Access the full text.
Sign up today, get DeepDyve free for 14 days.
Lukasz Olejnik, Gunes Acar, C. Castelluccia, Claudia Díaz (2015)
The Leaking Battery - A Privacy Analysis of the HTML5 Battery Status API
Umar Iqbal, Peter Snyder, Shitong Zhu, B. Livshits, Zhiyun Qian, Zubair Shafiq (2018)
AdGraph: A Graph-Based Approach to Ad and Tracker Blocking2020 IEEE Symposium on Security and Privacy (SP)
D. Fifield, Serge Egelman (2015)
Fingerprinting Web Users Through Font Metrics
Percentage of API keywords that only appear in known fingerprinting scripts reported by [41] (i.e., not in any non-fingerprinting scripts)
Shaown Sarker, Jordan Jueckstock, A. Kapravelos (2020)
Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API UsageProceedings of the ACM Internet Measurement Conference
Ertan Bütün, Mehmet Kaya, R. Alhajj (2018)
Extension of neighbor-based link prediction methods for directed, weighted and temporal social networksInf. Sci., 463-464
K. Mowery, Dillon Bogenreif, Scott Yilek, H. Shacham (2011)
Fingerprinting Information in JavaScript Implementations
Pierre Laperdrix, Nataliia Bielova, B. Baudry, Gildas Avoine (2019)
Browser Fingerprinting: A surveyarXiv: Cryptography and Security
Gunes Acar, Marc Juárez, Nick Nikiforakis, Claudia Díaz, Seda Gürses, Frank Piessens, B. Preneel (2013)
FPDetective: dusting the web for fingerprintersProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Shujiang Wu, Song Li, Yinzhi Cao, Ningfei Wang (2019)
Rendered Private: Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting
Georg Merzdovnik, Markus Huber, D. Buhov, Nick Nikiforakis, S. Neuner, Martin Schmiedecker, E. Weippl (2017)
Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools2017 IEEE European Symposium on Security and Privacy (EuroS&P)
(2020)
Building a more private web: A path towards making third party cookies obsolete
V. Rizzo, S. Traverso, M. Mellia (2020)
Unveiling Web Fingerprinting in the Wild Via Code Mining and Machine LearningProceedings on Privacy Enhancing Technologies, 2021
Steven Englehardt, Arvind Narayanan (2016)
Online Tracking: A 1-million-site Measurement and AnalysisProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
(2017)
Bug 1372072 - Neutralize the threat of fingerprinting of network information API When ’privacy.resistFingerprinting’ is true
(2004)
Mouse movementX
(2016)
Battery Status API removed from Firefox
Apple Declares War on Browser Fingerprinting, the Sneaky Tactic That Tracks You in Incognito Mode
and P
Peter Baumann, S. Katzenbeisser, M. Stopczynski, Erik Tews (2016)
Disguised Chromium Browser: Robust Browser, Flash and Canvas Fingerprinting ProtectionProceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society
Pierre Laperdrix, B. Baudry, Vikas Mishra (2017)
FPRandom: Randomizing Core Browser Objects to Break Advanced Device Fingerprinting Techniques
(2008)
Geolocation altitudeAccuracy
(2019)
Think you’re anonymous online? A third of popular websites are ’fingerprinting’ you
Lukasz Olejnik, Steven Englehardt, Arvind Narayanan (2017)
Battery Status Not Included: Assessing Privacy in Web Standards
Justin Brunelle, Mat Kelly, Hany SalahEldeen, Michele Weigle, Michael Nelson (2014)
Not all mementos are created equal: measuring the impact of missing resourcesInternational Journal on Digital Libraries, 16
Bryan Perozzi, Rami Al-Rfou, S. Skiena (2014)
DeepWalk: online learning of social representationsProceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining
Princeton Web Transparency & Accountability Project
How to block fingerprinting with Firefox
Iskander Sánchez-Rola, I. Santos, D. Balzarotti (2018)
Clock Around the Clock: Time-Based Device FingerprintingProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
FP-Inspector Code and Data
(2011)
Khronos releases Final WebGL 1.0 specification
L. Breiman (2001)
Random ForestsMachine Learning, 45
minor revisions to the code to improve its readability. Note that all of the code snippets provided here use multiple fingerprinting techniques
Princy Thomas, K. Mathew (2021)
