Technische Universität Berlin Institut für Softwaretechnik und Theoretische Informatik Security in Telecommunications
2025-05-06
0
0
1.44MB
120 页
10玖币
侵权投诉
Technische Universität Berlin
Institut für Softwaretechnik und Theoretische Informatik
Security in Telecommunications
Fakultät IV
Ernst-Reuter-Platz 7
10587 Berlin
www.isti.tu-berlin.de
Master Thesis
Uncovering Fingerprinting Networks.
An Analysis of In-Browser Tracking using a
Behavior-based Approach
Sebastian Neef
Matriculation Number: 350692
s.neef@campus.tu-berlin.de
29.03.2021
Supervised by
Prof. Dr. Jean-Pierre Seifert
Second Supervisor
Prof. Dr. Florian Tschorsch
Assistant Supervisor
M.Sc. Julian Fietkau
arXiv:2210.11300v1 [cs.CR] 15 Aug 2022
Declaration
I hereby declare that the thesis submitted is my own, unaided work, completed
without any unpermitted external help. Only the sources and resources listed were
used.
The independent and unaided completion of the thesis is affirmed by affidavit:
Berlin, the 29th of March, 2021
Sebastian Neef
Due to the collaboration with SecT’s research assistant Julian Fietkau and master’s
degree candidate Felix Kybranz on the paper The Elephant in the Background. A
Quantitative Approach to Empower Users Against Web Browser Fingerprinting [38]
prior to the thesis, this work references their goals, methods and tools. Therefore,
it is closely related to the paper and Kybranz’s thesis [38, 66], but comprises the
essential ideas, implementation, and results of Sebastian Neef’s work.
III
Acknowledgements
My profound gratitude goes to the whole SecT department for making me feel
at home. Foremost to Prof. Seifert for supervising my thesis and Julian Fietkau
for assisting with insightful ideas, productive discussions, and helpful guidance.
Furthermore, I sincerely appreciate countless tips and constructive feedback from
all members of AG Rechnersicherheit. Finally, I must thank my whole family and
friends for always motivating and supporting me throughout my life. Thank you
all!
Abstract
Throughout recent years, the importance of internet-privacy has continuously risen.
The General Data Protection Regulation by the European Union fundamentally
changed digital data processing by requiring explicit consent for processing person-
ally identifiable information. In combination with the cookie law, users can opt-out
of being profiled by advertisers or other entities. Browser fingerprinting is a tech-
nique that does not require cookies or persistent identifiers. It derives a sufficiently
unique identifier from the various browser or device properties. Academic work
has covered offensive and defensive fingerprinting methods for almost a decade,
observing a rise in popularity.
This thesis explores the current state of browser fingerprinting on the internet.
For that, we implement FPNET - a scalable & reliable tool based on FPMON, to
identify fingerprinting scripts on large sets of websites by observing their behavior.
By scanning the Alexa Top 10,000 websites, we spot several hundred networks of
equally behaving scripts. For each network, we determine the actor behind it. We
track down companies like Google, Yandex, Maxmind, Sift, or FingerprintJS, to
name a few.
In three complementary studies, we further investigate the uncovered networks
with regards to I) randomization of filenames or domains, II) behavior changes,
III) security. Two consecutive scans reveal that only less than 12.5% of the pages
do not change script files. With our behavior-based approach, we successfully re-
identify almost 9,000 scripts whose filename or domain changed, and over 86%
IV
of the scripts without URL changes. The security analysis shows an adoption of
TLS/SSL to over 98% and specific web security headers set for over 30% of the
scripts.
Finally, we voice concerns about the unavoidability of modern fingerprinting and
its implications for internet users’ privacy since we believe that many users are
unaware of being fingerprinted or have insufficient possibilities to protect against
it.
V
摘要:
展开>>
收起<<
TechnischeUniversitätBerlinInstitutfürSoftwaretechnikundTheoretischeInformatikSecurityinTelecommunicationsFakultätIVErnst-Reuter-Platz710587Berlinwww.isti.tu-berlin.deMasterThesisUncoveringFingerprintingNetworks.AnAnalysisofIn-BrowserTrackingusingaBehavior-basedApproachSebastianNeefMatriculationNumb...
