Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.14279/31088
Title: Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications
Authors: Solomos, Konstantinos 
Ilia, Panagiotis 
Nikiforakis, Nick 
Polakis, Jason 
Major Field of Science: Engineering and Technology
Field Category: Electrical Engineering - Electronic Engineering - Information Engineering
Keywords: browser fingerprinting;extension fingerprinting;online tracking
Issue Date: 7-Nov-2022
Source: 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, 7 - 11 November 2022
Conference: Proceedings of the ACM Conference on Computer and Communications Security 
Abstract: Browser fingerprinting continues to proliferate across the web. Critically, popular fingerprinting libraries have started incorporating extension-fingerprinting capabilities, thus exacerbating the privacy loss they can induce. In this paper we propose continuous fingerprinting, a novel extension fingerprinting technique that captures a critical dimension of extensions' functionality that allowed them to elude all prior behavior-based techniques. Specifically, we find that ephemeral modifications are prevalent in the extension ecosystem, effectively rendering such extensions invisible to prior approaches that are confined to analyzing snapshots that capture a single moment in time. Accordingly, we develop Chronos, a system that captures the modifications that occur throughout an extension's life cycle, enabling it to fingerprint extensions that make transient modifications that leave no visible traces at the end of execution. Specifically, our system creates behavioral signatures that capture nodes being added to or removed from the DOM, as well as changes being made to node attributes. Our extensive experimental evaluation highlights the inherent limits of prior snapshot-based approaches, as Chronos is able to identify 11,219 unique extensions, increasing coverage by 66.9% over the state of the art. Additionally, we find that our system captures a unique modification event (i.e., mutation) for 94% of the extensions, while also being able to resolve 97% of the signature collisions across extensions that affect existing snapshot-based approaches. Our study more accurately captures the extent of the privacy threat presented by extension fingerprinting, which warrants more attention by privacy-oriented browser vendors that, up to this point, have focused on deploying countermeasures against other browser fingerprinting vectors.
URI: https://hdl.handle.net/20.500.14279/31088
ISBN: 9781450394505
ISSN: 15437221
DOI: 10.1145/3548606.3560576
Rights: © ACM
Attribution-NonCommercial-NoDerivatives 4.0 International
Type: Conference Papers
Affiliation : University of Illinois at Chicago 
Stony Brook University 
Appears in Collections:Δημοσιεύσεις σε συνέδρια /Conference papers or poster or presentation

CORE Recommender
Show full item record

SCOPUSTM   
Citations

4
checked on Mar 14, 2024

Page view(s)

101
Last Week
1
Last month
9
checked on Nov 24, 2024

Google ScholarTM

Check

Altmetric


This item is licensed under a Creative Commons License Creative Commons