Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers

Babak Amin Azad; Oleksii Starov; Pierre Laperdrix; Nick Nikiforakis

doi:10.1007/978-3-030-52683-2_8

Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers

Babak Amin Azad
, Oleksii Starov
, Pierre Laperdrix
, Nick Nikiforakis

Computer Science

Stony Brook University
Palo Alto Networks, Inc.
Université de Lille

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

When it comes to leaked credentials and credit card information, we observe the development and use of anti-fingerprinting browsers by malicious actors. These tools are carefully designed to evade detection, often by mimicking the browsing environment of the victim whose credentials were stolen. Even though these tools are popular in the underground markets, they have not received enough attention by researchers. In this paper, we report on the first evaluation of four underground, commercial, and research anti-fingerprinting browsers and highlight their high success rate in bypassing browser fingerprinting. Despite their success against well-known fingerprinting methods and libraries, we show that even slightest variation in the simulated fingerprint compared to the real ones can give away the presence of anti-fingerprinting tools. As a result, we provide techniques and fingerprint-based signatures that can be used to detect the current generation of anti-fingerprinting browsers.

Original language	English
Title of host publication	Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings
Editors	Clémentine Maurice, Leyla Bilge, Gianluca Stringhini, Nuno Neves
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	160-170
Number of pages	11
ISBN (Print)	9783030526825
DOIs	https://doi.org/10.1007/978-3-030-52683-2_8
State	Published - 2020
Event	17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020 - Virtual, Online, Portugal Duration: Jun 24 2020 → Jun 26 2020

Publication series

Name	Lecture Notes in Computer Science
Volume	12223 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020
Country/Territory	Portugal
City	Virtual, Online
Period	06/24/20 → 06/26/20

Access to Document

10.1007/978-3-030-52683-2_8

Cite this

Amin Azad, B., Starov, O., Laperdrix, P., & Nikiforakis, N. (2020). Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers. In C. Maurice, L. Bilge, G. Stringhini, & N. Neves (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings (pp. 160-170). (Lecture Notes in Computer Science; Vol. 12223 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-52683-2_8

Amin Azad, Babak ; Starov, Oleksii ; Laperdrix, Pierre et al. / Short Paper - Taming the Shape Shifter : Detecting Anti-fingerprinting Browsers. Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings. editor / Clémentine Maurice ; Leyla Bilge ; Gianluca Stringhini ; Nuno Neves. Springer Science and Business Media Deutschland GmbH, 2020. pp. 160-170 (Lecture Notes in Computer Science).

@inproceedings{519916d7f2b4457dab693fd2a1b8d509,

title = "Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers",

abstract = "When it comes to leaked credentials and credit card information, we observe the development and use of anti-fingerprinting browsers by malicious actors. These tools are carefully designed to evade detection, often by mimicking the browsing environment of the victim whose credentials were stolen. Even though these tools are popular in the underground markets, they have not received enough attention by researchers. In this paper, we report on the first evaluation of four underground, commercial, and research anti-fingerprinting browsers and highlight their high success rate in bypassing browser fingerprinting. Despite their success against well-known fingerprinting methods and libraries, we show that even slightest variation in the simulated fingerprint compared to the real ones can give away the presence of anti-fingerprinting tools. As a result, we provide techniques and fingerprint-based signatures that can be used to detect the current generation of anti-fingerprinting browsers.",

author = "\{Amin Azad\}, Babak and Oleksii Starov and Pierre Laperdrix and Nick Nikiforakis",

note = "Publisher Copyright: {\textcopyright} 2020, Springer Nature Switzerland AG.; 17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020 ; Conference date: 24-06-2020 Through 26-06-2020",

year = "2020",

doi = "10.1007/978-3-030-52683-2\_8",

language = "English",

isbn = "9783030526825",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "160--170",

editor = "Cl{\'e}mentine Maurice and Leyla Bilge and Gianluca Stringhini and Nuno Neves",

booktitle = "Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings",

}

Amin Azad, B, Starov, O, Laperdrix, P & Nikiforakis, N 2020, Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers. in C Maurice, L Bilge, G Stringhini & N Neves (eds), Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings. Lecture Notes in Computer Science, vol. 12223 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 160-170, 17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020, Virtual, Online, Portugal, 06/24/20. https://doi.org/10.1007/978-3-030-52683-2_8

Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers. / Amin Azad, Babak; Starov, Oleksii; Laperdrix, Pierre et al.
Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings. ed. / Clémentine Maurice; Leyla Bilge; Gianluca Stringhini; Nuno Neves. Springer Science and Business Media Deutschland GmbH, 2020. p. 160-170 (Lecture Notes in Computer Science; Vol. 12223 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Short Paper - Taming the Shape Shifter

T2 - 17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020

AU - Amin Azad, Babak

AU - Starov, Oleksii

AU - Laperdrix, Pierre

AU - Nikiforakis, Nick

PY - 2020

Y1 - 2020

N2 - When it comes to leaked credentials and credit card information, we observe the development and use of anti-fingerprinting browsers by malicious actors. These tools are carefully designed to evade detection, often by mimicking the browsing environment of the victim whose credentials were stolen. Even though these tools are popular in the underground markets, they have not received enough attention by researchers. In this paper, we report on the first evaluation of four underground, commercial, and research anti-fingerprinting browsers and highlight their high success rate in bypassing browser fingerprinting. Despite their success against well-known fingerprinting methods and libraries, we show that even slightest variation in the simulated fingerprint compared to the real ones can give away the presence of anti-fingerprinting tools. As a result, we provide techniques and fingerprint-based signatures that can be used to detect the current generation of anti-fingerprinting browsers.

AB - When it comes to leaked credentials and credit card information, we observe the development and use of anti-fingerprinting browsers by malicious actors. These tools are carefully designed to evade detection, often by mimicking the browsing environment of the victim whose credentials were stolen. Even though these tools are popular in the underground markets, they have not received enough attention by researchers. In this paper, we report on the first evaluation of four underground, commercial, and research anti-fingerprinting browsers and highlight their high success rate in bypassing browser fingerprinting. Despite their success against well-known fingerprinting methods and libraries, we show that even slightest variation in the simulated fingerprint compared to the real ones can give away the presence of anti-fingerprinting tools. As a result, we provide techniques and fingerprint-based signatures that can be used to detect the current generation of anti-fingerprinting browsers.

UR - https://www.scopus.com/pages/publications/85088497371

U2 - 10.1007/978-3-030-52683-2_8

DO - 10.1007/978-3-030-52683-2_8

M3 - Conference contribution

AN - SCOPUS:85088497371

SN - 9783030526825

T3 - Lecture Notes in Computer Science

SP - 160

EP - 170

BT - Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings

A2 - Maurice, Clémentine

A2 - Bilge, Leyla

A2 - Stringhini, Gianluca

A2 - Neves, Nuno

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 24 June 2020 through 26 June 2020

ER -

Amin Azad B, Starov O, Laperdrix P, Nikiforakis N. Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers. In Maurice C, Bilge L, Stringhini G, Neves N, editors, Detection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings. Springer Science and Business Media Deutschland GmbH. 2020. p. 160-170. (Lecture Notes in Computer Science). doi: 10.1007/978-3-030-52683-2_8

Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this