Unveiling Web Fingerprinting in the Wild Via Code Mining and Machine Learning

  • Rizzo V
  • Traverso S
  • Mellia M
N/ACitations
Citations of this article
24Readers
Mendeley users who have this article in their library.

Abstract

Fueled by advertising companies’ need of accurately tracking users and their online habits, web fingerprinting practice has grown in recent years, with severe implications for users’ privacy. In this paper, we design, engineer and evaluate a methodology which combines the analysis of JavaScript code and machine learning for the automatic detection of web fingerprinters.We apply our methodology on a dataset of more than 400, 000 JavaScript files accessed by about 1, 000 volunteers during a one-month long experiment to observe adoption of fingerprinting in a real scenario. We compare approaches based on both static and dynamic code analysis to automatically detect fingerprinters and show they provide different angles complementing each other. This demonstrates that studies based on either static or dynamic code analysis provide partial view on actual fingerprinting usage in the web. To the best of our knowledge we are the first to perform this comparison with respect to fingerprinting.Our approach achieves 94% accuracy in small decision time. With this we spot more than 840 fingerprinting services, of which 695 are unknown to popular tracker blockers. These include new actual trackers as well as services which use fingerprinting for purposes other than tracking, such as anti-fraud and bot recognition.

Cite

CITATION STYLE

APA

Rizzo, V., Traverso, S., & Mellia, M. (2021). Unveiling Web Fingerprinting in the Wild Via Code Mining and Machine Learning. Proceedings on Privacy Enhancing Technologies, 2021(1), 43–63. https://doi.org/10.2478/popets-2021-0004

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free