Skip to Main content Skip to Navigation
Conference papers

FPRandom: Randomizing core browser objects to break advanced device fingerprinting techniques

Abstract : The rich programming interfaces (APIs) provided by web browsers can be diverted to collect a browser fingerprint. A small number of queries on these interfaces are sufficient to build a fingerprint that is statistically unique and very stable over time. Consequently, the fingerprint can be used to track users. Our work aims at mitigating the risk of browser fingerprinting for users privacy by 'breaking' the stability of a fingerprint over time. We add randomness in the computation of selected browser functions, in order to have them deliver slightly different answers for each browsing session. Randomization is possible thanks to the following properties of browsers implementations: (i) some functions have a nondeterministic specification, but a deterministic implementation ; (ii) multimedia functions can be slightly altered without deteriorating user's perception. We present FPRandom, a modified version of Firefox that adds randomness to mitigate the most recent fingerprinting algorithms, namely canvas fingerprinting, AudioContext fingerprinting and the unmasking of browsers through the order of JavaScript properties. We evaluate the effectiveness of FPRandom by testing it against known fingerprinting tests. We also conduct a user study and evaluate the performance overhead of randomization to determine the impact on the user experience.
Document type :
Conference papers
Complete list of metadata

Cited literature [12 references]  Display  Hide  Download
Contributor : Pierre Laperdrix Connect in order to contact the contributor
Submitted on : Wednesday, May 24, 2017 - 3:53:32 PM
Last modification on : Wednesday, November 3, 2021 - 8:15:01 AM
Long-term archiving on: : Monday, August 28, 2017 - 6:00:22 PM


Files produced by the author(s)


  • HAL Id : hal-01527580, version 1


Pierre Laperdrix, Benoit Baudry, Vikas Mishra. FPRandom: Randomizing core browser objects to break advanced device fingerprinting techniques. ESSoS 2017 - 9th International Symposium on Engineering Secure Software and Systems, Jul 2017, Bonn, Germany. pp.17. ⟨hal-01527580⟩



Les métriques sont temporairement indisponibles