KR20170090934A - Detecting and tracing method and system for leaked private information - Google Patents
Detecting and tracing method and system for leaked private information Download PDFInfo
- Publication number
- KR20170090934A KR20170090934A KR1020160011927A KR20160011927A KR20170090934A KR 20170090934 A KR20170090934 A KR 20170090934A KR 1020160011927 A KR1020160011927 A KR 1020160011927A KR 20160011927 A KR20160011927 A KR 20160011927A KR 20170090934 A KR20170090934 A KR 20170090934A
- Authority
- KR
- South Korea
- Prior art keywords
- personal information
- application
- internet site
- spam
- virtual
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0414—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
The present invention relates to a method and system for detecting and tracking personal information that is leaked. More particularly, the present invention relates to a method and system for detecting personal information, The virtual personal information corresponding to the personal information such as the address, the address, and the address book is generated and provided to the corresponding site or application. When the virtual personal information is leaked, And more particularly, to a method and system for detecting, tracking, and tracking personal information leaked.
Recently, the problem of leakage of personal information has become serious. A more serious problem is not simply the leakage of personal information, but the second and third victims are occurring as the leaked personal information is used for various crimes such as fraud, intimidation, impersonation and voice phishing. In particular, many personal information is leaked through a specific internet site or a specific application installed in a mobile phone that requests personal information of a user at the time of subscription, but most people can not know the route of personal information leakage, We do not know whether information is leaked or not.
Currently, the most popular method for personal information security is real-time system monitoring through vaccine. However, such a scheme could be a false detection of personal information leakage attacks and very vulnerable to new security attacks, so it could not effectively solve the ultimate leakage of personal information. Above all, in the existing method, there is a limit in which the user can not judge whether or not the personal information is leaked, and in case the personal information is leaked, the user can not track the leakage of the personal information through the route.
Also, with regard to the personal information leakage prevention method, the disclosure of Japanese Patent Application Laid-Open No. 10-2013-0095571 (titled as: a method of preventing personal information leakage of smartphone, published on Aug. 28, 2013) 2013-0032660 (Title of the Invention: Personal Information Leakage Retrieval System and Method, Published on Apr. 02, 2013) have been disclosed. However, when personal information is leaked, There was a limitation that it could not be traced.
The present invention has been proposed in order to solve the above-mentioned problems of the existing methods. When the user needs to provide personal information of a user to join a specific site or install a specific application, The virtual private information corresponding to the personal information such as address and address book is generated and provided to the corresponding site and the application so that there is no risk that the actual personal information of the user is leaked and even if the virtual personal information is leaked, It is an object of the present invention to provide a method and system for detecting personal information leaked, which can track the leakage of virtual personal information through a certain site or an application based on the information.
According to an aspect of the present invention, there is provided a method for detecting and tracking personal information leaked,
(1) receiving (S100) a request for creating virtual personal information corresponding to the requested personal information from a user terminal requesting personal information when installing an application or an internet site;
(2) generating (S200) virtual personal information according to the request in the step (1) and transmitting the virtual personal information to the user terminal so that the transmitted virtual personal information is provided to the application or the Internet site;
(3) transmitting (S300) the telephone or data to the user terminal when a telephone call or data is transmitted based on the virtual personal information generated in the step (2); And
(4) If it is determined that the phone or data transmitted in the step (3) is judged to be spam phone or spam data from the user terminal, (S400) whether the virtual personal information is leaked through the site (S400).
Preferably, in said step (1)
The personal information may include a name, an e-mail, a telephone number, an address, and an address book.
Preferably, in the step (2)
When generating the virtual personal information corresponding to the requested personal information, the virtual personal information may be generated using the application name or the Internet site name.
Preferably, in the step (2)
It is possible to generate different virtual personal information for each application or Internet site.
Preferably,
You can store a list of trusted applications and Internet sites.
More preferably, in the step (2)
If the application or the Internet site is the stored trusted application or Internet site, actual personal information may be provided.
Preferably,
You can store a list of spam applications and spam Internet sites.
More preferably,
If the application to be installed or the Internet site to be installed in the step (1) is the stored spam application or spam Internet site, the alert message may be transmitted to the user terminal.
