| Title | FP -TESTER : Automated Testing of Browser Fingerprint Resilience |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Vastel, A., Rudametkin, W., Rouvoy, R. |
| Conference Name | 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS PW) |
| Keywords | Automated Testing, browser fingerprint resilience, Browser Fingerprinting, browser security, browser tracking, browser vendors, Browsers, compositionality, data privacy, Entropy, Fingerprint recognition, FP-TESTER, Human Behavior, Internet, Metrics, online front-ends, privacy, privacy leaks, program testing, pubcrawl, resilience, Resiliency, security of data, Sociology, software tools, Statistics, Testing, testing toolkit |
| Abstract | Despite recent regulations and growing user awareness, undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular, browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable, rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks. |
| DOI | 10.1109/EuroSPW.2018.00020 |
| Citation Key | vastel_fp_2018 |
FP -TESTER : Automated Testing of Browser Fingerprint Resilience