Fifteen minutes of unwanted fame: Detecting and characterizing doxing

Peter Snyder, Chris Kanich, Periwinkle Doerfler, Damon McCoy

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Doxing is online abuse where a malicious party harms another by releasing identifying or sensitive information. Motivations for doxing include personal, competitive, and political reasons, and web users of all ages, genders and internet experience have been targeted. Existing research on doxing is primarily qualitative. This work improves our understanding of doxing by being the first to take a quantitative approach. We do so by designing and deploying a tool which can detect dox files and measure the frequency, content, targets, and effects of doxing on popular dox-posting sites. This work analyzes over 1.7 million text files posted to pastebin.com, 4chan.org and 8ch.net, sites frequently used to share doxes online, over a combined period of approximately thirteen weeks. Notable findings in this work include that approximately 0.3% of shared files are doxes, that online social networking accounts mentioned in these dox files are more likely to close than typical accounts, that justice and revenge are the most often cited motivations for doxing, and that dox files target males more frequently than females. We also find that recent anti-abuse efforts by social networks have reduced how frequently these doxing victims closed or restricted their accounts after being attacked. We also propose mitigation steps, such a service that can inform people when their accounts have been shared in a dox file, or law enforcement notification tools to inform authorities when individuals are at heightened risk of abuse.

    Original languageEnglish (US)
    Title of host publicationIMC 2017 - Proceedings of the 2017 Internet Measurement Conference
    PublisherAssociation for Computing Machinery
    Pages432-444
    Number of pages13
    ISBN (Electronic)9781450351188
    DOIs
    StatePublished - Nov 1 2017
    Event2017 ACM Internet Measurement Conference, IMC 2017 - London, United Kingdom
    Duration: Nov 1 2017Nov 3 2017

    Publication series

    NameProceedings of the ACM SIGCOMM Internet Measurement Conference, IMC
    VolumePart F131937

    Other

    Other2017 ACM Internet Measurement Conference, IMC 2017
    CountryUnited Kingdom
    CityLondon
    Period11/1/1711/3/17

    Keywords

    • Doxing
    • Identity theft
    • Online abuse

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    Fingerprint Dive into the research topics of 'Fifteen minutes of unwanted fame: Detecting and characterizing doxing'. Together they form a unique fingerprint.

  • Cite this

    Snyder, P., Kanich, C., Doerfler, P., & McCoy, D. (2017). Fifteen minutes of unwanted fame: Detecting and characterizing doxing. In IMC 2017 - Proceedings of the 2017 Internet Measurement Conference (pp. 432-444). (Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC; Vol. Part F131937). Association for Computing Machinery. https://doi.org/10.1145/3131365.3131385