A broad review on non-intrusive active user authentication in biometricsJournal of Ambient Intelligence and Humanized Computing, 14
Umar Iqbal, Zubair Shafiq, Zhiyun Qian (2017)
The ad wars: retrospective measurement and analysis of anti-adblock filter listsProceedings of the 2017 Internet Measurement Conference
J. Quinlan (1986)
Induction of Decision TreesMachine Learning, 1
Furkan Alaca, P. Oorschot (2016)
Device fingerprinting for augmenting web authentication: classification and analysis of methodsProceedings of the 32nd Annual Conference on Computer Security Applications
Pierre Laperdrix, Gildas Avoine, B. Baudry, Nick Nikiforakis (2019)
Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting
(2016)
James Simonsen
(2020)
OffscreenCanvas — Speed up Your Canvas Operations with a Web Worker
DuckDuckGo’s Tracker Radar Detected Fingerprinting APIs
Salton Index (Cosine similarity): It measures the cosine of the angle between the neighbors of a node pair. The more common the neighboring nodes, the
Umar Iqbal, Steven Englehardt, Zubair Shafiq (2020)
Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviors2021 IEEE Symposium on Security and Privacy (SP)
List of dominant API detected by FP-Radar and their time-to-detection: not-yet-disclosed early detection
Pierre Laperdrix, Nataliia Bielova, B. Baudry, Gildas Avoine (2020)
Browser FingerprintingACM Transactions on the Web (TWEB), 14
(2015)
Clipboard API and events
Takamichi Saito, K. Yasuda, Kazuhisa Tanabe, Kazushi Takahashi (2017)
Web Browser Tampering: Inspecting CPU Features from Side-Channel Information
(2020)
Network Information API
Hristo Bojinov, Yan Michalevsky, Gabi Nakibly, D. Boneh (2014)
Mobile Device Identification via Sensor FingerprintingArXiv, abs/1408.1416
Navigator - Web APIs: MDN
P. Eckersley (2010)
How Unique Is Your Web Browser?
Nick Nikiforakis, A. Kapravelos, W. Joosen, Christopher Krügel, Frank Piessens, G. Vigna (2013)
Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting2013 IEEE Symposium on Security and Privacy
Mat Kelly, Justin Brunelle, Michele Weigle, Michael Nelson (2013)
On the Change in Archivability of Websites Over Time
Apple Declined To Implement 16 Web APIs in Safari Due To Privacy Concerns
WebRTC Internal IP Address Leakage
V. Blondel, Jean-Loup Guillaume, R. Lambiotte, E. Lefebvre (2008)
Fast unfolding of communities in large networksJournal of Statistical Mechanics: Theory and Experiment, 2008
(2020)
Async Clipboard API
Modern & flexible browser fingerprinting library
(2011)
Page Visibility
Fingerprinting Guidance
Adamic-Adar
A. Rajadhyaksha (2008)
ArchiveBioScope: South Asian Screen Studies, 12
(2019)
Today’s Firefox Blocks Third-Party Tracking Cookies and Cryptomining by Default
Peter Snyder, Lara Ansari, C. Taylor, Chris Kanich (2016)
Browser Feature Usage on the Modern WebProceedings of the 2016 Internet Measurement Conference
(2016)
High Resolution Time Level 3
Thang Hoang, Vo Viet, Nguyen Thuc, Deokjai Choi (2012)
Gait identification using accelerometer on mobile phone2012 International Conference on Control, Automation and Information Sciences (ICCAIS)
Anupam Das, Gunes Acar, N. Borisov, Amogh Pradeep (2018)
The Web's Sixth Sense: A Study of Scripts Accessing Smartphone SensorsProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
(2012)
Sensor API Specification
(2020)
Securing Gamepad API
Combating Fingerprinting with a Privacy Budget Explainer
M. Beech (2017)
Liked Mark Graham's Robots.txt meant for search engines don’t work well for web archives
K. Mowery, H. Shacham (2012)
Pixel Perfect : Fingerprinting Canvas in HTML 5
Muhammad Shahzad, A. Liu, Arjmand Samuel (2013)
Secure unlocking of mobile touch screen devices by simple gestures: you can see it but you can not do itProceedings of the 19th annual international conference on Mobile computing & networking
Jaccard Index: The proportion of common neighbors by the total number of neighbors of a node pair. The value is higher if a node pair has more common neighbors in their neighborhood
Hub Promoted Index: The number of common neighbors divided by the number of neighbors of the node with least degree in a node pair
