Cookies That Give You Away: The Surveillance Implications of Web Tracking
Author(s): Englehardt, Steven; Reisman, Dillon; Eubank, Christian; Zimmerman, Peter; Mayer, Jonathan R; et al
DownloadTo refer to this page use:
http://arks.princeton.edu/ark:/88435/pr1pr7vFull metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Englehardt, Steven | - |
| dc.contributor.author | Reisman, Dillon | - |
| dc.contributor.author | Eubank, Christian | - |
| dc.contributor.author | Zimmerman, Peter | - |
| dc.contributor.author | Mayer, Jonathan R | - |
| dc.contributor.author | Narayanan, Arvind | - |
| dc.contributor.author | Felten, Edward W | - |
| dc.date.accessioned | 2021-10-08T19:44:32Z | - |
| dc.date.available | 2021-10-08T19:44:32Z | - |
| dc.date.issued | 2015-05 | en_US |
| dc.identifier.citation | Englehardt, Steven, Dillon Reisman, Christian Eubank, Peter Zimmerman, Jonathan R. Mayer, Arvind Narayanan, and Edward W. Felten. "Cookies That Give You Away: The Surveillance Implications of Web Tracking." In WWW '15: Proceedings of the 24th International Conference on World Wide Web (2015): pp. 289-299. doi:10.1145/2736277.2741679 | en_US |
| dc.identifier.uri | https://www.cs.princeton.edu/~arvindn/publications/cookie-surveillance-v2.pdf | - |
| dc.identifier.uri | http://arks.princeton.edu/ark:/88435/pr1pr7v | - |
| dc.description.abstract | We study the ability of a passive eavesdropper to leverage "third-party" HTTP tracking cookies for mass surveillance. If two web pages embed the same tracker which tags the browser with a unique cookie, then the adversary can link visits to those pages from the same user (i.e., browser instance) even if the user's IP address varies. Further, many popular websites leak a logged-in user's identity to an eavesdropper in unencrypted traffic. To evaluate the effectiveness of our attack, we introduce a methodology that combines web measurement and network measurement. Using OpenWPM, our web privacy measurement platform, we simulate users browsing the web and find that the adversary can reconstruct 62-73% of a typical user's browsing history. We then analyze the effect of the physical location of the wiretap as well as legal restrictions such as the NSA's "one-end foreign" rule. Using measurement units in various locations - Asia, Europe, and the United States - we show that foreign users are highly vulnerable to the NSA's dragnet surveillance due to the concentration of third-party trackers in the U.S. Finally, we find that some browser-based privacy tools mitigate the attack while others are largely ineffective. | en_US |
| dc.format.extent | 289 - 299 | en_US |
| dc.language.iso | en_US | en_US |
| dc.relation.ispartof | WWW '15: Proceedings of the 24th International Conference on World Wide Web | en_US |
| dc.rights | Author's manuscript | en_US |
| dc.title | Cookies That Give You Away: The Surveillance Implications of Web Tracking | en_US |
| dc.type | Conference Article | en_US |
| dc.identifier.doi | doi:10.1145/2736277.2741679 | - |
| pu.type.symplectic | http://www.symplectic.co.uk/publications/atom-terms/1.0/conference-proceeding | en_US |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| WebTrackingSurveillance.pdf | 353.31 kB | Adobe PDF | View/Download |
Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.