research-article

Cookies That Give You Away: The Surveillance Implications of Web Tracking

Authors:

Steven Englehardt,

Dillon Reisman,

Christian Eubank,

Peter Zimmerman,

Jonathan Mayer,

Arvind Narayanan,

Edward W. FeltenAuthors Info & Claims

WWW '15: Proceedings of the 24th International Conference on World Wide Web

Pages 289 - 299

https://doi.org/10.1145/2736277.2741679

Published: 18 May 2015 Publication History

Abstract

We study the ability of a passive eavesdropper to leverage "third-party" HTTP tracking cookies for mass surveillance. If two web pages embed the same tracker which tags the browser with a unique cookie, then the adversary can link visits to those pages from the same user (i.e., browser instance) even if the user's IP address varies. Further, many popular websites leak a logged-in user's identity to an eavesdropper in unencrypted traffic. To evaluate the effectiveness of our attack, we introduce a methodology that combines web measurement and network measurement. Using OpenWPM, our web privacy measurement platform, we simulate users browsing the web and find that the adversary can reconstruct 62-73% of a typical user's browsing history. We then analyze the effect of the physical location of the wiretap as well as legal restrictions such as the NSA's "one-end foreign" rule. Using measurement units in various locations - Asia, Europe, and the United States - we show that foreign users are highly vulnerable to the NSA's dragnet surveillance due to the concentration of third-party trackers in the U.S. Finally, we find that some browser-based privacy tools mitigate the attack while others are largely ineffective.

References

[1]

ShareMeNot: Protecting against tracking from third-party social media buttons while still allowing you to use them. https://sharemenot.cs.washington.edu.

[2]

TrackingObserver: A Browser-Based Web Tracking Detection Platform. http://trackingobserver.cs.washington.edu.

[3]

Executive Order 12333{United States intelligence activities. http://www.archives.gov/federal-register/codification/executive-order/12333.html, 1981.

[4]

NSA 'planned to discredit radicals over web-porn use'. http://www.bbc.co.uk/news/technology-25118156, November 2013.

[5]

'Tor Stinks' presentation - read the full document. http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document, October 2013.

[6]

G. Acar, C. Eubank, S. Englehardt, M. Juarez, A. Narayanan, and C. Diaz. The Web never forgets: Persistent tracking mechanisms in the wild. In Conference on Computer and Communications Security (CCS). ACM, 2014.

Digital Library

[7]

G. Acar, M. Juarez, N. Nikiforakis, C. Diaz, S. Gurses, F. Piessens, and B. Preneel. FPDetective: dusting the web for fingerprinters. In Conference on Computer and Communications Security (CCS). ACM, 2013.

Digital Library

[8]

A. Arnbak and S. Goldberg. Loopholes for circumventing the constitution: Warrantless bulk surveillance on americans by collecting network traffic abroad, 2014.

[9]

M. Ayenson, D. J. Wambach, A. Soltani, N. Good, and C. J. Hoofnagle. Flash cookies and privacy II: Now with HTML5 and ETag respawning. World Wide Web Internet And Web Information Systems, 2011.

[10]

M. Balakrishnan, I. Mohomed, and V. Ramasubramanian. Where's that phone?: geolocating IP addresses on 3G networks. In Internet Measurement Conference (IMC). ACM, 2009.

Digital Library

[11]

R. Balebako, P. Leon, R. Shay, B. Ur, Y. Wang, and L. Cranor. Measuring the Effectiveness of Privacy Tools for Limiting Behavioral Advertising.

[12]

J. Ball. NSA stores metadata of millions of web users for up to a year, secret files show. http://www.theguardian.com/world/2013/sep/30/nsa-americans-metadata-year-documents, 2013.

[13]

P. E. Black. Ratcliff/Obershelp pattern recognition. http://xlinux.nist.gov/dads/HTML/ratcliffObershelp.html, December 2004.

[14]

E. Bursztein. Tracking users that block cookies with a HTTP redirect. http://www.elie.net/blog/security/tracking-users-that-block-cookies-with-a-http-redirect, 2011.

[15]

S. Chen, R. Wang, X. Wang, and K. Zhang. Side-channel leaks in web applications: A reality today, a challenge tomorrow. In Security and Privacy (S&P). IEEE, 2010.

