Abstract | ||
---|---|---|
We present the first large-scale studies of three advanced web tracking mechanisms - canvas fingerprinting, evercookies and use of \"cookie syncing\" in conjunction with evercookies. Canvas fingerprinting, a recently developed form of browser fingerprinting, has not previously been reported in the wild; our results show that over 5% of the top 100,000 websites employ it. We then present the first automated study of evercookies and respawning and the discovery of a new evercookie vector, IndexedDB. Turning to cookie syncing, we present novel techniques for detection and analysing ID flows and we quantify the amplification of privacy-intrusive tracking practices due to cookie syncing. Our evaluation of the defensive techniques used by privacy-aware users finds that there exist subtle pitfalls --- such as failing to clear state on multiple browsers at once - in which a single lapse in judgement can shatter privacy defenses. This suggests that even sophisticated users face great difficulties in evading tracking techniques. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1145/2660267.2660347 | ACM Conference on Computer and Communications Security |
Keywords | DocType | Citations |
security,canvas fingerprinting,miscellaneous,evercookie, javascript,privacy,tracking,web security,browser fingerprinting,cookie syncing,flash,javascript | Conference | 119 |
PageRank | References | Authors |
4.62 | 22 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Gunes Acar | 1 | 287 | 15.23 |
Christian Eubank | 2 | 164 | 6.23 |
Steven Englehardt | 3 | 273 | 11.77 |
Marc Juarez | 4 | 316 | 14.57 |
Arvind Narayanan | 5 | 2742 | 151.72 |
Claudia Diaz | 6 | 576 | 31.21 |