Criteria and Analysis for Human-Centered Browser Fingerprinting Countermeasures

Date
2022-01-04
Authors
Andalibi, Vafa
Sadeqi Azer, Erfan
Camp, L. Jean
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Browser fingerprinting is a surveillance technique that uses browser and device attributes to track visitors across the web. Defeating fingerprinting requires blocking attribute information or spoofing attributes, which can result in loss of functionality. To address the challenge of escaping surveillance while obtaining functionality, we identify six design criteria for an ideal spoofing system. We present three fingerprint generation algorithms as well as a baseline algorithm that simply samples a dataset of fingerprints. For each algorithm, we identify trade-offs among the criteria: distinguishability from a non-spoofed fingerprint, uniqueness, size of the anonymity set, efficient generation, loss of web functionality, and whether or not the algorithm protects the confidentiality of the underlying dataset. We report on a series of experiments illustrating that the use of our partially-dependent algorithm for spoofing fingerprints will avoid detection by Machine Learning approaches to surveillance.
Description
Keywords
Cyber Systems: Their Science, Engineering, and Security, browser fingerprinting, client fingerprinting, end-user privacy protection, fingerprinting defenses, internet privacy
Citation
Rights
Access Rights
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.