More preferably, after the step (4)
An application or an Internet site that has leaked the virtual personal information may be updated to the stored spam application or the spam Internet site list.
Preferably,
The usable time limit of the virtual personal information can be predetermined.
According to another aspect of the present invention, there is provided a system for detecting and tracking personal information,
A user terminal storing personal information; And
And a security server for generating virtual personal information corresponding to personal information in the user terminal,
Wherein the security server is requested to generate virtual personal information corresponding to the requested personal information from the user terminal,
Generating virtual private information according to a request of the user terminal and transmitting the generated virtual private information to the user terminal so that the transmitted virtual private information is provided to the application or the Internet site,
And transmitting the telephone or data to the user terminal when a telephone call or data is transmitted based on the virtual personal information generated in the security server,
And tracking whether the virtual personal information is leaked through an application or an Internet site based on the generated virtual personal information when it is received from the user terminal that the transferred phone or data is determined to be spam phone or spam data And is characterized by its constitution.
Preferably,
The personal information may include a name, an e-mail, a telephone number, an address, and an address book.
Advantageously, the security server further comprises:
When generating the virtual personal information corresponding to the requested personal information, the virtual personal information may be generated using the application name or the Internet site name.
Advantageously, the security server further comprises:
It is possible to generate different virtual personal information for each application or Internet site.
Advantageously, the security server further comprises:
You can store a list of trusted applications and Internet sites.
More preferably, in the user terminal,
If the application or the Internet site is the stored trusted application or Internet site, actual personal information may be provided.
Advantageously, the security server further comprises:
You can store a list of spam applications and spam Internet sites.
More preferably, the security server further comprises:
If the application to be installed in the user terminal or the Internet site to be subscribed is the stored spam application or spam Internet site, the alert message may be transmitted to the user terminal.
More preferably, the security server further comprises:
The application that has leaked the virtual personal information or the application identified as the Internet site or the Internet site may be updated to the stored spam application or the spam Internet site list.
Preferably,
The usable time limit of the virtual personal information can be predetermined.
According to the leaked personal information detection and tracking method and system disclosed in the present invention, when a user needs to provide personal information of a user to join a specific site or install a specific application, the user's email, phone number, address And the address book, and provides the generated virtual private information to the corresponding site and the application, there is no risk of leakage of the actual personal information of the user, and even if the virtual private information is leaked, Based on this, you can track which personal information is leaked through which site or which application.
1 is a flowchart illustrating a flow of a method for detecting and tracking personal information leaked according to an embodiment of the present invention.
2 is a flowchart illustrating a method of detecting and tracking private information according to an exemplary embodiment of the present invention. Referring to FIG. 2, Fig.
3 is a flowchart illustrating a method of detecting and tracking personal information leaked according to an exemplary embodiment of the present invention. Referring to FIG. 3, FIG. 5 is a diagram illustrating a process of generating an e-mail;
FIG. 4 is a view showing a scene in which the expiration date of the virtual personal information is determined in the leaked personal information detection and tracking method according to the embodiment of the present invention. FIG.
FIG. 5 is a view illustrating a scene in which different virtual personal information is provided for each Internet site to be subscribed in the method of detecting and tracking personal information that is leaked according to an embodiment of the present invention. FIG.
FIG. 6 is a diagram illustrating a trusted application and a list of Internet sites stored in a security server in an outgoing personal information detection and tracking method according to an exemplary embodiment of the present invention; FIG.
FIG. 7 is a diagram illustrating a spam application and a list of spam Internet sites stored in a security server in a leaked personal information detection and tracking method according to an exemplary embodiment of the present invention; FIG.
FIG. 8 is a flowchart illustrating a method of detecting and tracking private information according to an exemplary embodiment of the present invention. Referring to FIG. 8, in a method for detecting and tracking private information, when a user requests personal information from an application to be installed and the application is a spam application stored in a security server, Lt; RTI ID = 0.0 > a < / RTI > warning message.
9 is a diagram illustrating a scene in which an application and an Internet site that leaked virtual personal information are updated on a spam application list and a spam Internet site in an outgoing personal information detection and tracking method according to an embodiment of the present invention.
