On the workings and current practices of web-based device fingerprinting

Nick Nikiforakis; Alexandros Kapravelos; Wouter Joosen; Christopher Kruegel; Frank Piessens; Giovanni Vigna

doi:10.1109/MSP.2013.160

On the workings and current practices of web-based device fingerprinting

Nick Nikiforakis
, Alexandros Kapravelos
, Wouter Joosen
, Christopher Kruegel
, Frank Piessens
, Giovanni Vigna

Computer Science

University of California at Santa Barbara
KU Leuven

Research output: Contribution to journal › Article › peer-review

18 Scopus citations

Abstract

Analysis of three commercial companies' browser-fi ngerprinting code reveals the techniques that allow websites to track users without client-side identifi ers. Questionable practices include the circumvention of HTTP proxies to discover a user's real IP address and the installation of intrusive browser plug-ins. In addition, commercial approaches can bypass user-agent-spoofi ng browser extensions.

Original language	English
Article number	6679044
Pages (from-to)	28-36
Number of pages	9
Journal	IEEE Security and Privacy
Volume	12
Issue number	3
DOIs	https://doi.org/10.1109/MSP.2013.160
State	Published - 2014

Keywords

Browser extensions
Do not track
Fingerprinting
Privacy
Web tracking

Access to Document

10.1109/MSP.2013.160

Cite this

@article{38dffb854f214337bfebe6e56b541d11,

title = "On the workings and current practices of web-based device fingerprinting",

abstract = "Analysis of three commercial companies' browser-fi ngerprinting code reveals the techniques that allow websites to track users without client-side identifi ers. Questionable practices include the circumvention of HTTP proxies to discover a user's real IP address and the installation of intrusive browser plug-ins. In addition, commercial approaches can bypass user-agent-spoofi ng browser extensions.",

keywords = "Browser extensions, Do not track, Fingerprinting, Privacy, Web tracking",

author = "Nick Nikiforakis and Alexandros Kapravelos and Wouter Joosen and Christopher Kruegel and Frank Piessens and Giovanni Vigna",

year = "2014",

doi = "10.1109/MSP.2013.160",

language = "English",

volume = "12",

pages = "28--36",

journal = "IEEE Security and Privacy",

issn = "1540-7993",

number = "3",

}

TY - JOUR

T1 - On the workings and current practices of web-based device fingerprinting

AU - Nikiforakis, Nick

AU - Kapravelos, Alexandros

AU - Joosen, Wouter

AU - Kruegel, Christopher

AU - Piessens, Frank

AU - Vigna, Giovanni

PY - 2014

Y1 - 2014

N2 - Analysis of three commercial companies' browser-fi ngerprinting code reveals the techniques that allow websites to track users without client-side identifi ers. Questionable practices include the circumvention of HTTP proxies to discover a user's real IP address and the installation of intrusive browser plug-ins. In addition, commercial approaches can bypass user-agent-spoofi ng browser extensions.

AB - Analysis of three commercial companies' browser-fi ngerprinting code reveals the techniques that allow websites to track users without client-side identifi ers. Questionable practices include the circumvention of HTTP proxies to discover a user's real IP address and the installation of intrusive browser plug-ins. In addition, commercial approaches can bypass user-agent-spoofi ng browser extensions.

KW - Browser extensions

KW - Do not track

KW - Fingerprinting

KW - Privacy

KW - Web tracking

UR - https://www.scopus.com/pages/publications/84903147055

U2 - 10.1109/MSP.2013.160

DO - 10.1109/MSP.2013.160

M3 - Article

AN - SCOPUS:84903147055

SN - 1540-7993

VL - 12

SP - 28

EP - 36

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

IS - 3

M1 - 6679044

ER -

On the workings and current practices of web-based device fingerprinting

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this