Abstract
Even though most web users assume that only the websites that they visit directly become aware of the visit, this belief is incorrect. Many website display contents hosted externally by third-party websites, which can track users and become aware of their web-surfing behavior. This phenomenon is called third-party tracking, and although such activities violate no law, they raise privacy concerns because the tracking is carried out without users’ knowledge or explicit approval. Our work provides a systematic study of the third-party tracking phenomenon. First, we develop TrackAdvisor, arguably the first method that utilizes Machine Learning to identify the HTTP requests carrying sensitive information to third-party trackers with very high accuracy (100 % Recall and 99.4 Precision). Microsoft’s Tracking Protection Lists, which is a widely-used third-party tracking blacklist achieves only a Recall of 72.2 %. Second, we quantify the pervasiveness of the third-party tracking phenomenon: 46 % of the home pages of the websites in Alexa Global Top 10,000 have at least one third-party tracker, and Google, using third-party tracking, monitors 25 % of these popular websites. Our overarching goal is to measure accurately how widespread third-party tracking is and hopefully would raise the public awareness to its potential privacy risks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In general, it is more accurate to say that third party tracking can track and identify web-browsers and not end users. In the rest of this document, we will use the term “tracking a user” to imply tracking the browser that is being used.
References
AdBlock Plus. https://adblockplus.org
Alexa, the Web Information Company. http://www.alexa.com
Collusion, browser extension. https://chrome.google.com/webstore/detail/collusion-for-chrome/ganlifbpkcplnldliibcbegplfmcfigp
FourthParty Firefox Extension. http://fourthparty.info
Ghostery. https://www.ghostery.com/
HTTP ETags. http://en.wikipedia.org/wiki/HTTP_ETag
Microsoft’s Tracking Protection Lists. http://ie.microsoft.com/testdrive/Browser/p3p/Default.html
Privacy Badger. http://www.theregister.co.uk/2014/05/02/eff_privacy_badger/
Selenium, Web Browser Automation. http://docs.seleniumhq.org/
Third-party iFrames can no longer read their own cookies when “Block third-party cookies and site data” is enabled. urlhttps://code.google.com/p/chromium/issues/detail?id=113401
Yahoo declines to honor “Do not track”. http://yahoopolicy.tumblr.com/post/84363620568/yahoos-default-a-personalized-experience
Ayenson, M., Wambach, D., Soltani, A., Good, N., Hoofnagle, C.: Flash cookies and privacy II: now with HTML5 and etag respawning. Social Science Research Networks (2011)
Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1–18. Springer, Heidelberg (2010)
Leon, P., Ur, B., Shay, R., Wang, Y., Balebako, R., Cranor, L.: Why Johnny can’t opt out: a usability evaluation of tools to limit online behavioral advertising. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 589–598. ACM (2012)
Mayer, J.: Tracking the Trackers: Self-help tools. http://cyberlaw.stanford.edu/node/6730
Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 413–427. IEEE (2012)
McDonald, A.M., Cranor, L.F.: A survey of the use of adobe flash local shared objects to respawn http cookies. J. Law Policy Inf. Soc. 7, 639–721 (2012)
Weinberg, Z., Chen, E.Y., Jayaraman, P.R., Jackson, C.: I still know what you visited last summer: leaking browsing history via user interaction and side channel attacks. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 147–161. IEEE (2011)
Witten, I.H., Frank, E., Trigg, L.E., Hall, M.A., Holmes, G., Cunningham, S.J.: WEKA: practical machine learning tools and techniques with Java implementations
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Li, TC., Hang, H., Faloutsos, M., Efstathopoulos, P. (2015). TrackAdvisor: Taking Back Browsing Privacy from Third-Party Trackers. In: Mirkovic, J., Liu, Y. (eds) Passive and Active Measurement. PAM 2015. Lecture Notes in Computer Science(), vol 8995. Springer, Cham. https://doi.org/10.1007/978-3-319-15509-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-15509-8_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15508-1
Online ISBN: 978-3-319-15509-8
eBook Packages: Computer ScienceComputer Science (R0)