(Cross-)Browser Fingerprinting via OS and Hardware Level Features

Cao, Yinzhi; Song, Li; Wijmans, Erik

doi:10.14722/ndss.2017.23152

Cited by 133 publications

(101 citation statements)

References 16 publications

(24 reference statements)

Supporting

Mentioning

101

Contrasting

Order By: Relevance

“…Since then, many studies have been conducted on many different aspects of this tracking technique. As new features are included within web browsers to draw images, render 3D scenes or process sounds, new attributes have been discovered to strengthen the fingerprinting process [5], [7], [9], [10], [18], [19], [20]. Additionally, researchers have performed large crawls of the web that confirm a steady growth of browser fingerprinting [1], [2], [9], [22].…”

Section: Background and Motivationsmentioning

confidence: 99%

“…He showed that 83.6 % of visitors to the PANOPTICLICK website 1 could be uniquely identified from a fingerprint composed of only 8 attributes. Further studies have focused on studying new attributes that increase browser fingerprint uniqueness [7], [10], [14], [18], [19], [20], while others have shown that websites use browser fingerprinting as a way to regenerate deleted cookies [1].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

FP-STALKER: Tracking Browser Fingerprint Evolutions

Vastel

Laperdrix

Rudametkin

et al. 2018

2018 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Abstract-Browser fingerprinting has emerged as a technique to track users without their consent. Unlike cookies, fingerprinting is a stateless technique that does not store any information on devices, but instead exploits unique combinations of attributes handed over freely by browsers. The uniqueness of fingerprints allows them to be used for identification. However, browser fingerprints change over time and the effectiveness of tracking users over longer durations has not been properly addressed.In this paper, we show that browser fingerprints tend to change frequently-from every few hours to days-due to, for example, software updates or configuration changes. Yet, despite these frequent changes, we show that browser fingerprints can still be linked, thus enabling long-term tracking.FP-STALKER is an approach to link browser fingerprint evolutions. It compares fingerprints to determine if they originate from the same browser. We created two variants of FP-STALKER, a rule-based variant that is faster, and a hybrid variant that exploits machine learning to boost accuracy. To evaluate FP-STALKER, we conduct an empirical study using 98, 598 fingerprints we collected from 1, 905 distinct browser instances. We compare our algorithm with the state of the art and show that, on average, we can track browsers for 54.48 days, and 26 % of browsers can be tracked for more than 100 days.

show abstract

Section: Background and Motivationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

FP-STALKER: Tracking Browser Fingerprint Evolutions

Vastel

Laperdrix

Rudametkin

et al. 2018

2018 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

show abstract

“…2) Cross-Browser Fingerprinting method (CBS), based on computer profiling according to the time of various graphical operations execution (per minute) [17];…”

Section: The Experiments Progressmentioning

confidence: 99%

Increase in security of authentication services through additional identification using optimal feature space

Iskhakov¹,

Meshcheryakov²,

Iskhakov³

et al. 2017

Proceedings of the IV International Research Conference "Information Technologies in Science, Management, Social Sphere and Med

View full text Add to dashboard Cite

Abstract-The research focuses on topical issue of the Internet security. In particular, the issue of level increase in security of authentication services through additional identification using optimal feature space is being considered. This article is devoted to the practical application of additional identification technologies in authentication services. The paper presents sets of informative features characterizing the access subject. A classification of methods for identifying the user's work environment is proposed. The article presents the experimental results of intercomparison between scientificallygrounded methods and technologies for identifying the user's work environment.

show abstract

“…First, to ensure that a client browser does not disclose the PoPSiCl that it uses for accessing a tenant server, say tenantA.com, to another server to which tenantA.com refers the client (i.e., in the HTTP Referer field), tenantA.com should set the referrer policy of its referring page to no-referrer or same-origin. 5 Second, to allow referrals to a tenant server, say tenantB.com, without disclosing the server's identity to our attacker, the cloud operator popsicls.com can support hyperlinking to it using a URL such as https://linker.p opsicls.com?tenantB.com/ ..., where linker.popsicl s.com is a cloud-operated server. Upon receiving the TLS connection from the client, linker.popsicls.com can look up the PoPSiCl that this client uses to access tenantB.com (authenticating the client using its client certificate) and then redirect the client browser to that PoPSiCl.…”

Section: Same-origin Policy and Cookiesmentioning

confidence: 99%

“…Though the cloud is trusted in our design, note that today the cloud is already typically trusted with knowing which users frequent a tenant server. Even if the user connects to a tenant server using an anonymizing service such as Tor, the cloud can access any identifying information the user provides to the tenant server, either intentionally (e.g., an email address) or not (e.g., HTTP cookies or browser fingerprints [5,28,29] 1 ). In such cases, our trust in the cloud does not substantially increase the trusted computing base for user privacy.…”

Section: Introductionmentioning

confidence: 99%

Personalized Pseudonyms for Servers in the Cloud

Xiao

Reiter

Zhang

2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

A considerable and growing fraction of servers, especially of web servers, is hosted in compute clouds. In this paper we opportunistically leverage this trend to improve privacy of clients from network attackers residing between the clients and the cloud: We design a system that can be deployed by the cloud operator to prevent a network adversary from determining which of the cloud's tenant servers a client is accessing. The core innovation in our design is a PoPSiCl (pronounced "popsicle"), a persistent pseudonym for a tenant server that can be used by a single client to access the server, whose real identity is protected by the cloud from both passive and active network attackers. When instantiated for TLS-based access to web servers, our design works with all major browsers and requires no additional client-side software and minimal changes to the client user experience. Moreover, changes to tenant servers can be hidden in supporting software (operating systems and web-programming frameworks) without imposing on web-content development. Perhaps most notably, our system boosts privacy with minimal impact to web-browsing performance, after some initial setup during a user's first access to each web server.

show abstract

(Cross-)Browser Fingerprinting via OS and Hardware Level Features

Cited by 133 publications

References 16 publications

FP-STALKER: Tracking Browser Fingerprint Evolutions

FP-STALKER: Tracking Browser Fingerprint Evolutions

Increase in security of authentication services through additional identification using optimal feature space

Personalized Pseudonyms for Servers in the Cloud

Contact Info

Product

Resources

About