TY - GEN
T1 - Cookies that give you away
T2 - 24th International Conference on World Wide Web, WWW 2015
AU - Englehardt, Steven
AU - Reisman, Dillon
AU - Eubank, Christian
AU - Zimmerman, Peter
AU - Mayer, Jonathan
AU - Narayanan, Arvind
AU - Felten, Edward W.
PY - 2015/5/18
Y1 - 2015/5/18
N2 - We study the ability of a passive eavesdropper to leverage \third-party" HTTP tracking cookies for mass surveillance. If two web pages embed the same tracker which tags the browser with a unique cookie, then the adversary can link visits to those pages from the same user (i.e., browser instance) even if the user's IP address varies. Further, many popular websites leak a logged-in user's identity to an eavesdropper in unencrypted trafic. To evaluate the effectiveness of our attack, we introduce a methodology that combines web measurement and network measurement. Using OpenWPM, our web privacy measurement platform, we simulate users browsing the web and find that the adversary can reconstruct 62|73% of a typical user's browsing history. We then analyze the effect of the physical location of the wiretap as well as legal restrictions such as the NSA's "one-end foreign" rule. Using measurement units in various locations|Asia, Europe, and the United States|we show that foreign users are highly vulnerable to the NSA's dragnet surveillance due to the concentration of third-party trackers in the U.S. Finally, we find that some browser-based privacy tools mitigate the attack while others are largely ineffective.
AB - We study the ability of a passive eavesdropper to leverage \third-party" HTTP tracking cookies for mass surveillance. If two web pages embed the same tracker which tags the browser with a unique cookie, then the adversary can link visits to those pages from the same user (i.e., browser instance) even if the user's IP address varies. Further, many popular websites leak a logged-in user's identity to an eavesdropper in unencrypted trafic. To evaluate the effectiveness of our attack, we introduce a methodology that combines web measurement and network measurement. Using OpenWPM, our web privacy measurement platform, we simulate users browsing the web and find that the adversary can reconstruct 62|73% of a typical user's browsing history. We then analyze the effect of the physical location of the wiretap as well as legal restrictions such as the NSA's "one-end foreign" rule. Using measurement units in various locations|Asia, Europe, and the United States|we show that foreign users are highly vulnerable to the NSA's dragnet surveillance due to the concentration of third-party trackers in the U.S. Finally, we find that some browser-based privacy tools mitigate the attack while others are largely ineffective.
UR - http://www.scopus.com/inward/record.url?scp=84992238873&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84992238873&partnerID=8YFLogxK
U2 - 10.1145/2736277.2741679
DO - 10.1145/2736277.2741679
M3 - Conference contribution
AN - SCOPUS:84992238873
T3 - WWW 2015 - Proceedings of the 24th International Conference on World Wide Web
SP - 289
EP - 299
BT - WWW 2015 - Proceedings of the 24th International Conference on World Wide Web
PB - Association for Computing Machinery, Inc
Y2 - 18 May 2015 through 22 May 2015
ER -