Ministry of Science and Higher Education of the Russian Federation

FEDERAL STATE AUTONOMOUS EDUCATIONAL INSTITUTION OF HIGHER EDUCATION

National Research University ITMO

(University ITMO)

Faculty Secure Information Technologies

Educational program Информационная безопасность / Information Security

Field of study (specialty)10.04.01 – Information Security

REPORT
of the research work
Name of the topic: The development of the covert transmission of confidential data alert system

Student: Nevesenko Vitaly Nicolaevich, N4155c

Agreed:
Thesis supervisor: Zakoldaev Daniil Anatolyevich, ITMO University, Dean of FSIT
Responsible for the research work: Korzhuk Victoriya Michailovna, ITMO University, assistant
professor

Research work completed with a grade ____

Date ____

Saint Petersburg
2022
 CONTENT
INTRODUCTION .......................................................................................................................... 3
THE REVIEW AND ANALYSIS OF THE SUBJECT AREA ......................................... 5
1. BALANCING TARGETED DELIVERY OF CONTENT AND PERSONAL
FREEDOM IN THE DIGITAL ON-LINE VIDEO MARKETING LANDSCAPE ..... 5
2. THE END OF MARKETING AS YOU KNOW IT. OR NOT! .................................... 7
3. SECURITY AND PRIVACY DATA PROTECTION METHODS FOR ONLINE
SOCIAL NETWORKS IN THE ERA OF BIG DATA ........................................................ 8
THE RELEVANCE OF THE WORK .................................................................................... 12
CONCLUSION ............................................................................................................................. 13

2
 INTRODUCTION
Nowadays digital marketing is improved enormously. A great number of
personal data is collected and stored in order to show only relevant adverts to the
User. Currently, there are two types of advertising on the Internet are available:
targeted and contextual.
For example, it is very common for a User to perform a search in any subject,
from travelling to choosing a gift, and after a while he starts seeing a number of
advertisements, containing the query he is interested in. The mechanism of contextual
advertising is based on the collection and analysis by the browser of information in
anonymized form, entered by the User from the keyboard and a selection of relevant
advertisements.
It is obvious that advertising goods and services on the Internet is beneficial for
both sellers and those who advertise goods and services. Based on this, the owners of
Internet sites are interested in the algorithms for issuing advertising to be the most
effective in terms of conversion.
For example, according to a WARC study [1], in 2020, the number of branded
ads on the «Tik-Tok» online platform increased by 95%, and the number of people
actively creating content increased by 398%. These statistics are shown in Figure 1:

Figure 1 - Statistics on the number of influencers on popular Internet sites for 2020
year

3
 Unfortunately, until recently there was no clear distinction between what
personal data is allowed to be collected and what is not. Obviously, in the hands of
intruders, the personal data of Users can have devastating consequences. However,
corporations often collected unnecessarily large amounts of personal data.
For example, in a report [2] on the collection of personal data by the «Tik-
Tok» client application, it is stated that the application collects critical information
about the user, including the hardware characteristics of his device, IP addresses,
home network data, and information about superuser rights. It was also noticed that
the application can fix the current location of the User with an interval of 30 seconds.
Despite the fact that there is legal regulation in the world regarding the
collection of personal data, and it works most of all in Europe, thanks to the GDPR, it
is noticeable that the legislation is not always observed by global corporations.
The factors listed above make it possible to determine the relevance of this
work, which consists in the absence of an effective mechanism for monitoring and
complying with legislation in the field of personal data collection.
The main purpose of the research work is a more detailed study of the subject
area and the development of a theoretical basis for further research in the course of
the master's thesis.
To achieve this goal, a number of tasks have been formulated:
• To formulate the purpose and objectives of the study.
• To conduct a review and analysis of the subject area.
• To determine the specific vector of the master's thesis.
The object of study: personal data of users collected by IT corporations.
The subject of study: Quantity, criteria, criticality of the collected personal
data, compliance with legal norms in this area.

4
 THE REVIEW AND ANALYSIS OF THE SUBJECT AREA
To solve the problems posed above, it is necessary to analyze the subject area.
This includes searching for articles that occur in their entirety during the analysis. In
total, three main articles were found that describe current situation in following
directions:
1) Privacy of personal data in the era of digitalization.
2) How the GDPR impacts the mechanisms collecting privacy data by IT
corporations.
3) Data protection mechanisms in social networks.
In this paragraph, a detailed analysis of articles based on the subject area, their
essence, as well as the connection with the field of information security is performed.

