towards privacy‐friendly online · pdf filesearch email because ... – proof of...
TRANSCRIPT
![Page 1: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/1.jpg)
TowardsPrivacy‐FriendlyOnlineAdver5sing
JulienFreudiger,NevenaVratonjic,andJean‐PierreHubauxMay2009,W2SP
![Page 2: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/2.jpg)
Onlineadver5singisatcenterofInterneteconomy– Immediateandpersonalized
– EnablesBehavioraltarge5ng
InternetEconomy
2Source:Interac5veAdver5singBureauInternetAdver5singrevenuereport,2008
![Page 3: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/3.jpg)
Benefits
• Forusers– Relevanceofads– Sponsoredservices
• Forwebsites– Generateprofitfromads– Newbusinessmodels
3
![Page 4: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/4.jpg)
• Trackuserac5vi5esonline– Interests(visitedwebsites,searchterms)
– Conversa5ons(email)– Friends(socialnetworks)
• Privacyfootprint(KrishnamurthyandWills)
– 72%ofwebserversshareatleastoneadver5ser– 3third‐partydomainscontactedonaverageperaccessedwebsite
PrivacyConcerns
4
![Page 5: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/5.jpg)
Privacy/traceabilityTrade‐off
5
Traceability
Privacy
0 1
1Trade‐off
Allowall
Blockall
Provideawaytocontrolamountofinforma8onshared
![Page 6: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/6.jpg)
Outline
1. OnlineAdver5sing– PrivacyImplica5ons– Exis5ngSolu5ons
2. ProposedSolu5on– PrivacyfriendlyCookiemanagement– Usercentric
3. PreliminaryEvalua5on– FirefoxExtension
6
![Page 7: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/7.jpg)
OnlineAdver5sing
7
u s1
s2
d1
HiddenserversD
UsersU
VisibleserversS
Associatedwebsites
u‐>s1: www.ny5mes.com u‐>s2: www.google.coms1‐>u: index.htmlu‐>d1: ads.com,TP‐cookied1‐>u: ads
s1‐>u: index.htmlu‐>d1: ads.com,TP‐cookied1‐>u: ads
B.KrishnamurthyandC.E.Wills.Genera5ngaprivacyfootprintontheInternet.IMC2006
![Page 8: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/8.jpg)
Traceability
• TP‐Cookiesenable– Spa8altracking:Trackoverdifferentdomains
– Temporaltracking:Iden5fysubsequentvisits
• Referrerrevealsvisitedwebsite
• Exampleofdatacollectedbyadver5sers:– 10h00:www.ny5mes.com,cookie
– 10h02:www.ny5mes.com,cookie– 11h00:www.facebook.com/friends,cookie
8
![Page 9: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/9.jpg)
Exis5ngSolu5ons
• Allornothing– Blockrequeststoadver5sers– BlockTP‐cookies– Allowall
• Sameoriginpolicy– “Onlytheserverthatsetsacookiecanaccessit”– Preventslossofdataconfiden5alityorintegrity– Buttoopermissivewithrespecttoonlinetracking
9
![Page 10: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/10.jpg)
Outline
1. OnlineAdver5sing– PrivacyImplica5ons– Exis5ngSolu5ons
2. ProposedSolu5on– PrivacyfriendlyCookiemanagement– Usercentric
3. PreliminaryEvalua5on– FirefoxExtension
10
![Page 11: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/11.jpg)
ProposedSolu5on
• Trade‐offprivacyandtraceability– Limitspa5alandtemporaltracking
– User‐centricsolu5on
• Definepoliciesforuseofcookies– Userprivacypreferences– Useradver5sementpreferences– Visitedwebsite
11
![Page 12: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/12.jpg)
KeyIdea
• Maintainacollec5onofcookiesinparallel– Sentcookiedependsonthevisitedwebsiteandadver5ser
12
Domain Cookie
ads.com c1
Domain Website Cookie
ads.com ny5mes.com c1
ads.com google.com c2
![Page 13: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/13.jpg)
KeyTechnique
• Toobtainanewcookie– Donotsendexis5ngcookiesinHTMLheader
– Serverassignsanewcookie
• Privacy‐Friendlycookiemanagement– Alternateamongcookiesincollec5on
13
![Page 14: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/14.jpg)
Approach1
14
u s1
s2
d1
u‐>d1: ads.com,www.ny5mes.com,c1
u‐>d1: ads.com,www.ny5mes.com/technology,c1
u‐>d1: ads.com,www.google.com,c2
LimituseofTP‐cookiesperdomainUseforalimitednumberof8mes
becauseny5mes!=google
![Page 15: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/15.jpg)
