Professional Documents
Culture Documents
REPORT
of the research work
Name of the topic: The development of the covert transmission of confidential data alert system
Agreed:
Thesis supervisor: Zakoldaev Daniil Anatolyevich, ITMO University, Dean of FSIT
Responsible for the research work: Korzhuk Victoriya Michailovna, ITMO University, assistant
professor
Date ____
Saint Petersburg
2022
CONTENT
INTRODUCTION .......................................................................................................................... 3
THE REVIEW AND ANALYSIS OF THE SUBJECT AREA ......................................... 5
1. BALANCING TARGETED DELIVERY OF CONTENT AND PERSONAL
FREEDOM IN THE DIGITAL ON-LINE VIDEO MARKETING LANDSCAPE ..... 5
2. THE END OF MARKETING AS YOU KNOW IT. OR NOT! .................................... 7
3. SECURITY AND PRIVACY DATA PROTECTION METHODS FOR ONLINE
SOCIAL NETWORKS IN THE ERA OF BIG DATA ........................................................ 8
THE RELEVANCE OF THE WORK .................................................................................... 12
CONCLUSION ............................................................................................................................. 13
2
INTRODUCTION
Nowadays digital marketing is improved enormously. A great number of
personal data is collected and stored in order to show only relevant adverts to the
User. Currently, there are two types of advertising on the Internet are available:
targeted and contextual.
For example, it is very common for a User to perform a search in any subject,
from travelling to choosing a gift, and after a while he starts seeing a number of
advertisements, containing the query he is interested in. The mechanism of contextual
advertising is based on the collection and analysis by the browser of information in
anonymized form, entered by the User from the keyboard and a selection of relevant
advertisements.
It is obvious that advertising goods and services on the Internet is beneficial for
both sellers and those who advertise goods and services. Based on this, the owners of
Internet sites are interested in the algorithms for issuing advertising to be the most
effective in terms of conversion.
For example, according to a WARC study [1], in 2020, the number of branded
ads on the «Tik-Tok» online platform increased by 95%, and the number of people
actively creating content increased by 398%. These statistics are shown in Figure 1:
Figure 1 - Statistics on the number of influencers on popular Internet sites for 2020
year
3
Unfortunately, until recently there was no clear distinction between what
personal data is allowed to be collected and what is not. Obviously, in the hands of
intruders, the personal data of Users can have devastating consequences. However,
corporations often collected unnecessarily large amounts of personal data.
For example, in a report [2] on the collection of personal data by the «Tik-
Tok» client application, it is stated that the application collects critical information
about the user, including the hardware characteristics of his device, IP addresses,
home network data, and information about superuser rights. It was also noticed that
the application can fix the current location of the User with an interval of 30 seconds.
Despite the fact that there is legal regulation in the world regarding the
collection of personal data, and it works most of all in Europe, thanks to the GDPR, it
is noticeable that the legislation is not always observed by global corporations.
The factors listed above make it possible to determine the relevance of this
work, which consists in the absence of an effective mechanism for monitoring and
complying with legislation in the field of personal data collection.
The main purpose of the research work is a more detailed study of the subject
area and the development of a theoretical basis for further research in the course of
the master's thesis.
To achieve this goal, a number of tasks have been formulated:
• To formulate the purpose and objectives of the study.
• To conduct a review and analysis of the subject area.
• To determine the specific vector of the master's thesis.
The object of study: personal data of users collected by IT corporations.
The subject of study: Quantity, criteria, criticality of the collected personal
data, compliance with legal norms in this area.
4
THE REVIEW AND ANALYSIS OF THE SUBJECT AREA
To solve the problems posed above, it is necessary to analyze the subject area.
This includes searching for articles that occur in their entirety during the analysis. In
total, three main articles were found that describe current situation in following
directions:
1) Privacy of personal data in the era of digitalization.
2) How the GDPR impacts the mechanisms collecting privacy data by IT
corporations.
3) Data protection mechanisms in social networks.
In this paragraph, a detailed analysis of articles based on the subject area, their
essence, as well as the connection with the field of information security is performed.
In the abstract, the authors define the actuality of their research, describing the
basic principles of targeted marketing and its impact on users, their feeling of self-
security and their privacy. As we can see, the keywords and abstract are related to the
topic of our research and information security, in particular.
The subtitle 1.1 is describing the main factors that are used in targeted
marketing strategy planning. After that, authors write down, where and when the
required information is collected.
The last part of introduction is written to define the user’s and author’s
personal emotional experience of the targeted ads, and how they resist it. After that
there are several statistics, describing the number of blocked ads in 2017, is listed.
