Device Fingerprinting: Analysis of Chosen Fingerprinting Methods

Anna Kobusińska, Jerzy Brzeziński, Kamil Pawulczuk

Abstract

Device fingerprinting is a modern technique of using available information to distinguish devices. Fingerprinting can be used as a replacement for storing user identifiers in cookies or local storage. In this paper we discover features and corresponding optimal implementations that may enrich and improve an open-source fingerprinting library Fingerprintjs2 that is daily consumed by hundreds of websites. As a result, the paper provides a noticeable progress in the analysis of fingerprinting solutions.

References

  1. Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., and Diaz., C. (2014). The web never forgets: Persistent tracking mechanisms in the wild. technical report, princeton university, ku leuven.
  2. Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., Gürses, S., Piessens, F., and Preneel, B. (2013). Fpdetective: dusting the web for fingerprinters. InProceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 1129-1140. ACM.
  3. Augur (2016). Augur, a set of apis and tools that instantly enables businesses to recognize devices, and consumers across devices. [on-line] https://www.augur.io/ (retrieved: 08/2016).
  4. Boda, K., Földes, Í. M., Gulyás, G. G., and Imre, S. (2011). User tracking on the web via cross-browser fingerprinting. In Nordic Conference on Secure IT Systems, pages 31-46. Springer.
  5. BrowserSpy (2016). Browserspy on-line ngerprinting test tool. [on-line] http://browserspy.dk/ (retrieved: 08/2016).
  6. Cahn, A., Alfeld, S., Barford, P., and Muthukrishnan, S. (2016). An empirical study of web cookies. In Proceedings of the 25th International Conference on World Wide Web, WWW 7816, pages 891-901.
  7. Checklist, S. (2016). Web browser security checklist. [on-line] https://www.browserleaks.com/ (retrieved: 08/2016).
  8. Cross-browser (2016). Cross-browser ngerprinting test 2.0. [on-line] https://fingerprint.pet-portal.eu/ (retrieved: 08/2016).
  9. Eckersley., P. (2010). How unique is your web browser? in international symposium on privacy enhancing technologies symposium, pages 118. springer, 2010.
  10. Englehardt, S. and Narayanan., A. (2016). On-line tracking: A 1-million-site measurement and analysis. technical report, princeton university.
  11. Fetterly, D., Manasse, M., Najork, M., and Wiener, J. (2003). A large-scale study of the evolution of web pages. In Proceedings of the 12th International Conference on World Wide Web, WWW 7803, pages 669- 678. ACM.
  12. Fingerprints2 (2016). Fingerprintjs2 ern browser ngerprinting library. https://github.com/valve/fingerprintjs2.
  13. Frontier, E. (2016). On-line ngerprinting test conducted by electronic frontier foundation. [on-line] https: //panopticlick.eff.org/ (retrieved: 08/2016).
  14. HTML5 (2016). HTML5, a vocabulary and associated apis for html and xhtml. http://aiweb.techfak. unibielefeld.de/content/bworld-robot-control-software/ adsfdf afdfds afsddfs adfd adfdf adfsdfs adfsdsf afsddfs. [on-line] https://www.w3.org/tr/html5/ (retrieved: 08/2016).
  15. Kamkar, S. (2016). Evercookie virtually irrevocable persistent cookies. [on-line] http://samy.pl/evercookie/ (retrieved: 08/2016).
  16. Kurent, A. (2016). Crossbrowser device ngerprinting diploma thesis. [on-line] http://fingerprinting.comyr.com/ (retrieved: 08/2016).
  17. Low, C. (2016). Cookie law explained. [on-line] https://www.cookielaw.org/the-cookie-law/ (retrieved:08/2016).
  18. Persistent (2016). Usage of persistent cookies for websites. [on-line] https://w3techs.com/technologies/details/cepersistentcookies/all/all (retrieved: 08/2016).
  19. Tillmann, H. (2016). Browser ngerprinting test by henning tillmann. [on-line] http://bfp.henning-tillmann.de/ (retrieved: 08/2016).
  20. Webkit2016 (2016). Fingerprinting in webkit. [on-line] https://trac.webkit.org/wiki/fingerprinting.
  21. Yen, T.-F., Huang, X., Monrose, F., and Reiter, M. K. (2009). Browser fingerprinting from coarse traffic summaries: Techniques and implications. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pages 157- 175. Springer.
  22. Yen, T.-F., Xie, Y., Yu, F., Yu, R. P., and Abadi, M. (2012). Host fingerprinting and tracking on the web: Privacy and security implications. In NDSS.
Download


Paper Citation


in Harvard Style

Kobusińska A., Brzeziński J. and Pawulczuk K. (2017). Device Fingerprinting: Analysis of Chosen Fingerprinting Methods . In Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-245-5, pages 167-177. DOI: 10.5220/0006375701670177


in Bibtex Style

@conference{iotbds17,
author={Anna Kobusińska and Jerzy Brzeziński and Kamil Pawulczuk},
title={Device Fingerprinting: Analysis of Chosen Fingerprinting Methods},
booktitle={Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2017},
pages={167-177},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006375701670177},
isbn={978-989-758-245-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Device Fingerprinting: Analysis of Chosen Fingerprinting Methods
SN - 978-989-758-245-5
AU - Kobusińska A.
AU - Brzeziński J.
AU - Pawulczuk K.
PY - 2017
SP - 167
EP - 177
DO - 10.5220/0006375701670177