Digital Library

[16]

A. Clement. IXmaps{Tracking your personal data through the NSA's warrantless wiretapping sites. In International Symposium on Technology and Society (ISTAS). IEEE, 2013.

[17]

B. Elgin and V. Silver. The Surveillance Market and Its Victims. http://www.bloomberg.com/data-visualization/wired-for-repression/, 2011.

[18]

S. Englehardt, C. Eubank, P. Zimmerman, D. Reisman, and A. Narayanan. Web Privacy Measurement: Scientific principles, engineering platform, and new results. Manuscript, 2014.

[19]

R. Gallagher. Operation Socialist: The Inside Story of How British Spies Hacked Belgium's Largest Telco. https://firstlook.org/theintercept/2014/12/13/belgacom-hack-gchq-inside-story/, 2014.

[20]

Ghostery. Are we private yet? http://www.areweprivateyet.com/.

[21]

S. Gorman and J. Valentino-Devries. New Details Show Broader NSA Surveillance Reach. http://online.wsj.com/news/articles/SB10001424127887324108204579022874091732470, 2013.

[22]

G. Greenwald and S. Ackerman. How the NSA is still harvesting your online data. http://www.theguardian.com/world/2013/jun/27/nsa-online-metadata-collection, 2013.

[23]

M. Hastak and M. J. Culnan. Persistent and unblockable cookies using HTTP headers. http://www.nikcub.com/posts/persistant-and-unblockable-cookies-using-http-headers, 2011.

[24]

D. Herrmann, R. Wendolsky, and H. Federrath. Website Fingerprinting: Attacking Popular Privacy Enhancing Technologies with the Multinomial Naive-Bayes Classifier. In Workshop on Cloud Computing Security (CCSW). ACM, 2009.

Digital Library

[25]

A. Hintz. Fingerprinting Websites Using Traffic Analysis. In Privacy Enhancing Technologies. Springer, 2003.

Digital Library

[26]

J. Hoffman-Andrews. Verizon Injecting Perma-Cookies to Track Mobile Customers, Bypassing Privacy Controls. https://www.eff.org/deeplinks/2014/11/verizon-x-uidh, 2014.

[27]

B. Krishnamurthy, K. Naryshkin, and C. Wills. Privacy leakage vs. Protection measures: the growing disconnect. In Web 2.0 Security & Privacy (W2SP). IEEE, 2011.

[28]

B. Krishnamurthy and C. Wills. Privacy diffusion on the Web: a longitudinal perspective. In International Conference on World Wide Web (WWW). ACM, 2009.

Digital Library

[29]

B. Krishnamurthy and C. E. Wills. On the Leakage of Personally Identifiable Information Via Online Social Networks. In Workshop on Online Social Networks (WOSN). ACM, 2009.

Digital Library

[30]

B. Krishnamurthy and C. E. Wills. Privacy leakage in mobile online social networks. In Conference on Online Social Networks (COSN). USENIX, 2010.

Digital Library

[31]

M. Lee. Secret "BADASS" Intelligence Program Spied on Smartphones. https://firstlook.org/theintercept/2015/01/26/secret-badass-spy-program/, 2015.

[32]

B. Liu, A. Sheth, U. Weinsberg, J. Chandrashekar, and R. Govindan. AdReveal: Improving Transparency Into Online Targeted Advertising. In Workshop on Hot Topics in Networks (HotNets). ACM, 2013.

Digital Library

[33]

D. Madory, C. Cook, and K. Miao. Who Are the Anycasters? In Proceedings of NANOG59, 10 2013.

[34]

D. Malandrino, A. Petta, V. Scarano, L. Serra, and R. Spinelli. Privacy awareness about information leakage: Who knows what about me? In Workshop on Privacy in the Electronic Society (WPES). ACM, 2013.

Digital Library

[35]

J. Mayer. Tracking the Trackers: Self-Help Tools. https://cyberlaw.stanford.edu/blog/2011/09/tracking-trackers-self-help-tools, September 2011.

[36]

J. Mayer and E. W. Felten. The Web is Flat. http://webpolicy.org/2013/10/30/the-web-is-flat/, 2013.

[37]

J. R. Mayer and J. C. Mitchell. Third-party web tracking: Policy and technology. In Security and Privacy (S&P). IEEE, 2012.

