Presentation is loading. Please wait.

Presentation is loading. Please wait.

I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan, Northwestern University.

Published byBridget Wells Modified over 8 years ago

Similar presentations

Presentation on theme: "I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan, Northwestern University."— Presentation transcript:

1 I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan, Northwestern University Fengli Zhang 11/17/2015

2 Outline Background System Design Evaluation Summary

3 Background More than 90% Alexa Top 500 websites have adopted third party web tracking. The tracking server can associate the users’ unique identifier with the private information contained in the referrer header of the request to the tracking server, thus recording the users’ behaviors.

4 Referer : http://online.wsj.com/ Cookie : id = 12345 User Tracker (doubleclick) visit Referer : http://www.cnn.com/ Cookie : id = 12345

5 No effective defense approach Disable third-party cookie Can be easily bypassed Blacklist-based anti-tracking tools Priori knowledge of tracking server It’s never a good idea to address them one by one, We need a system that can protect users from tracking practice, no matter what techniques they tracker used.

6 TrackingFree Goals and Challenges Anti-tracking Completeness Functionality/compatbility Performance Core Idea : TrackingFree partitions client-side states into multiple isolation units so that the identifiers still exists but not unique any more! Referer : http://online.wsj.com/ Cookie : id = 12345 Referer : http://www.cnn.com/ Cookie : id = 24578

7 outline Background System Design Evaluation Summary

8 Architectur e

9 Contents Allocation Mechanism Initial Contents Allocation Handles those top frames that are navigated by users directly TrackingFree will group them in the same principal if and only if they have the same registered domain Derivative Contents Allocation Handles those frames that are generated due to the contents on other frames, which we call child frame

10 10 Initial Contents Allocation

11 Derivative Contents Allocation Principal Switch Should we switch principle for child frame? The deficiencies of two intuitive yet extreme policies : No privacy-preserving (no switch) Unnecessary overhead (too much switch) Our solution: switch principal only if the following two conditions are met: Cross-site User-triggered

12 Architectur e

13 Same principal Different principal

14 Principal Communication Explicit communication is widely used, but break the isolation mechanism. Disabling communication may break the functionalities of the existing web service Solution: Adopt different policies for different communication channels

15 Explicit communication Restrict the use of explicit communication as follows: Third-party elements in one principle can not explicitly communicate with other principals. First-party elements can only explicitly communicate with the first-party elements placed in its neighbor principals

16 Principal Communication Implicit Communication History Sharing public history manager Accepts information from other managers Only public manager gets associated with browser UI

17 outline Background System Design Evaluation Summary

18 Evaluation Anti-tracking capability Experiments with real world websites Performance Overhead (latency, memory, disk)

19 Anti-tracking Capability with Real World Web Sites Gathered trackers on Alexa Top web sites by following the tracker detection of [Roesner et al. NSDI 2012]. Conduct the experiment on Alexa Top 500 websites All of trackers are blocked.

20 Performance Experiment setting 1.3GHz dual-core Intel Core i5 processor, 4GB memory, 128GB flash storage Latency randomly click 25 cross-site links from Alexa Top websites Cross-site Navigation On average, it takes 5,232.90ms for TrackingFree and 4.381.46ms for Chromium to fully load the cross-site navigation page. TrackingFree incurs an overhead of 19.43%.

21 (3). Cross Site Navigation Avg. Overhead 19.43%

22 Within-site Navigation TrackingFree incurs an overhead of 4.70%.

23 Memory/Disk Overhead MemoryChromiumTrackingFreeIncrease 1 Principal477.1(MB)505(MB)27.9(MB) 4 Principals623.6(MB)702.8(MB)79.2(MB) 12 Principals434.6(MB)642.5(MB)297.9(MB) MemoryChromiumTrackingFreeIncrease 1 Principal21.3(MB)21.8(MB)0.5(MB) 4 Principals22.5(MB)25.9MB)3.4(MB) 12 Principals23.7(MB)29.4(MB)5.7(MB) Disk Overhead on 12 Web Pages (~0.6MB/Principal) Memory Overhead on 12 Web Pages (~25MB/Principal) Each loaded and opened principle takes about 20MB space in memory and 0.5-1 MB space in disk.

24 outline Background System Design Evaluation Summary

25 Design and implement TrackingFree browser that completely protect users from third-party web tracking by isolating resources in different principals. Experimentally proved TrackingFree’s anti-tracking capability. TrackingFree incurs affordable overhead and compatibility cost.

26 Questions?

Download ppt "I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan, Northwestern University."

Similar presentations

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.
Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.
Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.

Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.
Fabián E. Bustamante, Spring 2007

Fabián E. Bustamante, Spring 2007
Digital Marketing Analytics v10. Introduction  Name / job role  What company are you with  How much experience do you have using Webtrends  Create.

Digital Marketing Analytics v10. Introduction  Name / job role  What company are you with  How much experience do you have using Webtrends  Create.
Georgios Kontaxis, Michalis Polychronakis Angelos D. Keromytis, Evangelos P. Markatos Siddhant Ujjain (2009cs10219) Deepak Sharma (2009cs10185)

Georgios Kontaxis, Michalis Polychronakis Angelos D. Keromytis, Evangelos P. Markatos Siddhant Ujjain (2009cs10219) Deepak Sharma (2009cs10185)
An Evaluation of the Google Chrome Extension Security Architecture

An Evaluation of the Google Chrome Extension Security Architecture
On the Incoherencies in Web Browser Access Control Policies Authors: Kapil Singh, et al Presented by Yi Yang.

On the Incoherencies in Web Browser Access Control Policies Authors: Kapil Singh, et al Presented by Yi Yang.
I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan §, Yinzhi Cao †,

I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan §, Yinzhi Cao †,
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.

Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.
Virtual Memory Virtual Memory Management in Mach Labels and Event Processes in Asbestos Ingar Arntzen.

Virtual Memory Virtual Memory Management in Mach Labels and Event Processes in Asbestos Ingar Arntzen.
RDMA ENABLED WEB SERVER Rajat Sharma. Objective  To implement a Web Server serving HTTP client requests through RDMA replacing the traditional TCP/IP.

RDMA ENABLED WEB SERVER Rajat Sharma. Objective  To implement a Web Server serving HTTP client requests through RDMA replacing the traditional TCP/IP.
1 An Empirical Study on Large-Scale Content-Based Image Retrieval Group Meeting Presented by Wyman 23-1-2007.

1 An Empirical Study on Large-Scale Content-Based Image Retrieval Group Meeting Presented by Wyman
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
A. Frank - P. Weisberg Operating Systems Simple/Basic Paging.

A. Frank - P. Weisberg Operating Systems Simple/Basic Paging.
Introduction to eValid Presentation Outline What is eValid? About eValid, Inc. eValid Features System Architecture eValid Functional Design Script Log.

Introduction to eValid Presentation Outline What is eValid? About eValid, Inc. eValid Features System Architecture eValid Functional Design Script Log.
Hystor : Making the Best Use of Solid State Drivers in High Performance Storage Systems Presenter : Dong Chang.

Hystor : Making the Best Use of Solid State Drivers in High Performance Storage Systems Presenter : Dong Chang.
1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.

1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.
Subspace: Secure Cross-Domain Communication for Web Mashups Collin Jackson Stanford University Helen J. Wang Microsoft Research ACM WWW, May, 2007 Presenter:

Subspace: Secure Cross-Domain Communication for Web Mashups Collin Jackson Stanford University Helen J. Wang Microsoft Research ACM WWW, May, 2007 Presenter:

Similar presentations

Ads by Google