evaluate individuals' PII exposure across the different online platforms in the dark web and surface web. Evaluation against benchmark ER models indicates the efficacy of MCA. Using MCA on a random sample of data breach victims in the dark web, we are able to identify 4.3% of the victims on the surface web platforms and calculate their privacy risk scores.

AB - The information privacy of the Internet users has become a major societal concern. The rapid growth of online services increases the risk of unauthorized access to Personally Identifiable Information (PII) of at-risk populations, who are unaware of their PII exposure. To proactively identify online at-risk populations and increase their privacy awareness, it is crucial to conduct a holistic privacy risk assessment across the internet. Current privacy risk assessment studies are limited to a single platform within either the surface web or the dark web. A comprehensive privacy risk assessment requires matching exposed PII on heterogeneous online platforms across the surface web and the dark web. However, due to the incompleteness and inaccuracy of PII records in each platform, linking the exposed PII to users is a non-trivial task. While Entity Resolution (ER) techniques can be used to facilitate this task, they often require ad-hoc, manual rule development and feature engineering. Recently, Deep Learning (DL)-based ER has outperformed manual entity matching rules by automatically extracting prominent features from incomplete or inaccurate records. In this study, we enhance the existing privacy risk assessment with a DL-based ER method, namely Multi-Context Attention (MCA), to comprehensively evaluate individuals' PII exposure across the different online platforms in the dark web and surface web. Evaluation against benchmark ER models indicates the efficacy of MCA. Using MCA on a random sample of data breach victims in the dark web, we are able to identify 4.3% of the victims on the surface web platforms and calculate their privacy risk scores.

KW - Dark web

KW - Data breach

KW - Data collection

KW - PII

KW - Privacy

KW - Surface web

UR - http://www.scopus.com/inward/record.url?scp=85101346894&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85101346894&partnerID=8YFLogxK

U2 - 10.1109/ICDMW51313.2020.00072

DO - 10.1109/ICDMW51313.2020.00072

M3 - Conference contribution

AN - SCOPUS:85101346894

T3 - IEEE International Conference on Data Mining Workshops, ICDMW

SP - 488

EP - 495

BT - Proceedings - 20th IEEE International Conference on Data Mining Workshops, ICDMW 2020

A2 - Di Fatta, Giuseppe

A2 - Sheng, Victor

A2 - Cuzzocrea, Alfredo

A2 - Zaniolo, Carlo

A2 - Wu, Xindong

PB - IEEE Computer Society

Y2 - 17 November 2020 through 20 November 2020

ER -

Linking Personally Identifiable Information from the Dark Web to the Surface Web: A Deep Entity Resolution Approach

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this