FP-STALKER: Tracking Browser Fingerprint ...
Type de document :
Communication dans un congrès avec actes
DOI :
Titre :
FP-STALKER: Tracking Browser Fingerprint Evolutions
Auteur(s) :
Vastel, Antoine [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Laperdrix, Pierre [Auteur]
Diversity-centric Software Engineering [DiverSe]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Self-adaptation for distributed services and large software systems [SPIRALS]
Laperdrix, Pierre [Auteur]
Diversity-centric Software Engineering [DiverSe]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Éditeur(s) ou directeur(s) scientifique(s) :
Bryan Parno
Christopher Kruegel
Christopher Kruegel
Titre de la manifestation scientifique :
IEEE S&P 2018 - 39th IEEE Symposium on Security and Privacy
Ville :
San Francisco
Pays :
Etats-Unis d'Amérique
Date de début de la manifestation scientifique :
2018-05-21
Titre de la revue :
Proceedings of the 39th IEEE Symposium on Security and Privacy (S&P)
Éditeur :
IEEE
Mot(s)-clé(s) en anglais :
user tracking
random forests
browser fingerprinting
random forests
browser fingerprinting
Discipline(s) HAL :
Informatique [cs]/Web
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Cryptographie et sécurité [cs.CR]
Informatique [cs]/Apprentissage [cs.LG]
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Cryptographie et sécurité [cs.CR]
Informatique [cs]/Apprentissage [cs.LG]
Résumé en anglais : [en]
Browser fingerprinting has emerged as a technique to track users without their consent. Unlike cookies, fingerprinting is a stateless technique that does not store any information on devices, but instead exploits unique ...
Lire la suite >Browser fingerprinting has emerged as a technique to track users without their consent. Unlike cookies, fingerprinting is a stateless technique that does not store any information on devices, but instead exploits unique combinations of attributes handed over freely by browsers. The uniqueness of fingerprints allows them to be used for identification. However, browser fingerprints change over time and the effectiveness of tracking users over longer durations has not been properly addressed. In this paper, we show that browser fingerprints tend to change frequently—from every few hours to days—due to, for example, software updates or configuration changes. Yet, despite these frequent changes, we show that browser fingerprints can still be linked, thus enabling long-term tracking. FP-STALKER is an approach to link browser fingerprint evolutions. It compares fingerprints to determine if they originate from the same browser. We created two variants of FP-STALKER, a rule-based variant that is faster, and a hybrid variant that exploits machine learning to boost accuracy. To evaluate FP-STALKER, we conduct an empirical study using 98,598 fingerprints we collected from 1,905 distinct browser instances. We compare our algorithm with the state of the art and show that, on average, we can track browsers for 54.48 days, and 26 % of browsers can be tracked for more than 100 days.Lire moins >
Lire la suite >Browser fingerprinting has emerged as a technique to track users without their consent. Unlike cookies, fingerprinting is a stateless technique that does not store any information on devices, but instead exploits unique combinations of attributes handed over freely by browsers. The uniqueness of fingerprints allows them to be used for identification. However, browser fingerprints change over time and the effectiveness of tracking users over longer durations has not been properly addressed. In this paper, we show that browser fingerprints tend to change frequently—from every few hours to days—due to, for example, software updates or configuration changes. Yet, despite these frequent changes, we show that browser fingerprints can still be linked, thus enabling long-term tracking. FP-STALKER is an approach to link browser fingerprint evolutions. It compares fingerprints to determine if they originate from the same browser. We created two variants of FP-STALKER, a rule-based variant that is faster, and a hybrid variant that exploits machine learning to boost accuracy. To evaluate FP-STALKER, we conduct an empirical study using 98,598 fingerprints we collected from 1,905 distinct browser instances. We compare our algorithm with the state of the art and show that, on average, we can track browsers for 54.48 days, and 26 % of browsers can be tracked for more than 100 days.Lire moins >
Langue :
Anglais
Comité de lecture :
Oui
Audience :
Internationale
Vulgarisation :
Non
Collections :
Source :
Fichiers
- https://hal.inria.fr/hal-01652021/document
- Accès libre
- Accéder au document
- https://hal.inria.fr/hal-01652021/document
- Accès libre
- Accéder au document
- https://hal.inria.fr/hal-01652021/document
- Accès libre
- Accéder au document
- document
- Accès libre
- Accéder au document
- FPStalker-hal-version.pdf
- Accès libre
- Accéder au document
- FPStalker-hal-version.pdf
- Accès libre
- Accéder au document