FP-TESTER: Automated Testing of Browser ...
Type de document :
Communication dans un congrès avec actes
Titre :
FP-TESTER: Automated Testing of Browser Fingerprint Resilience
Auteur(s) :
Vastel, Antoine [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Titre de la manifestation scientifique :
IWPE 2018 - 4th International Workshop on Privacy Engineering
Ville :
London
Pays :
Royaume-Uni
Date de début de la manifestation scientifique :
2018-04-27
Titre de la revue :
Proceedings of the 4th International Workshop on Privacy Engineering (IWPE'18)
Date de publication :
2018-04-27
Discipline(s) HAL :
Informatique [cs]/Système d'exploitation [cs.OS]
Informatique [cs]/Web
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Web
Informatique [cs]/Génie logiciel [cs.SE]
Résumé en anglais : [en]
Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking ...
Lire la suite >Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular , browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable , rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.Lire moins >
Lire la suite >Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular , browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable , rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.Lire moins >
Langue :
Anglais
Comité de lecture :
Oui
Audience :
Internationale
Vulgarisation :
Non
Collections :
Source :
Fichiers
- https://hal.inria.fr/hal-01717158/document
- Accès libre
- Accéder au document
- https://hal.inria.fr/hal-01717158/document
- Accès libre
- Accéder au document
- https://hal.inria.fr/hal-01717158/document
- Accès libre
- Accéder au document
- document
- Accès libre
- Accéder au document
- fptester.pdf
- Accès libre
- Accéder au document