I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan, Northwestern University.

Slides:

Advertisements

Similar presentations

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.

Advertisements

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Expressive Privacy Control with Pseudonyms Seungyeop Han, Vincent Liu, Qifan Pu, Simon Peter, Thomas Anderson, Arvind Krishnamurthy, David Wetherall University.

Fabián E. Bustamante, Spring 2007

Digital Marketing Analytics v10. Introduction  Name / job role  What company are you with  How much experience do you have using Webtrends  Create.

Georgios Kontaxis, Michalis Polychronakis Angelos D. Keromytis, Evangelos P. Markatos Siddhant Ujjain (2009cs10219) Deepak Sharma (2009cs10185)

An Evaluation of the Google Chrome Extension Security Architecture

On the Incoherencies in Web Browser Access Control Policies Authors: Kapil Singh, et al Presented by Yi Yang.

I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan §, Yinzhi Cao †,

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

Privacy and Security on the Web Part 1. Agenda Questions? Stories? Questions? Stories? IRB: I will review and hopefully send tomorrow. IRB: I will review.

Virtual Memory Virtual Memory Management in Mach Labels and Event Processes in Asbestos Ingar Arntzen.

RDMA ENABLED WEB SERVER Rajat Sharma. Objective  To implement a Web Server serving HTTP client requests through RDMA replacing the traditional TCP/IP.

1 An Empirical Study on Large-Scale Content-Based Image Retrieval Group Meeting Presented by Wyman

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

A. Frank - P. Weisberg Operating Systems Simple/Basic Paging.

Introduction to eValid Presentation Outline What is eValid? About eValid, Inc. eValid Features System Architecture eValid Functional Design Script Log.

Hystor : Making the Best Use of Solid State Drivers in High Performance Storage Systems Presenter : Dong Chang.

1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.

Subspace: Secure Cross-Domain Communication for Web Mashups Collin Jackson Stanford University Helen J. Wang Microsoft Research ACM WWW, May, 2007 Presenter:

July 25, 2005 PEP Workshop, UM A Single Sign-On Identity Management System Without a Trusted Third Party Brian Richardson and Jim Greer ARIES Lab.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

Automated Tracking of Online Service Policies J. Trent Adams 1 Kevin Bauer 2 Asa Hardcastle 3 Dirk Grunwald 2 Douglas Sicker 2 1 The Internet Society 2.

WEB ANALYTICS Prof Sunil Wattal. Business questions How are people finding your website? What pages are the customers most interested in? Is your website.

Why Interchange?. What is Interchange? Interchange Capabilities: Offers complete replacement of CommBridge point-to-point solution with a hub and spoke.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

Defining Anomalous Behavior for Phase Change Memory

BU01. Main tasks of Operating System  To hide HW specifics (abstract layer for programs)  Processes maintenance  Memory maintenance  Files maintenance.

XHTML Introductory1 Linking and Publishing Basic Web Pages Chapter 3.

Chapter 8 Memory Management Dr. Yingwu Zhu. Outline Background Basic Concepts Memory Allocation.

Presentation by: Robert Bobek Privacy and Security Concerns with HTTP Cookies.

1 CO1552 Web Application Development The Web Design Process.

Threads, Thread management & Resource Management.

I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan §, Yinzhi Cao †,

Improving Network I/O Virtualization for Cloud Computing.

Securing Embedded User Interfaces: Android and Beyond Franziska Roesner and Tadayoshi Kohno University of Washington Mohamed Grissa A presentation of USENIX.

University of Central Florida TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Written by Enck, Gilbert,

By William Cook.  How the internet works  How companies pay their bills  How to privately browse the internet.

July 30, 2001Systems Architecture II1 Systems Architecture II (CS ) Lecture 8: Exploiting Memory Hierarchy: Virtual Memory * Jeremy R. Johnson Monday.

Our work on virtualization Chen Haogang, Wang Xiaolin {hchen, Institute of Network and Information Systems School of Electrical Engineering.

Don't Let Third Parties Slow You Down Arvind Jain, Michael Kleber Google.

8.1 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Paging Physical address space of a process can be noncontiguous Avoids.

Georgios Kontaxis‡, Michalis Polychronakis‡, Angelos D. Keromytis‡, and Evangelos P.Markatos* ‡Columbia University and *FORTH-ICS USENIX-SEC (August, 2012)

SMash : Secure Component Model for Cross- Domain Mashups on Unmodified Browsers WWW 2008 Frederik De Keukelaere et al. Presenter : SJ Park.

1 Robust Defenses for Cross-Site Request Forgery Adam Barth, Collin Jackson, John C. Mitchell Stanford University 15th ACM CCS.

By Teacher Asma Aleisa Year 1433 H.   Goals of memory management  To provide a convenient abstraction for programming.  To allocate scarce memory.

University of Central Florida The Postman Always Rings Twice: Attacking & Defending postMessage in HTML5 Websites Ankur Verma University of Central Florida,

Vaibhav Rastogi and Yi Yang.  SOP is outdated  Netscape introduced this policy when most content on the Internet was static  Differences amongst different.

CHAPTER 7 THE INTERNET AND INTRANETS 1/11. What is the Internet? 2/11 Large computer network ARPANET (Dept of Defense) It is international and growing.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto Virtual Memory Hardware.

Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.

