Characterizing Pixel Tracking through the Lens of Disposable Services

Slides:



Advertisements
Similar presentations
EzScoreboard.com A Fully Integrated Administration Service.
Advertisements

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Comergence 3/14/13. What Does Comergence Do? Comergence provides streamlined processing and centralized storage of Correspondent applications nationwide.
Online Identity Authentication and Data Broker SNAP Director’s Conference September 23, 2013.
Basics. 2 Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services –Acquiring an account.
Lexmark Print Management
Surrey Libraries Computer Learning Centres Totally New to Computers Easy Gmail March 2013 Easy Gmail Teaching Script.
Basics Dayton Metro Library Place photo here August 10, 2015.
» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
The largest software provider to the US Youth Soccer Market Players 2.6 million players Team Accounts 250,000 team accounts Coach, Managers, Officials.
SHORT MERCHANT‘S GUIDE VERSION: MOKIPASS.
AND SPAM BY OLUWATOBI BAKARE
Online Safety 2.02 Remember the rules of online safety.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Setting up your ZEN Portfolio Estimated time: 5-20 minutes Sample e-portfolio: zenportfolios.ca/cyri-joneszenportfolios.ca/cyri-jones.
1 Lender Development Program Requirement Understanding Document September 17, 2008.
Presenter name. Ryan Brandon Exan Group What’s New with axiUm New Features in axiUm Patient Self-Service Options Future Plans axiUmSupport.com.
Basics. 2 Professional Development Centre Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
SPAM Settings. The ExchangeDefender Admin Site is a powerful tool that gives you access to all of the benefits ExchangeDefender has to offer, from the.
The Teacher Is In Charge There are dozens of free services, but Gaggle.Net is the only service designed specifically for classroom use. The biggest.
How to Log-in to EPIC for the First Time. to FY 2015 Form 471 Authorized Signer Looks Like:
Spamming Botnets: Signatures and Characteristics Yinglian Xie, Fang Yu, Kannan Achan, Rina Panigrahy, Geoff Hulten, and Ivan Osipkov. SIGCOMM, Presented.
Detecting Phishing in s Srikanth Palla Ram Dantu University of North Texas, Denton.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Online Safety 2.02 Remember the rules of online safety.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Event-Based Model for Reconciling Digital Entities Ahmet Fatih Mustacoglu Ahmet E. Topcu Aurel Cami Geoffrey C. Fox Indiana University Computer Science.
WHAT IS IDENTITY THEFT?  Identity thieves take your personal information and use it to harm you in various ways, including these:  User names, passwords,
Welcome TO Microsoft Outlook 2003 Tech Support. Get Solved All Outlook 2003 Technical Complications Via
Looking for Mozilla Thunderbird Mail Tech Support? | US Toll Free.
Munix Bus WiFi Authentication, Log Management, Internet Security, Content Filter & VPN Service Internet Gateway & Business Intelligence
New student technology
Trend Micro Consumer 2010 Easy. Fast. Smart.
Internet Business Associate v2.0
2.02 Remember the rules of online safety.
StudentTranscripts Service Overview
AIM/education directory (Ed dir)
SaaS Application Deep Dive
is short for electronic mail!
Quantifying the Fingerprintability of Browser Extensions
SelectedWorks Profiles Workshop:
Internet and security.
Fix yahoo error code 1032 Call Toll-free Number
Remember the rules of online safety.
Information Security 101 Richard Davis, Rob Laltrello.
Fastdroid Produced by : Firas Abdalhaq Mohammad Amour Supervised by : Dr. Raed Alqadi.
Dial +1(505) Quickly Gmail Password Recover.
Hush mail Customer Tech Support Number Hush mail Customer Tech Support Number Call Now : Toll Free Call Now : Toll Free.
Dial +1(505) Quickly Gmail Password Recovery.
Business mail account in yahoo
[ Issues Faced By Yahoo Users] Presented By [Merlene Jose] Call Us:
2.02 Remember the rules of online safety.
StudentTranscripts Service Overview
Welcome to Yahoo Customer Support. Get 24/7 Live Support for Yahoo By dialing or reaching to our Yahoo customer support team you will get all the accurate,
Why Yahoo Technical Support is Useful?. Users have to do for Contacting Yahoo Support Team.
StudentTranscripts Service Overview
StudentTranscripts Service Overview
Getting Started: BCeID Sign Up
Basics HURY DEPARTMENT OF COMPUTER SCIENCE M.TEJASWINI.
StudentTranscripts Service Overview
StudentTranscripts Service Overview
Faculty of Science IT Department By Raz Dara MA.
This is the Sign In page for the Dashboard
StudentTranscripts Service Overview
Technology Mrs. Huddleston
Wireless Spoofing Attacks on Mobile Devices
Colorado “Protections For Consumer Data Privacy” Law
Cybersecurity Simplified: Phishing
Presentation transcript:

Characterizing Pixel Tracking through the Lens of Disposable Email Services Authors: Hang Hu, Peng Peng, Gang Wang Department of Computer Science, Virginia Tech {hanghu, pengp17, gangwang}@vt.edu COMPSCI 726: Network Defence and Countermeasures Presented by David Zhai

Introduction and Background

Motivation Understand the disposable email services (DES) and the risks - Collect data from seven popular DES for three months Use DES to collect large-scale email dataset for measuring Email Tracking - Tracking pixel Picture resource: https://www.smarsh.com/connectors/email

Disposable Email Services (DES) Provide temporary email addresses No sign up or password required User-specified address (UA) or Randomly-assigned address (RA) Shared by multiple users Automatically delete after a short period (e.g. one hour)

One Example of DES Picture resource: https://www.guerrillamail.com

Solution and Analysis

DES Data Collection 70K Inboxes 210K Domains 2.3M Emails 10K popular usernames: “info” “John” “admin” “mail” “David” … 7 popular disposable email services 70K Inboxes 210K Domains 2.3M Emails 3 months

DES Analysis Categories of Disposable Emails Account Registration Password Reset Authentication Spam Categories of Email Senders Top 10 categories of the email sender domains for Account Management and Spam Emails Usage Register accounts (Gaming, social network) Obtain free goods (Demos, documents, free Wi-Fi)

DES Risks Disposable email services do not remove emails as quickly as promised Personally Identifiable Information (PII) in emails Credit card number Social security number (SSN) Employer identification number Online accounts registered by DES can be hijacked through a password reset

1x1 tracking pixel, usually hidden Pixel Tracking A common method – Small image at end of email, usually transparent 1x1 pixel Tracking information When Where Who What device Why tracking For business, e.g. advertisement Phishers 1x1 tracking pixel, usually hidden

Email Tracking Detection and Analysis Extract HTML image tags and corresponding URLs of a given email Third-party tracking is highly prevalent Marketing services have the highest ratio of tracking.

Contribution and Criticism

Contribution First measurement study on disposable email services Introduced DES and risks Collected big dataset and analysed messages content Analysed Email Tracking activities Characterizing tracking pixels Insights into the prevalence of tracking Valuable for developing anti-tracking tools for email systems

Criticism DES understanding – Could be extended Measurement – Incomplete scope (Based on User-specified Addresses) About the risk: Online accounts registered by DES can be hijacked through a password reset? – Not exactly DES email is not representative – Not real user Analyses mainly based on Spam Emails – Not accurate result

Thank you!