IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Proceedings of the First International Workshop on Information Hiding
Remote Physical Device Fingerprinting
IEEE Transactions on Dependable and Secure Computing
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
An empirical study of privacy-violating information flows in JavaScript web applications
Proceedings of the 17th ACM conference on Computer and communications security
How unique is your web browser?
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Escape from monkey island: evading high-interaction honeyclients
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Third-Party Web Tracking: Policy and Technology
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Smart, useful, scary, creepy: perceptions of online behavioral advertising
Proceedings of the Eighth Symposium on Usable Privacy and Security
Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
In the modern web, the browser has emerged as the vehicle of choice, which users are to trust, customize, and use, to access a wealth of information and online services. However, recent studies show that the browser can also be used to invisibly fingerprint the user: a practice that may have serious privacy and security implications. In this paper, we report on the design, implementation and deployment of FPDetective, a framework for the detection and analysis of web-based fingerprinters. Instead of relying on information about known fingerprinters or third-party-tracking blacklists, FPDetective focuses on the detection of the fingerprinting itself. By applying our framework with a focus on font detection practices, we were able to conduct a large scale analysis of the million most popular websites of the Internet, and discovered that the adoption of fingerprinting is much higher than previous studies had estimated. Moreover, we analyze two countermeasures that have been proposed to defend against fingerprinting and find weaknesses in them that might be exploited to bypass their protection. Finally, based on our findings, we discuss the current understanding of fingerprinting and how it is related to Personally Identifiable Information, showing that there needs to be a change in the way users, companies and legislators engage with fingerprinting.