声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!
相关推荐
-
架构演进:小米的经验分享VIP免费
2025-03-31 5 -
Universal and Independent Multilingual Probing Framework for Exhaustive Model Interpretation and Evaluation Oleg Serikov Vitaly Protasov Ekaterina Voloshina Viktoria Knyazkova
2025-05-06 2 -
Universal cover-time distribution of heterogeneous random walks Jia-Qi Dong1 2Wen-Hui Han1Yisen Wang1Xiao-Song Chen3and Liang Huang1 1Lanzhou Center for Theoretical Physics and Key Laboratory of Theoretical Physics of Gansu Province
2025-05-06 1 -
Universal Evasion Attacks on Summarization Scoring Wenchuan Mu Kwan Hui Lim Singapore University of Technology and Design
2025-05-06 1 -
Universal hidden monotonic trend estimation with contrastive learning Edouard Pineau
2025-05-06 1 -
Universal Quantum Speedup for Branch-and-Bound Branch-and-Cut and Tree-Search Algorithms Shouvanik Chakrabarti Pierre Minssen Romina Yalovetzky and Marco Pistoia
2025-05-06 1 -
Universality class of the glassy random laser Jacopo Niedda1 2Giacomo Gradenigo3 4 2Luca Leuzzi2 1and Giorgio Parisi1 2 5 6 1Dipartimento di Fisica Universit a di Roma Sapienza Piazzale A. Moro 2 I-00185 Roma Italy
2025-05-06 1 -
Universality classes of thermalization for mesoscopic Floquet systems Alan Morningstar1 2David A. Huse1and Vedika Khemani2 1Department of Physics Princeton University Princeton NJ 08544 USA
2025-05-06 1 -
UNIVERSIDADE ESTADUAL DE CAMPINAS Instituto de F sica Gleb Wataghin Jo ao Paulo Picchetti
2025-05-06 2 -
University of Cape Towns WMT22 System Multilingual Machine Translation for Southern African Languages Khalid N. Elmadani Francois Meyer Jan Buys
2025-05-06 1
分类:图书资源
价格:10玖币
属性:120 页
大小:1.44MB
格式:PDF
时间:2025-05-06
作者详情
-
VLC-BERT Visual Question Answering with Contextualized Commonsense Knowledge Sahithya Ravi12Aditya Chinchure12Leonid Sigal12Renjie Liao1Vered Shwartz1210 玖币0人下载
-
Volatility density estimation by multiplicative deconvolution Sergio Brenner Miguela aInstitut f ur angewandte Mathematik und Interdisciplinary Center for Scientic Computing10 玖币0人下载
相关内容
-
Universal Quantum Speedup for Branch-and-Bound Branch-and-Cut and Tree-Search Algorithms Shouvanik Chakrabarti Pierre Minssen Romina Yalovetzky and Marco Pistoia
分类:图书资源
时间:2025-05-06
标签:无
格式:PDF
价格:10 玖币
-
Universality class of the glassy random laser Jacopo Niedda1 2Giacomo Gradenigo3 4 2Luca Leuzzi2 1and Giorgio Parisi1 2 5 6 1Dipartimento di Fisica Universit a di Roma Sapienza Piazzale A. Moro 2 I-00185 Roma Italy
分类:图书资源
时间:2025-05-06
标签:无
格式:PDF
价格:10 玖币
-
Universality classes of thermalization for mesoscopic Floquet systems Alan Morningstar1 2David A. Huse1and Vedika Khemani2 1Department of Physics Princeton University Princeton NJ 08544 USA
分类:图书资源
时间:2025-05-06
标签:无
格式:PDF
价格:10 玖币
-
UNIVERSIDADE ESTADUAL DE CAMPINAS Instituto de F sica Gleb Wataghin Jo ao Paulo Picchetti
分类:图书资源
时间:2025-05-06
标签:无
格式:PDF
价格:10 玖币
-
University of Cape Towns WMT22 System Multilingual Machine Translation for Southern African Languages Khalid N. Elmadani Francois Meyer Jan Buys
分类:图书资源
时间:2025-05-06
标签:无
格式:PDF
价格:10 玖币
渝公网安备50010702506394
