Self-similarity in World Wide Web traffic: evidence and possible causes
IEEE/ACM Transactions on Networking (TON)
Modern Information Retrieval
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Web usage mining: discovery and applications of usage patterns from Web data
ACM SIGKDD Explorations Newsletter
Internet traffic classification using bayesian analysis techniques
SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
Distributed proxies for browsing privacy: a simulation of flocks
SAICSIT '05 Proceedings of the 2005 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries
ACM SIGCOMM Computer Communication Review
Inferring the source of encrypted HTTP connections
Proceedings of the 13th ACM conference on Computer and communications security
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Web page revisitation revisited: implications of a long-term click-stream study of browser usage
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A field study characterizing Web-based information-seeking tasks
Journal of the American Society for Information Science and Technology
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Data Preparation for User Profiling from Traffic Log
SECUREWARE '07 Proceedings of the The International Conference on Emerging Security Information, Systems, and Technologies
On web browsing privacy in anonymized NetFlows
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Introduction to Information Retrieval
Introduction to Information Retrieval
Robust De-anonymization of Large Sparse Datasets
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
The cost of privacy: destruction of data-mining utility in anonymized data publishing
Proceedings of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining
User Profiling and Re-identification: Case of University-Wide Network Analysis
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Proceedings of the 2009 ACM workshop on Cloud computing security
Toward user patterns for online security: Observation time and online user identification
Decision Support Systems
Web user behavioral profiling for user identification
Decision Support Systems
Traffic classification using a statistical approach
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
The effects of location access behavior on re-identification risk in a distributed environment
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
On the privacy risks of publishing anonymized IP network traces
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Hi-index | 0.00 |
An attacker, who is able to observe a web user over a long period of time, learns a lot about his interests. It may be difficult to track users with regularly changing IP addresses, though. We show how patterns mined from web traffic can be used to re-identify a majority of users, i. e. link multiple sessions of them. We implement the web user re-identification attack using a Multinomial Naïve Bayes classifier and evaluate it using a real-world dataset from 28 users. Our evaluation setup complies with the limited knowledge of an attacker on a malicious web proxy server, who is only able to observe the host names visited by its users. The results suggest that consecutive sessions can be linked with high probability for session durations from 5 minutes to 48 hours and that user profiles degrade only slowly over time. We also propose basic countermeasures and evaluate their efficacy.