Digital Library

[38]

A. M. McDonald and L. F. Cranor. Survey of the use of Adobe Flash local shared objects to respawn HTTP cookies. ISJLP, 7:639, 2011.

[39]

S. J. Murdoch and G. Danezis. Low-cost traffic analysis of Tor. In Security and Privacy (S&P). IEEE, 2005.

Digital Library

[40]

S. J. Murdoch and P. Zielinski. Sampled Traffic Analysis by Internet-Exchange-Level Adversaries. In Privacy Enhancing Technologies. Springer, 2007.

Digital Library

[41]

N. Nikiforakis, A. Kapravelos, W. Joosen, C. Kruegel, F. Piessens, and G. Vigna. Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In Security and Privacy (S&P). IEEE, 2013.

Digital Library

[42]

L. Olejnik, T. Minh-Dung, C. Castelluccia, et al. Selling Off Privacy at Auction. 2013.

[43]

A. Panchenko, L. Niessen, A. Zinnen, and T. Engel. Website Fingerprinting in Onion Routing Based Anonymization Networks. In Workshop on Privacy in the Electronic Society (WPES). ACM, 2011.

Digital Library

[44]

M. Perry, E. Clark, and S. Murdoch. The design and implementation of the Tor browser {DRAFT}. https://www.torproject.org/projects/torbrowser/design, November 2014.

[45]

F. Roesner, T. Kohno, and D. Wetherall. Detecting and Defending Against Third-Party Tracking on the Web. In Networked Systems Design and Implementation (NDSI). USENIX, 2012.

Digital Library

[46]

A. Soltani, S. Canty, Q. Mayo, L. Thomas, and C. J. Hoofnagle. Flash Cookies and Privacy. In AAAI Spring Symposium: Intelligent Information Privacy Management, 2010.

[47]

A. Soltani, A. Peterson, and B. Gellman. NSA uses Google cookies to pinpoint targets for hacking. http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking, December 2013.

[48]

D. X. Song, D. Wagner, and X. Tian. Timing Analysis of Keystrokes and Timing Attacks on SSH. In Security Symposium. USENIX, 2001.

Digital Library

[49]

A. M. White, A. R. Matthews, K. Z. Snow, and F. Monrose. Phonotactic reconstruction of encrypted VoIP conversations: Hookt on fon-iks. In Security and Privacy (S&P). IEEE, 2011.

Digital Library

[50]

T.-F. Yen, Y. Xie, F. Yu, R. P. Yu, and M. Abadi. Host fingerprinting and tracking on the web: Privacy and security implications. In Network and Distributed System Security Symposium (NDSS). IEEE, 2012.

[51]

M. Zalewski. Rapid history extraction through non-destructive cache timing (v8). http://lcamtuf.coredump.cx/cachetime/.

Cited By

Jo ARossi J(2024)La rivalité très politique des standards de recueil du consentement sur le WebQuaderni10.4000/12cpq112Online publication date: 2024
https://doi.org/10.4000/12cpq
Lee KLim CJin BKim TKim HChua TNgo CKa-Wei Lee RKumar RLauw H(2024)AdFlush: A Real-World Deployable Machine Learning Solution for Effective Advertisement and Web Tracker PreventionProceedings of the ACM Web Conference 202410.1145/3589334.3645698(1902-1913)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645698
Castell-Uroz IBarlet-Ros P(2024)A First Look into Utiq: Next-Generation Cookies at the ISP Level2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW61312.2024.00040(315-320)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSPW61312.2024.00040
Show More Cited By

Index Terms

Cookies That Give You Away: The Surveillance Implications of Web Tracking
1. Computing methodologies

Recommendations

Cookies and Web browser design: toward realizing informed consent online
CHI '01: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

We first provide criteria for assessing informed consent online. Then we examine how cookie technology and Web browser designs have responded to concerns about informed consent. Specifically, we document relevant design changes in Netscape Navigator and ...
Review: A survey on solutions and main free tools for privacy enhancing Web communications

Concern for privacy when users are surfing on the Web has increased recently. Nowadays, many users are aware that when they are accessing Web sites, these Web sites can track them and create profiles on the elements they access, the advertisements they ...
Online Tracking: A 1-million-site Measurement and Analysis
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

