Identity theft

About: Identity theft is a research topic. Over the lifetime, 2284 publications have been published within this topic receiving 31700 citations.

Going Through the “Emotions”: Identity Protective Responses

Abstract: This study examines identity theft, specifically, the mechanisms through which individuals protect themselves using credit monitoring information. As an adaptive protective response against identity theft, we conceptualize credit monitoring information as an information product. By integrating protection motivation theory with the extended parallel process model, we seek to understand how individuals either take adaptive recommended actions or maladaptive ones. A research model, hypotheses, and an experiment are described.

Safeguarding health data with enhanced accountability and patient awareness

Abstract: Several factors are driving the transition from paper-based health records to electronic health record systems. In the United States, the adoption rate of electronic health record systems significantly increased after "Meaningful Use" incentive program was started in 2009. While increased use of electronic health record systems could improve the efficiency and quality of healthcare services, it can also lead to a number of security and privacy issues, such as identity theft and healthcare fraud. Such incidents could have negative impact on trustworthiness of electronic health record technology itself and thereby could limit its benefits. In this dissertation, we tackle three challenges that we believe are important to improve the security and privacy in electronic health record systems. Our approach is based on an analysis of real-world incidents, namely theft and misuse of patient identity, unauthorized usage and update of electronic health records, and threats from insiders in healthcare organizations. Our contributions include design and development of a user-centric monitoring agent system that works on behalf of a patient (i.e., an end user) and securely monitors usage of the patient's identity credentials as well as access to her electronic health records. Such a monitoring agent can enhance patient's awareness and control and improve accountability for health records even in a distributed, multi-domain environment, which is typical in an e-healthcare setting. This will reduce the risk and loss caused by misuse of stolen data. In addition to the solution from a patient's perspective, we also propose a secure system architecture that can be used in healthcare organizations to enable robust auditing and management over client devices. This helps us further enhance patients' confidence in secure use of their health data. In sum, our contributions in this dissertation are: • A user-centric monitoring agent system for identity credentials and electronic health records that are stored, consumed, and shared in a distributed, multi-domain e-healthcare system. • A scheme and associated protocols to enable patient-centric, actionable information accountability of electronic health records. • A secure design of an e-healthcare system architecture and client-device enhancement to counter insider threats, malware attacks, and physical device thefts. The prototype implementation of these systems and the results of performance evaluation are presented. We also discuss how our system can be incorporated in state-of-the-art health information sharing mechanisms, including Nationwide Health Information Network (NwHIN or NHIN), to safeguard health data throughout its lifetime. By presenting a detailed design and a proof-of-concept prototype, in this dissertation, we demonstrate that it is possible to establish accountability and support patient awareness and control in large-scale, distributed, multi-domain environment to safeguard sensitive health data. We believe that our contributions can complement security mechanisms implemented in current provider-centric e-healthcare systems and will allow patients to play a more active role in management and protection of their own health data.

Prediction model for botnet-based cyber threats

Abstract: Recent malicious attempts in Cyber-space are intended to emerge cyberwar such as stuxnet as well as to get financial benefits by spam, distributed-of-service(DDoS), identity theft, and phishing through a large pool of comprised hosts, which are called zombies. Botnets are becoming one of the most serious threats to Internet security. We consider that major pre-symptoms of cyber threats are activity and propagation of botnet and propose the prediction model of cyber threats based on botnets.