4                                Big data - Concept and application for telecommunications



            7       Threats in mobile Internet big data analysis services


            7.1     Analysis result overuse
            This may occur when the data application entity uses the big data analysis beyond the intention of the original
            data analysis, or when the attackers illegally obtain the big data analysis result to develop business insights
            and mechanisms.

            7.2     Data analysis without user's consent
            This threat occurs when the data collection entity collect user's data and/or the data analysis entity analyze
            user related data without user's consent, including the scope, intention, method, result usage etc.

            7.3     Data disclosure

            Data disclosure occurs when the attackers impersonate a legal entity to disclose the original big data set
            and/or the result of big data analysis to the public. This may also occur when a legal entity (such as the data
            collection  entity,  data  pre-processing  entity,  data  analysis  entity,  data  application  entity)  discloses  the
            original big data set and/or the result of big data analysis by misuse.

            7.4     Data forgery

            The  threat of  data  forgery  occurs  when  a malicious  mobile  Internet  user  reports  fake  data  to  the  data
            collection entity with certain propositions, e.g., identity-related information, location-related information,
            etc.

            7.5     Disclosure information

            During the big data analysis process, the attackers may impersonate a legal entity that has an opportunity to
            get any type of information, and in particular information relating to an identified or identifiable natural
            person.

            7.6     Disclosure of inferred information

            Prior to applying the result of big data analysis, if the data set of the analysis result is broader than its original
            analysis purpose, it may disclose the inferred information by subsequent analysis.


            7.7     Disclosure of user behaviour information
            The threat of disclosure of user behaviour information may occur when data analysis entity is tampered with
            or by the attackers impersonating a legal entity that has the opportunity to get user behaviour information
            (e.g., user's browsing preferences) for malicious purposes, such as reselling it for a profit.

            7.8     Inaccurate or mistaken analysis
            Inaccurate  analysis  may  occur  because  of  an  inaccurate/unclear  data  source  or  analysis  algorithm(s).
            Mistaken analysis occurs when the big data analysis services are attacked and tampered with. Also, it can
            happen in the case of logical design error of big data analysis services.
            For unclear data sources, in particular data used in the mobile internet services whose source may not be
            recognized, it means that in the processing step of user data the proper privileges for those data are not
            identified.


            7.9     Location information overuse
            In the analysis process, the location information may be a key factor in predicting a user's expectations and
            requirements, but in some scenarios, the location information may not be the necessary element.






            154      Security, privacy and data protection