Abstract
An attacker, who is able to observe a web user over a long period of time, learns a lot about his interests. It may be difficult to track users with regularly changing IP addresses, though. We show how patterns mined from web traffic can be used to re-identify a majority of users, i. e. link multiple sessions of them. We implement the web user re-identification attack using a Multinomial Naïve Bayes classifier and evaluate it using a real-world dataset from 28 users. Our evaluation setup complies with the limited knowledge of an attacker on a malicious web proxy server, who is only able to observe the host names visited by its users. The results suggest that consecutive sessions can be linked with high probability for session durations from 5 minutes to 48 hours and that user profiles degrade only slowly over time. We also propose basic countermeasures and evaluate their efficacy. © 2012 Springer-Verlag.
Cite
CITATION STYLE
Herrmann, D., Gerber, C., Banse, C., & Federrath, H. (2012). Analyzing characteristic host access patterns for re-identification of web user sessions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7127 LNCS, pp. 136–154). https://doi.org/10.1007/978-3-642-27937-9_10
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
