Information Systems ( IF 3.7 ) Pub Date : 2020-12-17 , DOI: 10.1016/j.is.2020.101702 Benjamin Fabian , Benedict Bender , Ben Hesseldieck , Johannes Haupt , Stefan Lessmann
E-mail tracking provides companies with fine-grained behavioral data about e-mail recipients, which can be a threat for individual privacy and enterprise security. This problem is especially severe since e-mail tracking techniques often gather data without the informed consent of the recipients. So far e-mail recipients lack a reliable protection mechanism.
This article presents a novel protection framework against e-mail tracking that closes an important gap in the field of enterprise security and privacy-enhancing technologies. We conceptualize, implement and evaluate an anti-tracking mail server that is capable of identifying tracking images in e-mails via machine learning with very high accuracy, and can selectively replace them with arbitrary images containing warning messages for the recipient. Our mail protection framework implements a selective prevention strategy as enterprise-grade software using the design science research paradigm. It is flexibly extensible, highly scalable, and ready to be applied under actual production conditions. Experimental evaluations show that these goals are achieved through solid software design, adoption of recent technologies and the creation of novel flexible software components.
中文翻译:
企业级的电子邮件跟踪防护
电子邮件跟踪为公司提供了有关电子邮件收件人的细粒度行为数据,这可能会威胁到个人隐私和企业安全。由于电子邮件跟踪技术经常在未经收件人知情同意的情况下收集数据,因此此问题尤其严重。到目前为止,电子邮件收件人缺乏可靠的保护机制。
本文介绍了一种针对电子邮件跟踪的新颖保护框架,该框架弥补了企业安全和隐私增强技术领域中的一个重要空白。我们概念化,实施和评估一个防跟踪邮件服务器,该服务器能够通过机器学习以非常高的准确性识别电子邮件中的跟踪图像,并且可以选择性地进行用包含警告收件人的任意图像替换它们。我们的邮件保护框架使用设计科学研究范例将选择性预防策略作为企业级软件实施。它具有灵活的可扩展性,高度可扩展性,可以在实际生产条件下使用。实验评估表明,这些目标是通过可靠的软件设计,采用最新技术以及创建新颖的灵活软件组件来实现的。