Approach2
15
LimituseofTP‐cookiesperwebsitecategoryandwithincategoriesUseforalimitednumberof8mes
• Categoriesdefinetypeofwebsite– ny5mes.com=>news– Readilyavailable(e.g.,Alexa)
• Spa5altrackingthresholdLs– Limitsspa5altrackingacrosswebsiteswithincategories
![Page 16: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/16.jpg)
Approach2
16
u s1
s2
d1
u‐>d1: ads.com,www.swissinfo.ch,c1
u‐>d1: ads.com,www.ny5mes.com,c1
u‐>d1: ads.com,www.google.com,c3u‐>d1: ads.com,mail.google.com,c4
u‐>d1: ads.com,www.l.com,c2
s3
s4
Category
News
News
News
Search
Because3>LS
Becausesearch!=news
Becauseemail!=searchandemail!=news
Ls=2
![Page 17: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/17.jpg)
Approach3
17
LimituseofTP‐cookiesbasedonURLsanduserpreferencesUseforalimitednumberof8mes
• URLs– Leakinforma5onthroughreferrer
– google.com/search?q=julien
• Preferencesonwebsitecategories– Privacy:Whatusersdonotwanttoshare– Adver5sing:Whatuserswanttoget
![Page 18: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/18.jpg)
SenngupPreferences
18
Relyononlinesocialcommuni5es
GoogleAdpreferencemanager
![Page 19: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/19.jpg)
Approach3
19
u‐>d1: ads.com,www.google.com,c1
u‐>d1: ads.com,www.google.com/search?q=computers,c1
u‐>d1: ads.com,www.facebook.com/search?q=nevena,c2
u‐>d1: ads.com,www.facebook.com,c1
URLs(w1)
UserPrivacyPref.(w2)
0.1 0
0.9 0
0.1 1
1 1
!
bi!H(B)
w1(bi) · w2(bi) < Ls
Because0.1+1>Ls
Ls=1
![Page 20: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/20.jpg)
Outline
1. OnlineAdver5sing– PrivacyImplica5ons– Exis5ngSolu5ons
2. ProposedSolu5on– PrivacyfriendlyCookiemanagement– Usercentric
3. PreliminaryEvalua5on– FirefoxExtension
20
![Page 21: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/21.jpg)
Implementa5on
• Firefoxextension:PrivaCookie– Proofofconceptcode– Getitonhpp://icapeople.epfl.ch/freudiger
• TPcookiedetec5on– Compareorigina5ngURLwithcurrentURL
• Localcookietable– Linkcookieswithhiddenserverthatcauseditsassignmentandvisibleserverhos5ngads
– (Cookie,visibleserver,hiddenserver)
21
![Page 22: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/22.jpg)
Study
• Chose10pagesfromeachofthetop20domains
• Firefoxextensionpagestats– Runsbrowserinbatchmodewithlistofwebsites– Atotalof200pages
22
![Page 23: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/23.jpg)
Numberofhiddenserversforeachofthetop20domains
23
![Page 24: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/24.jpg)
Numberofvisibleserversforeachhiddenserver
24
PrivaCookie
![Page 25: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/25.jpg)
HiddenServer
VisibleServersYahoo Ebay AOL IMDB Orkut Msn Myspace HI5 Blogspot Rapidshare
doubleclick
quantaserve
atmdt
adver5sing
yieldmanager
25
Top10associatedvisibleserversconnectedwiththemostpopularadver5sers
Extensioncaused81addi5onalcookiesassignments
c1 c1,1 c1 c1,2 c1 c1,3 c1 c1,4 c1 c1,5 c1 c1,6 c1 c1,7 c1 c1,8
![Page 26: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/26.jpg)
TrackingCountermeasures
• TrackbasedonIP- Anonymizer/Tor
• Trackwith– Cachecookies– Browserhistory– Plugins(e.g.,Flashcookies)– Proposedpoliciesalsoapplytothosecases
• Coopera5vetracking?26
![Page 27: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/27.jpg)
Conclusion
• Weproposeasolu5onfortrading‐offprivacy&traceability– Protectsuserprivacy– Allowsfortargetedonlineadver5sing– Nochangesrequiredfromadver5sers– Putsusersincontrol
• Keyidea:Maintainsacollec5onofcookiesinparallel• FutureWork:– Implementapproach2&3– ImplementJavascriptsupport– Considerotherparametersinapproach3
27
![Page 28: Towards Privacy‐Friendly Online · PDF fileSearch Email Because ... – Proof of concept code](https://reader031.vdocuments.mx/reader031/viewer/2022030401/5a7885707f8b9a1f128c3b56/html5/thumbnails/28.jpg)
URLWeight
• ParseURLforn‐grams– “search”– “id”– “username”
• Canbedoneautoma5callybeforevisi5ngURL
28