×
The Stateless Enemy of Online Privacy
von Gaston PuglieseFrom a privacy perspective, this thesis is dedicated to the investigation of technical and user-centric aspects of browser fingerprinting and its exploitability as a stateless tracking technique. Unlike cookies which are considered stateful, browser fingerprinting does not require information to be stored on the client side to recognize users. Instead, a digital fingerprint of the browser instance is created based on browser attributes that each website can collect actively or that are inevitably part of the client-server communication.
We formalize metrics to characterize fingerprints and present a long-term study on browser fingerprinting which we conducted to investigate the trackability of users. Using a data-driven approach to optimize feature sets, and to mimic an attacker's perspective, we demonstrate that unique fingerprints can be constructed that are longer trackable than those constructed using handcrafted feature sets. Further, we present a novel linking attack against a high-entropy feature which may change over time. This attack was primarily developed to raise awareness for the attack surface itself, but also to evaluate the effectiveness of existing countermeasures. Another technically oriented contribution is the evaluation of side channels which can be used by attackers to collect additional features for fingerprinting or to detect inconsistencies induced by countermeasures. Finally, we address human factors in the context of browser fingerprinting for the first time and highlight user-centric insights gained from two user surveys conducted as part of our longitudinal online study.
Overall, the individual contributions of this work can be mapped along the entire fingerprinting process from the client to the server side. Thereby, we hope to have contributed to a better understanding of the privacy implications of browser fingerprinting, as well as of the capabilities and boundaries of this stateless tracking technique.
We formalize metrics to characterize fingerprints and present a long-term study on browser fingerprinting which we conducted to investigate the trackability of users. Using a data-driven approach to optimize feature sets, and to mimic an attacker's perspective, we demonstrate that unique fingerprints can be constructed that are longer trackable than those constructed using handcrafted feature sets. Further, we present a novel linking attack against a high-entropy feature which may change over time. This attack was primarily developed to raise awareness for the attack surface itself, but also to evaluate the effectiveness of existing countermeasures. Another technically oriented contribution is the evaluation of side channels which can be used by attackers to collect additional features for fingerprinting or to detect inconsistencies induced by countermeasures. Finally, we address human factors in the context of browser fingerprinting for the first time and highlight user-centric insights gained from two user surveys conducted as part of our longitudinal online study.
Overall, the individual contributions of this work can be mapped along the entire fingerprinting process from the client to the server side. Thereby, we hope to have contributed to a better understanding of the privacy implications of browser fingerprinting, as well as of the capabilities and boundaries of this stateless tracking technique.