FIG. 10 illustrates a configuration of a leaked personal information detection and tracking system according to an embodiment of the present invention; FIG.
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. In the following detailed description of the preferred embodiments of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The same or similar reference numerals are used throughout the drawings for portions having similar functions and functions.
In addition, in the entire specification, when a part is referred to as being 'connected' to another part, it may be referred to as 'indirectly connected' not only with 'directly connected' . Also, to "include" an element means that it may include other elements, rather than excluding other elements, unless specifically stated otherwise.
FIG. 1 is a flowchart illustrating a flow of a method for detecting and tracking personal information leaked according to an exemplary embodiment of the present invention. As shown in FIG. 1, the method for detecting and tracking personal information that is leaked according to an embodiment of the present invention includes the steps of (1) setting up an application or a user terminal (S100); (2) generating virtual personal information according to the request in step (1) and transmitting the virtual personal information to the user terminal 100 A step S200 of providing the transmitted virtual personal information to an application or an Internet site; (3) a step of, when a phone call or data is transmitted based on the virtual personal information generated in the step (2) (3), and (4) if the telephone or data transmitted in step (3) from the user terminal (100) is judged to be a spam phone or spam data, step (2) Through any application or Internet site based on the generated virtual privacy can be configured to include a step (S400) to track whether the virtual personal information is leaked.
Hereinafter, each step of the leaked personal information detection and method proposed in the present invention will be described in detail with reference to the drawings.
In step S100, the
In step S200, the
2 is a flowchart illustrating a method of detecting and tracking private information according to an exemplary embodiment of the present invention. Referring to FIG. 2, As shown in FIG. According to the embodiment, the
3 is a flowchart illustrating a method of detecting and tracking personal information leaked according to an exemplary embodiment of the present invention. Referring to FIG. 3, And generating an e-mail. According to the embodiment, the
In addition, the
As described above, according to the present invention, when a user needs to provide personal information of a user to join a specific site or install a specific application, it is possible to provide virtual personal information corresponding to personal information including a phone number, address, address book, The virtual private information is leaked through the provision of the virtual private information to the corresponding site or application. Even if the virtual private information is leaked, the virtual private information is leaked through a certain site or application based on the generated virtual private information Can be traced.
The usable time limit of the virtual information generated in step S200 according to the above-described method may be predetermined in the
In step S200, the
5 is a view showing a scene in which different virtual personal information is provided for each Internet site to be subscribed in the method of detecting and tracking personal information that is leaked according to an embodiment of the present invention. According to the embodiment, when a user joins the Internet site A and the Internet site B, when a mobile phone and an email are requested from respective Internet sites, the actual mobile phone number of Hong Kil Dong is 010-2442-8668, At duperhong@gmail.com, as shown in FIG. 5, a virtual mobile phone number and virtual e-mail may be provided at each Internet site.
In addition, as shown in FIGS. 6 and 7, the
According to an embodiment of the present invention, an application to be installed or an Internet site to be subscribed may be requested, and if the application or the Internet site to be subscribed is a trusted application or an Internet site stored in the
In addition, according to the embodiment, personal information is requested from an application to be installed or an Internet site to be subscribed, and when the application or the Internet site to be subscribed is a spam application or a spam Internet site stored in the
FIG. 8 is a flowchart illustrating a method of detecting and tracking private information according to an exemplary embodiment of the present invention. Referring to FIG. 8, in a method for detecting and tracking private information, when a user requests personal information from an application to be installed and the application is a spam application stored in a security server, FIG. 2 is a view showing a scene in which a warning message is transmitted. 8, when the 'sports game' application is a spam application stored in the
In step S300, the
In step S400, when the
FIG. 9 is a diagram illustrating a scene in which an application and an Internet site, which have leaked virtual personal information, are updated in a spam application list and a spam Internet site in an outgoing personal information detection and tracking method according to an embodiment of the present invention. If it is found through step S400 that the virtual personal information has been leaked through the 'direct loan' application and the 'www.sky.co.kr' internet site, as shown in FIG. 9, the spam stored in the
As shown in FIG. 10, the above-described leaked personal information detection and tracking method is a security method for generating virtual private information corresponding to personal information in a
The present invention may be embodied in many other specific forms without departing from the spirit or essential characteristics of the invention.
