Abstract
Private browsing has been a popular privacy feature built into all mainstream browsers since 2005. However, despite its prevalent use, the security of this feature has received little attention from the research community. In this paper, we present an up-to-date and comprehensive analysis of private browsing across four most popular web browsers: IE, Firefox, Chrome and Safari. We report that all browsers under study suffer from a variety of vulnerabilities, many of which have not been reported or known before. Our work highlights the complexity of the subject and calls for more attention from the security community.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Given the often negative connotation of using the private mode for viewing adult websites (see [5]), we consider the fact of using the private mode a privacy feature by itself. If the remote website learns the user is in the private mode, it may push more adult-oriented advertisement to the user.
References
Chrome Private Browsing Mode. https://support.google.com/chrome/bin/answer.py?hl=en&answer=95464&p=cpn_incognito. Accessed April 2013
Mozilla Firefox Private Browsing Mode. http://support.mozilla.org/en-US/kb/private-browsing-browse-web-without-saving-info. Accessed April 2013
Safari Private Browsing Mode. http://support.apple.com/kb/PH5000. Accessed April 2013
Internet Explorer Private Browsing Mode. http://windows.microsoft.com/en-us/windows-vista/what-is-inprivate-browsing. Accessed April 2013
Aggarwal, G., Burzstein, E., Jackson, C., Boneh, D.: An analysis of private browsing modes in modern browsers. In: The 19th USENIX Symphosium on Security (2010)
Said, H., Mutawa, A.H., Awadhi, A.I., Guimaraes, M.: Forensic analysis of private browsing artifacts. In: International Conference on Innovations in Information Technology (IIT) (2011)
Ruiz-Martínez, A.: A survey on solutions and main free tools for privacy enhancing Web communications. J. Netw. Comput. Appl. 35(5), 1473–1492 (2012)
Collin, J., Bortz, A., Boneh, D., Mitchell, C.J.: Protecting browser state from web privacy attacks. In: The 15th International Conference on World Wide Web (WWW) (2006)
Most Popular Web Browsers. http://www.w3schools.com/browsers/browsers_stats.asp. Accessed April 2013
VMware Player Version 4.0.0. http://www.vmware.com/products/player/. Accessed April 2013
Click & Clean. https://chrome.google.com/webstore/detail/ghgabhipcejejjmhhchfonmamedcbeod?utm_source=chrome-ntp-icon. Accessed April 2013
Clear DNS Cache. https://addons.mozilla.org/en-us/firefox/addon/clear-dns-cache/. Accessed April 2013
Jeon, S., Bang, J., Byun, K.: A recovery method of deleted record for SQLite database. Pers. Ubiquit. Comput. 16(6), 707–715 (2011)
Eckersley, P.: How unique is your web browser? https://panopticlick.eff.org/browser-uniqueness.pdf. Accessed April 2013
The Official Website for the TOR Project. https://www.torproject.org/. Accessed April 2013
Kreyszig, E.: Introductory Mathematical Statistics. Wiley, New York (1970)
Selenium. http://seleniumhq.org/. Accessed April 2013
Standard Chrome Extension API. http://developer.chrome.com/extensions/. Accessed April 2013
Experimental Chrome Extension API. http://developer.chrome.com/extensions/experimental.html. Accessed April 2013
Open-Source Software Tools Developed for the Research of Private Browsing. http://homepages.cs.ncl.ac.uk/m.j.forshaw1/privatebrowsing/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Satvat, K., Forshaw, M., Hao, F., Toreini, E. (2014). On the Privacy of Private Browsing – A Forensic Approach. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2013 2013. Lecture Notes in Computer Science(), vol 8247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54568-9_25
Download citation
DOI: https://doi.org/10.1007/978-3-642-54568-9_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54567-2
Online ISBN: 978-3-642-54568-9
eBook Packages: Computer ScienceComputer Science (R0)