What is more, authors wrote down a top of browser extensions that provide better
service in blocking advertising content.
6
2. THE END OF MARKETING AS YOU KNOW IT. OR NOT! [4]
2.1 Analysis of the article title
The title describes the possible future of marketing in modern society,
providing a reader with a main question if the traditional methods of marketing are
useful no more or not. The main idea of the article is related to cybersecurity,
describing the GDPR impact on marketing.
In my opinion, this article is useful for defining a legal background for the
future research.
In the abstract, the authors define the main idea of the research, which is
related to the discussion of effects on marketing, that can be caused by the GDPR
implementation. Considering the keywords, they are strongly related as to the field of
information security, as to the field of marketing, which is correlate with our research
question.
7
2.4 Analysis of introduction and references
In the introduction the authors describe the GDPR: when and how it was
developed, what legal field it covers and its purposes.
The authors also analyze how GDPR affects the business, describing the main
criteria of the company, which must obey GDPR rules, and what this means to the
corporations in terms of consequences.
Considering the references, they include the full text of GDPR, statistics,
providing the opinion of the corporations CEO and also provide a number of articles,
related to the positive and negative effects of GDPR. However, the references mostly
cover only an information, related to the GDPR and its affection on marketing.
In the abstract, authors define several risks and challenges for information
security in field of person data in the era of big data that is connected with social
networks. The authors also give a short description of their research, helping to
understand it deeper. Considering the keywords, they relate to cybersecurity in terms
of Web and Big data protection, which is correlate with our research question.
8
3.4 Analysis of introduction and references
In the introduction the authors describe shortly the methods of privacy
protection in modern social networks. In the next paragraph they enter a reader into a
problem of privacy protection in social networks, defining a number of risks and
vulnerabilities of privacy protection, giving several examples provided as reports.
In my opinion, these references state that the research is global and multi-
vector.
Picture 1 - model of network security and privacy data architecture in the era of
big data
9
The object of the research is personal data protection systems in social
networks.
The authors are developing a modern solution, that will be able to deal with
disadvantages of the traditional method of private data protection. They describe
traditional method as the combination of the perturbation method and s-spectrum
switch method. This algorithm can achieve anonymity and diversification, but it
cannot meet the setting problem of different users for different online social network
security privacy data attributes.
This algorithm is not also effective because the stated methods are too simple
and also restricted by spectrum radius is deceptive.
Considering the methods of solving the problem, the solution is based on the
combination of personalized anonymity model and k-anonymity model, that is, fine-
grained attribute anonymity algorithm. The method used is the combination of
concealment and generalization in data mining.
10
measured its effectivity through experimental comparison and analysis with
traditional method of personal data protection.
To sum up, each of the analyzed article require the problem and topic of my
future research. Every article is global, written by highly qualified authors. However,
if the first and second article are more like an overview, the last one has a practical
solution. What is more, it can be useful in terms of methods of the problem solving.
11
THE RELEVANCE OF THE WORK
Based on the above sections, the following security flaws can be formulated
regarding the processing of personal data of Users, in particular, social networks:
The main factors causing these shortcomings are insufficient regulation in the field of
personal data processing, the lack of a unified standardization, as well as the inability
for an ordinary User to verify compliance with these laws. So, for example, although
the GDPR is recognized as effective regarding the processing of personal data in the
digital world, it applies only to citizens of the European Union, and globally does not
solve the problem of secure processing of personal data.
12
CONCLUSION
To sum up the whole work, the research, related to the studying the subject
area, discussed previously, was performed.
In the first chapter, three articles, related to the main directions of the subject
area were analyzed, setting up their main idea and connection to the information
security, which will help in further research.
In the second chapter, the relevance of the work was defined, with the consider
of main factors, related to the personal data processing, remaining unsolved.
The performed work shows that the subject area was studied in detail, forming
a basis, needed for the further research while writing master’s work.
13
LIST OF REFERENCES
1. TikTok influencer posts doubled in first half of 2020 [Digital resource] //
Rob Clapp – 2020. Access form:https://www.warc.com/content/paywall/article/warc-
datapoints/tiktok-influencer-posts-doubled-in-first-half-of-2020/134952 (Date of
inspection - 17.01.2022)
2. Popular iPhone and iPad Apps Snooping on the Pasteboard [Digital
resource] // Mysk – 2020. Access form: https://www.mysk.blog/2020/03/10/popular-
iphone-and-ipad-apps-snooping-on-the-pasteboard/ (Date of inspection - 17.01.2022)
14