File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1109/CNS.2017.8228636
- Scopus: eid_2-s2.0-85046545398
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Evaluating private modes in desktop and mobile browsers and their resistance to fingerprinting
| Title | Evaluating private modes in desktop and mobile browsers and their resistance to fingerprinting |
|---|---|
| Authors | |
| Keywords | browsing history fingerprint private mode statistics |
| Issue Date | 2017 |
| Citation | 2017 IEEE Conference on Communications and Network Security, CNS 2017, 2017, v. 2017-January, p. 1-9 How to Cite? |
| Abstract | Modern browsers implement private mode to protect user privacy. However, they do not agree on what protection private mode should provide. We performed the first study on comparing private modes in popular desktop and mobile browsers and found many inconsistencies between different browsers and between the desktop and mobile versions of the same browser. We show that some inconsistencies result from the tradeoff between security and privacy. However, even if private mode leaks no information about the user, the attacker could still track the user by fingerprinting the browser. Recent work suggested that a browser could report randomized configurations, such as font sizes and installed plugins, to defeat fingerprinting. To show that randomizing configuration reports is insecure, we propose an attack that estimates the true configuration based on statistical methods. We demonstrated that this attack was easy and effective. |
| Persistent Identifier | http://hdl.handle.net/10722/346667 |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Wu, Yuanyi | - |
| dc.contributor.author | Meng, Dongyu | - |
| dc.contributor.author | Chen, Hao | - |
| dc.date.accessioned | 2024-09-17T04:12:27Z | - |
| dc.date.available | 2024-09-17T04:12:27Z | - |
| dc.date.issued | 2017 | - |
| dc.identifier.citation | 2017 IEEE Conference on Communications and Network Security, CNS 2017, 2017, v. 2017-January, p. 1-9 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/346667 | - |
| dc.description.abstract | Modern browsers implement private mode to protect user privacy. However, they do not agree on what protection private mode should provide. We performed the first study on comparing private modes in popular desktop and mobile browsers and found many inconsistencies between different browsers and between the desktop and mobile versions of the same browser. We show that some inconsistencies result from the tradeoff between security and privacy. However, even if private mode leaks no information about the user, the attacker could still track the user by fingerprinting the browser. Recent work suggested that a browser could report randomized configurations, such as font sizes and installed plugins, to defeat fingerprinting. To show that randomizing configuration reports is insecure, we propose an attack that estimates the true configuration based on statistical methods. We demonstrated that this attack was easy and effective. | - |
| dc.language | eng | - |
| dc.relation.ispartof | 2017 IEEE Conference on Communications and Network Security, CNS 2017 | - |
| dc.subject | browsing history | - |
| dc.subject | fingerprint | - |
| dc.subject | private mode | - |
| dc.subject | statistics | - |
| dc.title | Evaluating private modes in desktop and mobile browsers and their resistance to fingerprinting | - |
| dc.type | Conference_Paper | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.doi | 10.1109/CNS.2017.8228636 | - |
| dc.identifier.scopus | eid_2-s2.0-85046545398 | - |
| dc.identifier.volume | 2017-January | - |
| dc.identifier.spage | 1 | - |
| dc.identifier.epage | 9 | - |