Tracking the Trackers

  title={Tracking the Trackers},
  author={Zhong-Hao Yu and Sam Macbeth and Konark Modi and Josep M. Pujol},
  journal={Proceedings of the 25th International Conference on World Wide Web},
Online tracking poses a serious privacy challenge that has drawn significant attention in both academia and industry. [] Key MethodWe deployed our system to 200,000 German users running the Cliqz Browser or the Cliqz Firefox extension to evaluate its efficiency and feasibility. Results indicate that our approach achieves better privacy protection than blocklists, as provided by Disconnect, while keeping the site breakage to a minimum, even lower than the community-optimized AdBlock Plus. We also provide…

Figures and Tables from this paper

Automated discovery of privacy violations on the web
A critical look at how the API design process can be changed to prevent such misuse in the future is taken, and novel detection methods and results for persistent tracking techniques, including: device fingerprinting, cookie syncing, and cookie respawning are presented.
TALON: An Automated Framework for Cross-Device Tracking Detection
A novel methodology for detecting CDT and measuring the factors affecting its performance, in a repeatable and systematic way is proposed, based on emulating realistic browsing activity of end-users, from different devices, and thus triggering and detecting cross-device targeted ads.
Who's Tracking Sensitive Domains?
It is shown that sensitive domains are tracked, albeit less intensely than the mainstream ones, by the third party tracking services operating on them.
Towards Real-Time Web Tracking Detection with T.EX - The Transparency EXtension
Anonymity and privacy are also important aspects of the World Wide Web since its beginning, and activists and developers relentlessly release tools that promise to protect us from Web tracking.
Measuring the Privacy vs. Compatibility Trade-off in Preventing Third-Party Stateful Tracking
It is found that making third-party storage partitioned by first-party, and lifetimes by site-session achieves the best privacy and compatibility trade-off.
A comparison of web privacy protection techniques
Missed by Filter Lists: Detecting Unknown Third-Party Trackers with Invisible Pixels
This paper proposes a fine-grained behavioral classification of tracking based on the analysis of invisible pixels and uses this classification to detect new categories of tracking and uncover new collaborations between domains on the full dataset of 4, 216, 454 third-party requests.
NoMoATS: Towards Automatic Detection of Mobile Tracking
NoMoATS is the first to automatically label which mobile network requests are engaged in A&T, while requiring to only manually label libraries to their purpose, and apply on-device machine learning classifiers that operate at the granularity of URLs.
Enhancing User Awareness and Control of Web Tracking with ManTra
  • D. Re, Claudio Carpineto
  • Computer Science
    2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI)
  • 2016
This paper describes an approach which makes users aware of their likely tracking profile and gives them the possibility to bias the profile towards both ends of the web tracking spectrum, either by improving its accuracy beyond the tracker capabilities or by filling in false interests to increase privacy.
Who ’ s Tracking Sensitive Domains ? ( and how can you tell a sensitive domain anyway ? )
Having analyzed around 30k sensitive domains, it is shown that such domains are tracked, albeit less intensely than the mainstream ones, by third party tracking services operating on them.


Detecting and Defending Against Third-Party Tracking on the Web
This work develops a client-side method for detecting and classifying five kinds of third-party trackers based on how they manipulate browser state, and finds that no existing browser mechanisms prevent tracking by social media sites via widgets while still allowing those widgets to achieve their utility goals, which leads to a new defense.
The Web Never Forgets: Persistent Tracking Mechanisms in the Wild
The evaluation of the defensive techniques used by privacy-aware users finds that there exist subtle pitfalls --- such as failing to clear state on multiple browsers at once - in which a single lapse in judgement can shatter privacy defenses.
Tracking Protection in Firefox For Privacy and Performance
Since Firefox does not download and render content from tracking domains, Tracking Protection also enjoys performance benefits of a 44% median reduction in page load time and 39% reduction in data usage in the Alexa top 200 news sites.
A Promising Direction for Web Tracking Countermeasures
It is argued in this position paper that machine learning could enable tracking countermeasures that are effective and easy to use and by distancing human expert judgments, machine learning approaches are both easy to maintain and palatable to browser vendors.
Adnostic: Privacy Preserving Targeted Advertising
This paper proposes a practical architecture that enables targeting without compromising user privacy, and implements the core targeting system as a Firefox extension and reports on its effectiveness.
On k-Anonymity and the Curse of Dimensionality
It is shown that the curse of high dimensionality also applies to the problem of privacy preserving data mining, and when a data set contains a large number of attributes which are open to inference attacks, it becomes difficult to anonymize the data without an unacceptably high amount of information loss.
Privad: Practical Privacy in Online Advertising
This paper presents Privad, an online advertising system designed to be faster and more private than existing systems while filling the practical market needs of targeted advertising: ads shown in web pages; targeting based on keywords, demographics, and interests; and defense against click-fraud.
How Unique Is Your Web Browser?
  • P. Eckersley
  • Computer Science
    Privacy Enhancing Technologies
  • 2010
The degree to which modern web browsers are subject to "device fingerprinting" via the version and configuration information that they will transmit to websites upon request is investigated, and what countermeasures may be appropriate to prevent it is discussed.
Robust De-anonymization of Large Sparse Datasets
This work applies the de-anonymization methodology to the Netflix Prize dataset, which contains anonymous movie ratings of 500,000 subscribers of Netflix, the world's largest online movie rental service, and demonstrates that an adversary who knows only a little bit about an individual subscriber can easily identify this subscriber's record in the dataset.
t-Closeness: Privacy Beyond k-Anonymity and l-Diversity
The k-anonymity privacy requirement for publishing microdata requires that each equivalence class (i.e., a set of records that are indistinguishable from each other with respect to certain