SoK: Anatomy of Data Breaches
We systematize the knowledge on data breaches into concise step-by-step breach workflows and use them to describe the breach methods. We present the most plausible workflows for 10 famous data breaches. We use information from a variety of sources to develop our breach workflows, however, we emphasi...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Sciendo
2020-10-01
|
| Series: | Proceedings on Privacy Enhancing Technologies |
| Subjects: | |
| Online Access: | https://doi.org/10.2478/popets-2020-0067 |
| id |
doaj-b87de909a6694cf78f8ca7707667cb1c |
|---|---|
| record_format |
Article |
| spelling |
doaj-b87de909a6694cf78f8ca7707667cb1c2021-09-05T14:01:11ZengSciendoProceedings on Privacy Enhancing Technologies2299-09842020-10-012020415317410.2478/popets-2020-0067popets-2020-0067SoK: Anatomy of Data BreachesSaleem Hamza0Naveed Muhammad1University of Southern CaliforniaUniversity of Southern CaliforniaWe systematize the knowledge on data breaches into concise step-by-step breach workflows and use them to describe the breach methods. We present the most plausible workflows for 10 famous data breaches. We use information from a variety of sources to develop our breach workflows, however, we emphasize that for many data breaches, information about crucial steps was absent. We researched such steps to develop complete breach workflows; as such, our workflows provide descriptions of data breaches that were previously unavailable. For generalizability, we present a general workflow of 50 data breaches from 2015. Based on our data breach analysis, we develop requirements that organizations need to meet to thwart data breaches. We describe what requirements are met by existing security technologies and propose future research directions to thwart data breaches.https://doi.org/10.2478/popets-2020-0067data breach analysisdata privacysecurity defenses |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Saleem Hamza Naveed Muhammad |
| spellingShingle |
Saleem Hamza Naveed Muhammad SoK: Anatomy of Data Breaches Proceedings on Privacy Enhancing Technologies data breach analysis data privacy security defenses |
| author_facet |
Saleem Hamza Naveed Muhammad |
| author_sort |
Saleem Hamza |
| title |
SoK: Anatomy of Data Breaches |
| title_short |
SoK: Anatomy of Data Breaches |
| title_full |
SoK: Anatomy of Data Breaches |
| title_fullStr |
SoK: Anatomy of Data Breaches |
| title_full_unstemmed |
SoK: Anatomy of Data Breaches |
| title_sort |
sok: anatomy of data breaches |
| publisher |
Sciendo |
| series |
Proceedings on Privacy Enhancing Technologies |
| issn |
2299-0984 |
| publishDate |
2020-10-01 |
| description |
We systematize the knowledge on data breaches into concise step-by-step breach workflows and use them to describe the breach methods. We present the most plausible workflows for 10 famous data breaches. We use information from a variety of sources to develop our breach workflows, however, we emphasize that for many data breaches, information about crucial steps was absent. We researched such steps to develop complete breach workflows; as such, our workflows provide descriptions of data breaches that were previously unavailable. For generalizability, we present a general workflow of 50 data breaches from 2015. Based on our data breach analysis, we develop requirements that organizations need to meet to thwart data breaches. We describe what requirements are met by existing security technologies and propose future research directions to thwart data breaches. |
| topic |
data breach analysis data privacy security defenses |
| url |
https://doi.org/10.2478/popets-2020-0067 |
| work_keys_str_mv |
AT saleemhamza sokanatomyofdatabreaches AT naveedmuhammad sokanatomyofdatabreaches |
| _version_ |
1717810635382718464 |