We present the largest and most detailed measurement of online tracking conducted to date, based on a crawl of the top 1 million websites. We make 15 types of measurements on each site, including stateful (cookie-based) and stateless (fingerprinting-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

WWW '15: Proceedings of the 24th International Conference on World Wide Web

May 2015

1460 pages

ISBN:9781450334693

General Chairs:
Aldo Gangemi
National Research Council, Italy & Paris 13 University-CNRS, France
,
Stefano Leonardi
Sapienza University of Rome, Italy
,
Alessandro Panconesi
Sapienza University of Rome, Italy

Copyright © 2015 Copyright is held by the International World Wide Web Conference Committee (IW3C2).

Sponsors

IW3C2: International World Wide Web Conference Committee

In-Cooperation

SIGWEB: ACM Special Interest Group on Hypertext, Hypermedia, and Web

Publisher

International World Wide Web Conferences Steering Committee

Republic and Canton of Geneva, Switzerland

Publication History

Published: 18 May 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WWW '15

Sponsor:

IW3C2

WWW '15: 24th International World Wide Web Conference

May 18 - 22, 2015

Florence, Italy

Acceptance Rates

WWW '15 Paper Acceptance Rate 131 of 929 submissions, 14%;

Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

115
Total Citations
View Citations
3,190
Total Downloads

Downloads (Last 12 months)435
Downloads (Last 6 weeks)50

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Jo ARossi J(2024)La rivalité très politique des standards de recueil du consentement sur le WebQuaderni10.4000/12cpq112Online publication date: 2024
https://doi.org/10.4000/12cpq
Lee KLim CJin BKim TKim HChua TNgo CKa-Wei Lee RKumar RLauw H(2024)AdFlush: A Real-World Deployable Machine Learning Solution for Effective Advertisement and Web Tracker PreventionProceedings of the ACM Web Conference 202410.1145/3589334.3645698(1902-1913)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645698
Castell-Uroz IBarlet-Ros P(2024)A First Look into Utiq: Next-Generation Cookies at the ISP Level2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW61312.2024.00040(315-320)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSPW61312.2024.00040
Stepanovic SMori LFrancey AMettler T(2024)Transparency in Open Government Data Portals: An Assessment of Web Tracking Practices Across EuropeElectronic Participation10.1007/978-3-031-70804-6_14(209-222)Online publication date: 25-Aug-2024
https://doi.org/10.1007/978-3-031-70804-6_14
Miehling ENair RDaly ERamamurthy KRedmond ROh ANaumann TGloberson ASaenko KHardt MLevine S(2023)Cookie consent has disparate impact on estimation accuracyProceedings of the 37th International Conference on Neural Information Processing Systems10.5555/3666122.3667610(34308-34328)Online publication date: 10-Dec-2023
https://dl.acm.org/doi/10.5555/3666122.3667610
Khandelwal RNayak AHarkous HFawaz KCalandrino JTroncoso C(2023)Automated cookie notice analysis and enforcementProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620300(1109-1126)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620300
Torres CWilli FShinde SCalandrino JTroncoso C(2023)Is your wallet snitching on you? an analysis on the privacy implications of web3Proceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620281(769-786)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620281
Bubukayr MFrikha M(2023)Effective Techniques for Protecting the Privacy of Web UsersApplied Sciences10.3390/app1305319113:5(3191)Online publication date: 2-Mar-2023
https://doi.org/10.3390/app13053191
Jha NTrevisan MMellia MIrarrazaval RFernandez D(2023)I Refuse if You Let Me: Studying User Behavior with Privacy Banners at Scale2023 7th Network Traffic Measurement and Analysis Conference (TMA)10.23919/TMA58422.2023.10198936(1-9)Online publication date: 26-Jun-2023
https://doi.org/10.23919/TMA58422.2023.10198936
Rasaii AGosain DGasser OMontpetit MLeivadeas AUhlig SJaved M(2023)Thou Shalt Not Reject: Analyzing Accept-Or-Pay Cookie Banners on the WebProceedings of the 2023 ACM on Internet Measurement Conference10.1145/3618257.3624846(154-161)Online publication date: 24-Oct-2023
https://dl.acm.org/doi/10.1145/3618257.3624846
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents