Understanding the Common Personally Identifiable Information Labels Patterns Based on Open-Source Intelligence: a Systematic Literature Review
Disciplines
Management Information Systems
Abstract (300 words maximum)
Open-Source Intelligence (OSINT) involves collecting, processing, and correlating publicly available data from sources like social media and government records. Personally Identifiable Information (PII) can be exploited by threat actors to build detailed profiles. This research examines OSINT within Information Systems (IS) literature, reviewing its behavioral aspects and developing a theoretical framework on how hackers use open-source data to triangulate PII. It also aims to guide practitioners in creating effective countermeasures. To assess existing research, the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) method (Moher et al., 2009) was used, incorporating a structured search, selection criteria, data extraction, and analysis. A literature review conducted in July 2024 identified journal papers on OSINT-related privacy and cybersecurity concerns from 2014 onward. The search query targeted top IS journals, including Decision Support Systems, Information Systems Journal, and Journal of Management Information Systems. Articles were included if they met the following criteria: (1) published between January 2014 and July 2024; (2) appeared in an AIS journal; (3) examined OSINT use; (4) included specific research theories, experimental designs, or prototypes; and (5) were fully accessible. The search yielded five relevant journal articles, with only one (Dincelli et al., 2023) directly addressing OSINT in cybersecurity, highlighting PII labels and common entry points. However, IS literature lacks analysis of common PII identification label patterns found in OSINT. Future research should focus on ethical examination and simulation of PII triangulation, enabling a deeper understanding of exploitation patterns through OSINT techniques.
Academic department under which the project should be listed
CCOB - Information Systems and Securty
Primary Investigator (PI) Name
May Bantan
Understanding the Common Personally Identifiable Information Labels Patterns Based on Open-Source Intelligence: a Systematic Literature Review
Open-Source Intelligence (OSINT) involves collecting, processing, and correlating publicly available data from sources like social media and government records. Personally Identifiable Information (PII) can be exploited by threat actors to build detailed profiles. This research examines OSINT within Information Systems (IS) literature, reviewing its behavioral aspects and developing a theoretical framework on how hackers use open-source data to triangulate PII. It also aims to guide practitioners in creating effective countermeasures. To assess existing research, the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) method (Moher et al., 2009) was used, incorporating a structured search, selection criteria, data extraction, and analysis. A literature review conducted in July 2024 identified journal papers on OSINT-related privacy and cybersecurity concerns from 2014 onward. The search query targeted top IS journals, including Decision Support Systems, Information Systems Journal, and Journal of Management Information Systems. Articles were included if they met the following criteria: (1) published between January 2014 and July 2024; (2) appeared in an AIS journal; (3) examined OSINT use; (4) included specific research theories, experimental designs, or prototypes; and (5) were fully accessible. The search yielded five relevant journal articles, with only one (Dincelli et al., 2023) directly addressing OSINT in cybersecurity, highlighting PII labels and common entry points. However, IS literature lacks analysis of common PII identification label patterns found in OSINT. Future research should focus on ethical examination and simulation of PII triangulation, enabling a deeper understanding of exploitation patterns through OSINT techniques.