1. BALANCING TARGETED DELIVERY OF CONTENT AND

PERSONAL FREEDOM IN THE DIGITAL ON-LINE VIDEO MARKETING
LANDSCAPE [3]
1.1 Analysis of the article title
The title describes ways of finding the balance between receiving a content,
according to the User’s interests and his own privacy. The main idea of the article is
related to cybersecurity and especially privacy protection in the sphere of marketing.

1.2 Analysis of authors and affiliations

Kenneth Revett – Senior Data Scientist at Gateless, Inc since 2020.
Computational Neuroscientist focusing on designing and developing applications that
utilize affective inputs such as emotions, pupillometry, for neuropsychological
investigations, HCI, BCI, Robotics, Recommender Systems, and novel Biometric
solutions. He has published over 170 scientific papers (and 3 books) on a variety of
topics ranging from basic data classification techniques to deploying real world
neuropsychological applications for the sentiment analysis, locked in subjects (BCI),
and user specific biometric person identification solutions.

Sérgio Tenreiro de Magalhães - Associate Professor & Department Chair

(Cybersecurity) at Champlain College. He is a developer, researcher, and academic
leader, in the fields of Cybersecurity, Digital Forensics, Software Development,
Project Management, and Data Science.

Maria Jose Magalhães – Professor, University of Porto. There is no more

information about her.
Hamid Jahankhani - Head of Doctoral Studies, Faculty of Social Sciences, Law
and Technology, Department of Digital Technology and Computing, GSM, London,
5
London, UK. He is specialised in cyber-crime, Global e-Security, computer forensics
investigations, information security

1.3 Analysis of abstract and keywords

Keywords: Cookie data, Digital marketing, DMP, Internet security, On-line
video delivery, Malvertising, Real-time bidding.

In the abstract, the authors define the actuality of their research, describing the
basic principles of targeted marketing and its impact on users, their feeling of self-
security and their privacy. As we can see, the keywords and abstract are related to the
topic of our research and information security, in particular.

1.4 Analysis of introduction and references

In the introduction the authors describe the current statistics in the sphere of
Internet and targeted marketing, slowly defining the scope of their research, which is
focused on the on-line video marketing domain, giving a brief description of the
scope. In the next step, authors provide a statistic, made by IAB group, describing the
amount of money, spent on digital marketing.

The subtitle 1.1 is describing the main factors that are used in targeted
marketing strategy planning. After that, authors write down, where and when the
required information is collected.
The last part of introduction is written to define the user’s and author’s
personal emotional experience of the targeted ads, and how they resist it. After that
there are several statistics, describing the number of blocked ads in 2017, is listed.
What is more, authors wrote down a top of browser extensions that provide better
service in blocking advertising content.

Considering the references, they include statistics, discussed previously and

also provide more detailed info about several vital definitions of this research. What
is more, the references cover a wide amount of information, hinting at globality of
this research.

1.5 Analysis of conclusion

To sum up, the authors defined the basic mechanisms in digital marketing, if
we consider the technical implementation, discussing its risks and vulnerabilities. The
authors also remind, that IT industry should face these challenges, and more
solutions, aimed to the complex solving of this problem should be developed.

6
 2. THE END OF MARKETING AS YOU KNOW IT. OR NOT! [4]
2.1 Analysis of the article title
The title describes the possible future of marketing in modern society,
providing a reader with a main question if the traditional methods of marketing are
useful no more or not. The main idea of the article is related to cybersecurity,
describing the GDPR impact on marketing.

In my opinion, this article is useful for defining a legal background for the
future research.

2.2 Analysis of authors and affiliations

Dorin C. Coita - University teacher at the University of Oradea. Since 2009
associate professor. Elected representative in the Council of the Faculty of Economic
Sciences and in the Council of the Department Marketing Management, University of
Oradea.

Adela Laura Popa - University of Oradea. Author of 39 articles, mainly related

to the cybersecurity.
Tarcza Teodora - University of Oradea, Department of Management,
Marketing. PhD Marketing. Tarcza does research in Agricultural Economics and
Marketing. Their current project is 'Traditional Romanian Food Products Consumer
Behaviour'.
Naiana N. Ţarcă – Works in University of Oradea, the author of more than 20
articles, mainly related to the computer science.
Dinu V. Sasu - Lector Ph. at University of Oradea. His articles are related to
the marketing in the digital era.

Remus Rosca - Network Engineer at Infosys. There is no more information

about this person.
2.3 Analysis of abstract and keywords
Keywords: General data protection regulation, GDPR, Marketing, Personal
data.

In the abstract, the authors define the main idea of the research, which is
related to the discussion of effects on marketing, that can be caused by the GDPR
implementation. Considering the keywords, they are strongly related as to the field of
information security, as to the field of marketing, which is correlate with our research
question.

7
 2.4 Analysis of introduction and references
In the introduction the authors describe the GDPR: when and how it was
developed, what legal field it covers and its purposes.

The authors also analyze how GDPR affects the business, describing the main
criteria of the company, which must obey GDPR rules, and what this means to the
corporations in terms of consequences.

Considering the references, they include the full text of GDPR, statistics,
providing the opinion of the corporations CEO and also provide a number of articles,
related to the positive and negative effects of GDPR. However, the references mostly
cover only an information, related to the GDPR and its affection on marketing.

2.5 Analysis of conclusion

To sum up, the authors investigated the GDPR itself and its effects on the
global marketing and, particularly, on business community. The authors also give an
answer, that was set in the title, and encourage the reader for future research, that
cannot be covered just by one article.

3. SECURITY AND PRIVACY DATA PROTECTION METHODS FOR

ONLINE SOCIAL NETWORKS IN THE ERA OF BIG DATA [5]
3.1 Analysis of the article title
The title describes the methods of Information security in social networks,
related to the personal data. The main idea of this title is strongly related to the
cybersecurity, and especially, to our research question.
3.2 Analysis of authors and affiliations
Lei ma - Telecommunication Engineering Institute, Beijing Polytechnic,
Beijing, China. An author of more than 20 articles, related to the IT, cybersecurity,
and machine learning.

Ying-jian Kang - Telecommunication Engineering Institute, Beijing

Polytechnic, Beijing, China. The articles, written by him, are strongly related to the
Network security.

3.3 Analysis of abstract and keywords

Keywords: Big data era, Online social, Network security, Private data,
Protection scheme.

In the abstract, authors define several risks and challenges for information
security in field of person data in the era of big data that is connected with social
networks. The authors also give a short description of their research, helping to
understand it deeper. Considering the keywords, they relate to cybersecurity in terms
of Web and Big data protection, which is correlate with our research question.
8
 3.4 Analysis of introduction and references
In the introduction the authors describe shortly the methods of privacy
protection in modern social networks. In the next paragraph they enter a reader into a
problem of privacy protection in social networks, defining a number of risks and
vulnerabilities of privacy protection, giving several examples provided as reports.

The last paragraph is about a summary information and a future challenges

definition for privacy protection systems in social networks.
Considering the references, they include references to examples, stated
previously, and also other articles that contain information about privacy protection
and information security in various spheres.

In my opinion, these references state that the research is global and multi-
vector.

3.5 Object models, object, and subject of research analysis

The authors decided to use a model of network security and privacy data
architecture in the era of big data, which is represented in picture 1.

Picture 1 - model of network security and privacy data architecture in the era of
big data

As it is shown in picture 1, there is a connection center, which communicates

with RAM storage and Database storage, receiving personal data of users, described
as identifiers (main and auxiliary).

9
 The object of the research is personal data protection systems in social
networks.

The subject of the research is the effectiveness of personal data protection by

these systems.
3.6 Analysis of research methods
According to the analysis of the article, the authors use the experimental
method of research as they develop a modified algorithm of private data protection.
After that they build a solution according to the algorithm, doing experiments aimed
to approve its effectivity.

The authors are developing a modern solution, that will be able to deal with
disadvantages of the traditional method of private data protection. They describe
traditional method as the combination of the perturbation method and s-spectrum
switch method. This algorithm can achieve anonymity and diversification, but it
cannot meet the setting problem of different users for different online social network
security privacy data attributes.

