Please use this identifier to cite or link to this item:
https://hdl.handle.net/20.500.14279/31088
Title: | Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications | Authors: | Solomos, Konstantinos Ilia, Panagiotis Nikiforakis, Nick Polakis, Jason |
Major Field of Science: | Engineering and Technology | Field Category: | Electrical Engineering - Electronic Engineering - Information Engineering | Keywords: | browser fingerprinting;extension fingerprinting;online tracking | Issue Date: | 7-Nov-2022 | Source: | 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, 7 - 11 November 2022 | Conference: | Proceedings of the ACM Conference on Computer and Communications Security | Abstract: | Browser fingerprinting continues to proliferate across the web. Critically, popular fingerprinting libraries have started incorporating extension-fingerprinting capabilities, thus exacerbating the privacy loss they can induce. In this paper we propose continuous fingerprinting, a novel extension fingerprinting technique that captures a critical dimension of extensions' functionality that allowed them to elude all prior behavior-based techniques. Specifically, we find that ephemeral modifications are prevalent in the extension ecosystem, effectively rendering such extensions invisible to prior approaches that are confined to analyzing snapshots that capture a single moment in time. Accordingly, we develop Chronos, a system that captures the modifications that occur throughout an extension's life cycle, enabling it to fingerprint extensions that make transient modifications that leave no visible traces at the end of execution. Specifically, our system creates behavioral signatures that capture nodes being added to or removed from the DOM, as well as changes being made to node attributes. Our extensive experimental evaluation highlights the inherent limits of prior snapshot-based approaches, as Chronos is able to identify 11,219 unique extensions, increasing coverage by 66.9% over the state of the art. Additionally, we find that our system captures a unique modification event (i.e., mutation) for 94% of the extensions, while also being able to resolve 97% of the signature collisions across extensions that affect existing snapshot-based approaches. Our study more accurately captures the extent of the privacy threat presented by extension fingerprinting, which warrants more attention by privacy-oriented browser vendors that, up to this point, have focused on deploying countermeasures against other browser fingerprinting vectors. | URI: | https://hdl.handle.net/20.500.14279/31088 | ISBN: | 9781450394505 | ISSN: | 15437221 | DOI: | 10.1145/3548606.3560576 | Rights: | © ACM Attribution-NonCommercial-NoDerivatives 4.0 International |
Type: | Conference Papers | Affiliation : | University of Illinois at Chicago Stony Brook University |
Appears in Collections: | Δημοσιεύσεις σε συνέδρια /Conference papers or poster or presentation |
CORE Recommender
SCOPUSTM
Citations
4
checked on Mar 14, 2024
Page view(s)
100
Last Week
6
6
Last month
9
9
checked on Nov 7, 2024
Google ScholarTM
Check
Altmetric
This item is licensed under a Creative Commons License