100: user terminal 200: security server
300: Third party terminal
S100: Receiving a request for creating virtual private information corresponding to the requested personal information from a user terminal that has been requested for personal information at the time of application installation or internet site registration
S200: generating virtual personal information in response to the request in step S100 and transmitting the virtual personal information to the user terminal so that the transmitted virtual personal information is provided to the application or the Internet site
S300: transmitting a call or data to the user terminal when a call is received or data is transmitted based on the virtual personal information generated in step S200
In step S400, when it is determined that the phone or data transmitted in step S300 is determined to be spam phone or spam data from the user terminal, based on the virtual personal information generated in step S200, Steps to follow
Claims (20)
(1) receiving virtual private information corresponding to the requested personal information from the user terminal 100, which is requested when the user installs an application or enters an internet site;
(2) generating virtual personal information according to the request in the step (1) and transmitting the generated virtual personal information to the user terminal 100 so that the transmitted virtual personal information is provided to the application or the Internet site (S200) ;
(3) transmitting (S300) the telephone or data to the user terminal 100 when a telephone call or data is transmitted based on the virtual personal information generated in the step (2); And
(4) If it is judged that the phone or data transmitted in the step (3) is judged as spam phone or spam data from the user terminal (100) (S400) whether the virtual personal information has been leaked through an application or an Internet site (S400).
Wherein the personal information includes a name, an e-mail, a telephone number, an address, and an address book.
And generating virtual personal information using the application name or the Internet site name when generating the virtual personal information corresponding to the requested personal information.
And generating different virtual personal information for each of the applications or Internet sites.
And store a list of trusted applications and Internet sites. ≪ Desc / Clms Page number 13 >
Wherein the actual personal information can be provided when the application or the Internet site is the trusted application or Internet site in which the stored application or Internet site is stored.
A spam application and a list of spam Internet sites.
Wherein if the application to be installed or the Internet site to be installed in the step (1) is the spam application or the spam Internet site stored in the step (1), the warning message can be transmitted to the user terminal (100) Detection and tracking methods.
Wherein the application or Internet site that has leaked the virtual personal information is updated to the stored spam application or spam Internet site list.
Wherein the expiration date of the virtual private information is predetermined. ≪ RTI ID = 0.0 > 11. < / RTI >
A user terminal 100 in which personal information is stored; And
And a security server (200) for generating virtual personal information corresponding to personal information in the user terminal (100)
The security server 200 is requested to generate virtual personal information corresponding to the requested personal information from the user terminal 100 that has requested personal information at the time of application installation or Internet access,
Generates virtual personal information according to a request of the user terminal 100 and transmits the virtual personal information to the user terminal 100 so that the transmitted virtual personal information is provided to the application or the Internet site,
When the call is received or data is transmitted based on the virtual private information generated in the security server 200, the call or data is transmitted to the user terminal 100,
When it is judged that the transferred phone or data is judged to be spam phone or spam data from the user terminal 100, it is judged based on the generated virtual personal information whether the virtual personal information is leaked through an application or an Internet site (10). ≪ / RTI >
Wherein the personal information includes a name, an e-mail, a telephone number, an address, and an address book.
And generates virtual personal information using the application name or the Internet site name when generating the virtual personal information corresponding to the requested personal information.
And generates different virtual personal information for each of the applications or Internet sites.
(10), characterized in that it is capable of storing a list of trusted applications and internet sites.
Wherein the actual personal information can be provided when the application or the Internet site is the trusted application or the Internet site in which the stored application is stored.
A spam application and a list of spam internet sites.
Wherein if the application to be installed in the user terminal (100) or the internet site to be subscribed is the spam application or the spam internet site stored therein, the alert message can be transmitted to the user terminal (100) Information detection and tracking system (10).
(10) updates the spam application or the spam Internet site list stored in the application or the application identified as the Internet site or the Internet site, which has leaked the virtual personal information, to the stored spam application or spam Internet site list. .
And the usable time limit of the virtual personal information can be predetermined. ≪ Desc / Clms Page number 13 >
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160011927A KR20170090934A (en) | 2016-01-29 | 2016-01-29 | Detecting and tracing method and system for leaked private information |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160011927A KR20170090934A (en) | 2016-01-29 | 2016-01-29 | Detecting and tracing method and system for leaked private information |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20170090934A true KR20170090934A (en) | 2017-08-08 |
Family
ID=59653354
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020160011927A KR20170090934A (en) | 2016-01-29 | 2016-01-29 | Detecting and tracing method and system for leaked private information |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20170090934A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20200020291A (en) | 2018-08-17 | 2020-02-26 | 순천향대학교 산학협력단 | System and method for processing personally identifiable information based on blockchain |
CN115243246A (en) * | 2022-07-28 | 2022-10-25 | 国网安徽省电力有限公司淮北供电公司 | Safety alarm system based on big data informatization |
WO2024063512A1 (en) * | 2022-09-20 | 2024-03-28 | 김휘영 | Infringement accident determination system using virtual identification information, method thereof, and computer program therefor |
-
2016
- 2016-01-29 KR KR1020160011927A patent/KR20170090934A/en not_active Application Discontinuation
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20200020291A (en) | 2018-08-17 | 2020-02-26 | 순천향대학교 산학협력단 | System and method for processing personally identifiable information based on blockchain |
CN115243246A (en) * | 2022-07-28 | 2022-10-25 | 国网安徽省电力有限公司淮北供电公司 | Safety alarm system based on big data informatization |
CN115243246B (en) * | 2022-07-28 | 2024-02-06 | 国网安徽省电力有限公司淮北供电公司 | Safety alarm system based on big data informatization |
WO2024063512A1 (en) * | 2022-09-20 | 2024-03-28 | 김휘영 | Infringement accident determination system using virtual identification information, method thereof, and computer program therefor |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101733633B1 (en) | Detecting and tracing method for leaked phone number data in mobile phone through application | |
WO2005046111A3 (en) | System and method for a subscription model trusted email database for use in antispam | |
US20120016940A1 (en) | Geographic Based Logical Message Addressing And Delivery | |
US8959626B2 (en) | Detecting a suspicious entity in a communication network | |
BRPI0817107A2 (en) | Billing for users traveling on ims networks | |
WO2012098429A1 (en) | Method, apparatus, and computer program product for managing unwanted traffic in a wireless network | |
CN105516071A (en) | Method for verifying safety of business operation, device, terminal and server | |
KR20140100989A (en) | Anonymous friend-making method, system, network server and storage medium | |
US9116223B1 (en) | Systems, methods, devices and arrangements for emergency call services and user participation incentives | |
US8583553B2 (en) | Conditionally obfuscating one or more secret entities with respect to one or more billing statements related to one or more communiqués addressed to the one or more secret entities | |
KR20170090934A (en) | Detecting and tracing method and system for leaked private information | |
US11164096B1 (en) | Systems, methods, devices and arrangements for emergency call services and emergency broadcasts | |
US20110166973A1 (en) | Conditionally obfuscating one or more secret entities with respect to one or more billing statements related to one or more communiqués addressed to the one or more secret entities | |
EP3148185A1 (en) | Accessing method, system and storage medium for video conference | |
US11528280B2 (en) | Protection of privileged operation access of electronic devices | |
US8666360B2 (en) | Contact communication tracking system | |
JP2013171473A (en) | Information processing method, information processing device and program | |
KR20150065017A (en) | Method of blocking smishing, server performing the same and storage media storing the same | |
CN110971746A (en) | Method and device for preventing short message from bombing, electronic equipment and computer-readable storage medium | |
US20170134573A1 (en) | Synchronizing outgoing messages and incoming messages for user devices that share a telephone number | |
KR102003057B1 (en) | Method and apparatus for control of roaming data call | |
Sowmya et al. | Compatible and confidentiality-preserving friend matching in mobile cloud | |
JP2009188960A (en) | Electronic mail server having address change function with time limit | |
Champion et al. | D-card: A distributed mobile phone based system for relaying verified friendships | |
CN106992977B (en) | Alarm method, device and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |