FP-TESTER: Automated Testing of Browser ...
Document type :
Communication dans un congrès avec actes
Title :
FP-TESTER: Automated Testing of Browser Fingerprint Resilience
Author(s) :
Vastel, Antoine [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Conference title :
IWPE 2018 - 4th International Workshop on Privacy Engineering
City :
London
Country :
Royaume-Uni
Start date of the conference :
2018-04-27
Journal title :
Proceedings of the 4th International Workshop on Privacy Engineering (IWPE'18)
Publication date :
2018-04-27
HAL domain(s) :
Informatique [cs]/Système d'exploitation [cs.OS]
Informatique [cs]/Web
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Web
Informatique [cs]/Génie logiciel [cs.SE]
English abstract : [en]
Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking ...
Show more >Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular , browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable , rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.Show less >
Show more >Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular , browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable , rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.Show less >
Language :
Anglais
Peer reviewed article :
Oui
Audience :
Internationale
Popular science :
Non
Collections :
Source :
Files
- https://hal.inria.fr/hal-01717158/document
- Open access
- Access the document
- https://hal.inria.fr/hal-01717158/document
- Open access
- Access the document
- https://hal.inria.fr/hal-01717158/document
- Open access
- Access the document
- document
- Open access
- Access the document
- fptester.pdf
- Open access
- Access the document