FP-TESTER: Automated Testing of Browser Fingerprint Resilience

Antoine Vastel 1 Walter Rudametkin 1 Romain Rouvoy 1, 2
1 SPIRALS - Self-adaptation for distributed services and large software systems
Inria Lille - Nord Europe, CRIStAL - Centre de Recherche en Informatique, Signal et Automatique de Lille (CRIStAL) - UMR 9189
Abstract : Despite recent regulations and growing user awareness , undesired browser tracking is increasing. In addition to cookies, browser fingerprinting is a stateless technique that exploits a device's configuration for tracking purposes. In particular , browser fingerprinting builds on attributes made available from Javascript and HTTP headers to create a unique and stable fingerprint. For example, browser plugins have been heavily exploited by state-of-the-art browser fingerprinters as a rich source of entropy. However, as browser vendors abandon plugins in favor of extensions, fingerprinters will adapt. We present FP-TESTER, an approach to automatically test the effectiveness of browser fingerprinting countermeasure extensions. We implement a testing toolkit to be used by developers to reduce browser fingerprintability. While countermeasures aim to hinder tracking by changing or blocking attributes, they may easily introduce subtle side-effects that make browsers more identifiable , rendering the extensions counterproductive. FP-TESTER reports on the side-effects introduced by the countermeasure, as well as how they impact tracking duration from a fingerprinter's point-of-view. To the best of our knowledge, FP-TESTER is the first tool to assist developers in fighting browser fingerprinting and reducing the exposure of end-users to such privacy leaks.
Complete list of metadatas

Cited literature [13 references]  Display  Hide  Download

https://hal.inria.fr/hal-01717158
Contributor : Romain Rouvoy <>
Submitted on : Monday, February 26, 2018 - 8:06:42 AM
Last modification on : Thursday, April 4, 2019 - 10:18:05 AM
Long-term archiving on : Saturday, May 26, 2018 - 1:00:59 AM

File

fptester.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01717158, version 1

Citation

Antoine Vastel, Walter Rudametkin, Romain Rouvoy. FP-TESTER: Automated Testing of Browser Fingerprint Resilience. IWPE 2018 - 4th International Workshop on Privacy Engineering, Apr 2018, London, United Kingdom. pp.1-5. ⟨hal-01717158⟩

Share

Metrics

Record views

583

Files downloads

410