Search Engine using Web Mining COMS E Web Enhanced Information Mgmt Prof. Gail Kaiser Presented By: Rupal Shah (UNI: rrs2146)

1 Isolating Web Programs in Modern Browser Architectures CS6204: Cloud Environment Spring 2011.

Threads, Thread management & Resource Management.

Bloom Cookies: Web Search Personalization without User Tracking Authors: Nitesh Mor, Oriana Riva, Suman Nath, and John Kubiatowicz Presented by Ben Summers.

Cloud Environment Spring  Microsoft Research Browser (2009)  Multi-Principal Environment with Browser OS  Next Step Towards Secure Browser 

Maximizing Performance – Why is the disk subsystem crucial to console performance and what’s the best disk configuration. Extending Performance – How.

ECE 456 Computer Architecture Lecture #9 – Input/Output Instructor: Dr. Honggang Wang Fall 2013.

1 Contents Memory types & memory hierarchy Virtual memory (VM) Page replacement algorithms in case of VM.

Some from Chapter 11.9 – “Web” 4 th edition and SY306 Web and Databases for Cyber Operations Cookies and.

The Invisible Trail: Third-Party Tracking on the Web

ECE232: Hardware Organization and Design

W3 Status Analyzer.

Paging COMP 755.

Latest Updates on BlackHawk Mines Music : Privacy Policy

Binder Attack Surface in Android

Overview Introduction VPS Understanding VPS Architecture

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

Unit 27 Web Server Scripting Extended Diploma in ICT

Multithreaded Programming

Presentation transcript:

I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser Xiang Pan, Northwestern University Fengli Zhang 11/17/2015

Outline Background System Design Evaluation Summary

Background More than 90% Alexa Top 500 websites have adopted third party web tracking. The tracking server can associate the users’ unique identifier with the private information contained in the referrer header of the request to the tracking server, thus recording the users’ behaviors.

Referer : Cookie : id = User Tracker (doubleclick) visit Referer : Cookie : id = 12345

No effective defense approach Disable third-party cookie Can be easily bypassed Blacklist-based anti-tracking tools Priori knowledge of tracking server It’s never a good idea to address them one by one, We need a system that can protect users from tracking practice, no matter what techniques they tracker used.

TrackingFree Goals and Challenges Anti-tracking Completeness Functionality/compatbility Performance Core Idea : TrackingFree partitions client-side states into multiple isolation units so that the identifiers still exists but not unique any more! Referer : Cookie : id = Referer : Cookie : id = 24578

outline Background System Design Evaluation Summary

Architectur e

Contents Allocation Mechanism Initial Contents Allocation Handles those top frames that are navigated by users directly TrackingFree will group them in the same principal if and only if they have the same registered domain Derivative Contents Allocation Handles those frames that are generated due to the contents on other frames, which we call child frame

10 Initial Contents Allocation

Derivative Contents Allocation Principal Switch Should we switch principle for child frame? The deficiencies of two intuitive yet extreme policies ： No privacy-preserving (no switch) Unnecessary overhead (too much switch) Our solution: switch principal only if the following two conditions are met: Cross-site User-triggered

Architectur e

Same principal Different principal

Principal Communication Explicit communication is widely used, but break the isolation mechanism. Disabling communication may break the functionalities of the existing web service Solution: Adopt different policies for different communication channels

Explicit communication Restrict the use of explicit communication as follows: Third-party elements in one principle can not explicitly communicate with other principals. First-party elements can only explicitly communicate with the first-party elements placed in its neighbor principals

Principal Communication Implicit Communication History Sharing public history manager Accepts information from other managers Only public manager gets associated with browser UI

outline Background System Design Evaluation Summary

Evaluation Anti-tracking capability Experiments with real world websites Performance Overhead (latency, memory, disk)

Anti-tracking Capability with Real World Web Sites Gathered trackers on Alexa Top web sites by following the tracker detection of [Roesner et al. NSDI 2012]. Conduct the experiment on Alexa Top 500 websites All of trackers are blocked.

Performance Experiment setting 1.3GHz dual-core Intel Core i5 processor, 4GB memory, 128GB flash storage Latency randomly click 25 cross-site links from Alexa Top websites Cross-site Navigation On average, it takes 5,232.90ms for TrackingFree and ms for Chromium to fully load the cross-site navigation page. TrackingFree incurs an overhead of 19.43%.

(3). Cross Site Navigation Avg. Overhead 19.43%

Within-site Navigation TrackingFree incurs an overhead of 4.70%.

Memory/Disk Overhead MemoryChromiumTrackingFreeIncrease 1 Principal477.1(MB)505(MB)27.9(MB) 4 Principals623.6(MB)702.8(MB)79.2(MB) 12 Principals434.6(MB)642.5(MB)297.9(MB) MemoryChromiumTrackingFreeIncrease 1 Principal21.3(MB)21.8(MB)0.5(MB) 4 Principals22.5(MB)25.9MB)3.4(MB) 12 Principals23.7(MB)29.4(MB)5.7(MB) Disk Overhead on 12 Web Pages (~0.6MB/Principal) Memory Overhead on 12 Web Pages (~25MB/Principal) Each loaded and opened principle takes about 20MB space in memory and MB space in disk.

outline Background System Design Evaluation Summary

Design and implement TrackingFree browser that completely protect users from third-party web tracking by isolating resources in different principals. Experimentally proved TrackingFree’s anti-tracking capability. TrackingFree incurs affordable overhead and compatibility cost.

Questions?