This algorithm is not also effective because the stated methods are too simple
and also restricted by spectrum radius is deceptive.
Considering the methods of solving the problem, the solution is based on the
combination of personalized anonymity model and k-anonymity model, that is, fine-
grained attribute anonymity algorithm. The method used is the combination of
concealment and generalization in data mining.

3.7 Method of proving the obtained result analysis

The developed solution was tested on the online social network security
privacy data set produced in the era of big data, which was downloaded from CASAS
(Center for Advanced Studies in Adaptive Systems) as sample data for clustering
analysis to generate FDR parameters, as well as learning samples.
After the experimenting and comparison with the traditional model we can see
that the delay value of privacy data protection method in the era of big data is lower.
Without considering the delay, it is obvious that the energy consumption of online
social network security privacy data protection method is the smallest in the era of
big data. For each privacy data protection delay is the same, the online social network
security privacy data protection method is shorter than the traditional privacy data
protection method in the era of big data.

3.8 Analysis of conclusion

To sum up, the authors proposed a secure privacy data protection method for
online social networks in the era of big data. They suggested a model, provided
reader with a detailed information about each step of its implementation and also

10
measured its effectivity through experimental comparison and analysis with
traditional method of personal data protection.

To sum up, each of the analyzed article require the problem and topic of my
future research. Every article is global, written by highly qualified authors. However,
if the first and second article are more like an overview, the last one has a practical
solution. What is more, it can be useful in terms of methods of the problem solving.

11
 THE RELEVANCE OF THE WORK
Based on the above sections, the following security flaws can be formulated
regarding the processing of personal data of Users, in particular, social networks:

1. A huge number of companies collect an excessive amount of personal

data, there is no systematization.
2. Regulatory laws are currently insufficient, and their requirements are not
always fully observed.
3. The user cannot be sure that his personal data is not being abused.

The main factors causing these shortcomings are insufficient regulation in the field of
personal data processing, the lack of a unified standardization, as well as the inability
for an ordinary User to verify compliance with these laws. So, for example, although
the GDPR is recognized as effective regarding the processing of personal data in the
digital world, it applies only to citizens of the European Union, and globally does not
solve the problem of secure processing of personal data.

12
 CONCLUSION
To sum up the whole work, the research, related to the studying the subject
area, discussed previously, was performed.

In the first chapter, three articles, related to the main directions of the subject
area were analyzed, setting up their main idea and connection to the information
security, which will help in further research.

In the second chapter, the relevance of the work was defined, with the consider
of main factors, related to the personal data processing, remaining unsolved.

The performed work shows that the subject area was studied in detail, forming
a basis, needed for the further research while writing master’s work.

13
 LIST OF REFERENCES
1. TikTok influencer posts doubled in first half of 2020 [Digital resource] //
Rob Clapp – 2020. Access form:https://www.warc.com/content/paywall/article/warc-
datapoints/tiktok-influencer-posts-doubled-in-first-half-of-2020/134952 (Date of
inspection - 17.01.2022)
2. Popular iPhone and iPad Apps Snooping on the Pasteboard [Digital
resource] // Mysk – 2020. Access form: https://www.mysk.blog/2020/03/10/popular-
iphone-and-ipad-apps-snooping-on-the-pasteboard/ (Date of inspection - 17.01.2022)

3. Kenneth Revett, Sérgio Tenreiro de Magalhães, Maria Jose Magalhães,

and H. Jahankhani. (2016). Balancing Targeted Delivery of Content and Personal
Freedom in the Digital On-line Video Marketing Landscape. 10.1007/978-3-319-
51064-4_8.

4. Dorin C. Coita, Adela L. Popa, Teodora M. Tarcza, Naiana N. Ţarcă,

Dinu V. Sasu, Remus Roşca. (2019). The End of Marketing as You Know It. Or Not!
Strategic Innovative Marketing and Tourism. 10.1007/978-3-030-12453-3_46.
5. Lei Ma, Ying-jian Kang. (2021). Security and Privacy Data Protection
Methods for Online Social Networks in the Era of Big Data. International Conference
on Multimedia Technology and Enhanced Learning. 10.1007/978-3-030-51103-6_5

14