On the privacy of web search based on query obfuscation: a case study of TrackMeNot

Authors:
Sai Teja Peddinti;Nitesh Saxena
Affiliations:
Computer Science and Engineering, Polytechnic Institute of New York University;Computer Science and Engineering, Polytechnic Institute of New York University
Venue:
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Year:
2010

Citing 7
Cited 8

Replication is not needed: single database, computationally-private information retrieval

FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)

Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Private web search

Proceedings of the 2007 ACM workshop on Privacy in electronic society
"I know what you did last summer": query logs and user privacy

Proceedings of the sixteenth ACM conference on Conference on information and knowledge management
Vanity fair: privacy in querylog bundles

Proceedings of the 17th ACM conference on Information and knowledge management
Noise Injection for Search Privacy Protection

CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Faking contextual data for fun, profit, and privacy

Proceedings of the 8th ACM workshop on Privacy in the electronic society

On the effectiveness of anonymizing networks for web search privacy

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
On the limitations of query obfuscation techniques for location privacy

Proceedings of the 13th international conference on Ubiquitous computing
Cover locations: availing location-based services without revealing the location

Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Secure data management in the cloud

DNIS'11 Proceedings of the 7th international conference on Databases in Networked Information Systems
Knowledge-based scheme to create privacy-preserving but semantically-related queries for web search engines

Information Sciences: an International Journal
A theoretical model for obfuscating web navigation trails

Proceedings of the Joint EDBT/ICDT 2013 Workshops
Towards practical private processing of database queries over public data

Distributed and Parallel Databases
Web search query privacy: Evaluating query obfuscation and anonymizing networks

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Web Search is one of the most rapidly growing applications on the internet today. However, the current practice followed by most search engines - of logging and analyzing users' queries - raises serious privacy concerns. One viable solution to search privacy is query obfuscation, whereby a client-side software attempts to mask real user queries via injection of certain noisy queries. In contrast to other privacy-preserving search mechanisms, query obfuscation does not require server-side modifications or a third party infrastructure, thus allowing for ready deployment at the discretion of privacy-conscious users. In this paper, our higher level goal is to analyze whether query obfuscation can preserve users' privacy in practice against an adversarial search engine. We focus on TrackMeNot (TMN) [10,20], a popular search privacy tool based on the principle of query obfuscation. We demonstrate that a search engine, equipped with only a short-term history of a user's search queries, can break the privacy guarantees of TMN by only utilizing off-the-shelf machine learning classifiers.