Maja Pusara, C. Brodley (2004)
User re-authentication via mouse movements
Philippe Skolka, Cristian-Alexandru Staicu, Michael Pradel (2019)
Anything to Hide? Studying Minified and Obfuscated Code in the WebThe World Wide Web Conference
(2014)
Gamepad. https://www.w3.org/TR/ 2014/WD-gamepad-20140225
Fin-gerprinting defenses in the tor browser
Nathan Reitinger, Michelle Mazurek (2021)
ML-CB: Machine Learning Canvas BlockProceedings on Privacy Enhancing Technologies, 2021
(2009)
Any person
Resource Allocation Index: The summation of the inverse of the degree of common neighbors between a node pair. The value is higher if the neighbors have low degree
We provide examples of actual fingerprinting snippets to support the discussion in the main text
Noor Hashim, Jamie Murphy, P. O'Connor (2007)
Take Me Back: Validating the Wayback Machine as a Measure of Website Evolution
Oleksii Starov, Nick Nikiforakis (2017)
XHOUND: Quantifying the Fingerprintability of Browser Extensions2017 IEEE Symposium on Security and Privacy (SP)
Gunes Acar, Christian Eubank, Steven Englehardt, Marc Juarez, Arvind Narayanan, Claudia Díaz (2014)
The Web Never Forgets: Persistent Tracking Mechanisms in the WildProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security
(2009)
Web Workers
Nick Nikiforakis, W. Joosen, B. Livshits (2015)
PriVaricator: Deceiving Fingerprinters with Little White LiesProceedings of the 24th International Conference on World Wide Web
Aditya Grover, J. Leskovec (2016)
node2vec: Scalable Feature Learning for NetworksProceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
(2011)
Battery status event specification
(2011)
Performance Timeline
Niko Köbler, J. Libraries (2012)
of Web APIs
(2016)
Remove web content access to Battery API
Ada Lerner, A. Simpson, Tadayoshi Kohno, Franziska Roesner (2016)
Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016
C. Torres, H. Jonker, S. Mauw (2015)
FP-Block: Usable Web Privacy by Controlling Browser Fingerprinting
Yinzhi Cao, Song Li, Erik Wijmans (2017)
(Cross-)Browser Fingerprinting via OS and Hardware Level Features
Amin FaizKhademi, Mohammad Zulkernine, Komminist Weldemariam (2015)
FPGuard: Detection and Prevention of Browser Fingerprinting
Tom Goethem, Wout Scheepers, D. Preuveneers, W. Joosen (2016)
Accelerometer-Based Device Fingerprinting for Multi-factor Mobile Authentication
Wayback Machine API
Disconnect tracking protection lists
Zhonghao Yu, S. Macbeth, Konark Modi, J. Pujol (2016)
Tracking the TrackersProceedings of the 25th International Conference on World Wide Web
HTTP Archive Data
Full Third-Party Cookie Blocking and More
(2016)
Removing the Battery Status API?
AbstractBrowser fingerprinting is a stateless tracking technique that aims to combine information exposed by multiple different web APIs to create a unique identifier for tracking users across the web. Over the last decade, trackers have abused several existing and newly proposed web APIs to further enhance the browser fingerprint. Existing approaches are limited to detecting a specific fingerprinting technique(s) at a particular point in time. Thus, they are unable to systematically detect novel fingerprinting techniques that abuse different web APIs. In this paper, we propose FP-Radar, a machine learning approach that leverages longitudinal measurements of web API usage on top-100K websites over the last decade for early detection of new and evolving browser fingerprinting techniques. The results show that FP-Radar is able to early detect the abuse of newly introduced properties of already known (e.g., WebGL, Sensor) and as well as previously unknown (e.g., Gamepad, Clipboard) APIs for browser fingerprinting. To the best of our knowledge, FP-Radar is the first to detect the abuse of the Visibility API for ephemeral fingerprinting in the wild.
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Apr 1, 2022
Keywords: browser fingerprinting; Wayback Machine; web APIs
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.