Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security

ISC 2021: Information Security pp 161–176Cite as

Browserprint: an Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13118))

Abstract

Web browsers are indispensable applications in our daily lives. Millions of users use web browsers for a wide range of activities such as social media, online shopping, emails, or surfing the web. The evolution of increasingly more complicated web applications relies on browsers constantly adding and removing features. At the same time, some of these web services use browser fingerprinting to track and profile their users with clear disregard for their web privacy. In this paper, we perform an empirical analysis of browser features evolution and aim to evaluate browser fingerprintability. By analyzing 33 Google Chrome, 31 Mozilla Firefox, and 33 Opera major browser versions released through 2016 to 2020, we discover that all of these browsers have unique feature sets which makes them different from each other. By comparing these features to the fingerprinting APIs presented in literature that have appeared in this field, we conclude that all of these browser versions are uniquely fingerprintable. Our results show an alarming trend that browsers are becoming more fingerprintable over time because newer versions contain more fingerprintable APIs compared to older ones.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://github.com/sa-akhavani/browserprint.

  2. 2.

    https://developer.mozilla.org/en-US/docs/Web/API.

  3. 3.

    https://www.khronos.org/registry/webgl/specs/latest/2.0/.

References

  1. Am IUnique. https://amiunique.org. Accessed 20 June 2021

  2. EasyList. https://easylist.to/. Accessed 20 June 2021

  3. Opera version history. https://help.opera.com/en/opera-version-history/. Accessed 30 June 2021

  4. Panopticlick. https://panopticlick.eff.org. Accessed 10 Jan 2021

  5. WebIDL Level 1. https://www.w3.org/TR/WebIDL-1/. Accessed 20 July 2021

  6. Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., Diaz, C.: The web never forgets: persistent tracking mechanisms in the wild. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (2014)

    Google Scholar 

  7. Acar, G., et al.: Fpdetective: dusting the web for fingerprinters. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. CCS 2013, pp. 1129–1140. Association for Computing Machinery, New York, NY, USA (2013). https://doi.org/10.1145/2508859.2516674

  8. Apple: Safari privacy overview (2019). https://www.apple.com/safari/docs/.pdf

  9. Berners-Lee, T.: The worldwideweb browser (1990). https://www.w3.org/People/Berners-Lee/WorldWideWeb.html

  10. BrowserStack: App & Browser Testing Made Easy (2021). https://www.browserstack.com/

  11. Cao, Y., Li, S., Wijmans, E.: (cross-)browser fingerprinting via OS and hardware level features (2017). https://doi.org/10.14722/ndss.2017.23152

  12. Chenxiong, Q., Koo, H., Oh, C., Kim, T., Lee, W.: Slimium: debloating the chromium browser with feature subsetting. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2020)

    Google Scholar 

  13. Google Chrome: New in Chrome 56 – Web (2017). https://developers.google.com/web/updates/2017/01/nic56. Accessed 20 June 2021

  14. Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1–18. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14527-8_1

    Chapter  Google Scholar 

  15. Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1388–1401 (2016)

    Google Scholar 

  16. fingerprintjs: fingerprintjs. https://github.com/fingerprintjs/fingerprintjs. Accessed 15 July 2021

  17. Mozilla Firefox: Firefox 51.0, See All New Features, Updates and Fixes (2017). https://www.mozilla.org/en-US/firefox/51.0/releasenotes/. Accessed 20 June 2021

  18. Gómez-Boix, A., Laperdrix, P., Baudry, B.: Hiding in the crowd: An analysis of the effectiveness of browser fingerprinting at large scale. In: Proceedings of the 2018 World Wide Web Conference. WWW 2018, pp. 309–318. International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, CHE (2018). https://doi.org/10.1145/3178876.3186097

  19. Jueckstock, J., Kapravelos, A.: Visible V8: in-browser monitoring of JavaScript in the wild. In: Proceedings of the ACM Internet Measurement Conference (IMC), October 2019

    Google Scholar 

  20. Mowery, K., Shacham, H.: Pixel perfect: fingerprinting canvas in HTML5. In: Proceedings of W2SP (2012)

    Google Scholar 

  21. Mozilla: MDN Web Docs - Web APIs. https://developer.mozilla.org/en-US/docs/Web/API

  22. Mozilla: How to block fingerprinting with Firefox (2020). https://blog.mozilla.org/firefox/how-to-block-fingerprinting-with-firefox/

  23. Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: Proceedings of the IEEE Symposium on Security and Privacy (2013)

    Google Scholar 

  24. Olejnik, L., Englehardt, S., Narayanan, A.: Battery status not included: assessing privacy in web standards. In: Proceedings of the International Workshop on Privacy Engineering (IWPE) (2017)

    Google Scholar 

  25. Olejnik, A., Castelluccia, C., Janc, A.: Why Johnny can’t browse in peace: On the uniqueness of web browsing history patterns (2012)

    Google Scholar 

  26. Schwarz, M., Lackner, F., Gruss, D.: JavaScript template attacks: automatically inferring host information for targeted exploits. In: NDSS (2019)

    Google Scholar 

  27. Snyder, P., Ansari, L., Taylor, C., Kanich, C.: Browser feature usage on the modern web. In: Proceedings of the Internet Measurement Conference (IMC) (2016)

    Google Scholar 

  28. Snyder, P., Livshits, B.: Brave, fingerprinting, and privacy budgets (2019). https://brave.com/brave-fingerprinting-and-privacy-budgets/

  29. Snyder, P., Taylor, C., Kanich, C.: Most websites don’t need to vibrate: a cost-benefit approach to improving browser security. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (2017)

    Google Scholar 

  30. Starov, O., Laperdrix, P., Kapravelos, A., Nikiforakis, N.: Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat. In: Proceedings of the World Wide Web Conference (WWW) (2019)

    Google Scholar 

  31. Trickel, E., Starov, O., Kapravelos, A., Nikiforakis, N., Doupe, A.: Everyone is different: client-side diversification for defending against extension fingerprinting. In: Proceedings of the USENIX Security Symposium (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Northeastern University, 360 Huntington Ave, Boston, MA, 02115, USA

    Seyed Ali Akhavani, Engin Kirda & Long Lu

  2. North Carolina State University, Raleigh, NC, 27695, USA

    Jordan Jueckstock, Junhua Su & Alexandros Kapravelos

Authors
  1. Seyed Ali Akhavani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jordan Jueckstock
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Junhua Su
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alexandros Kapravelos
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Engin Kirda
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Long Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Seyed Ali Akhavani .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, VIC, Australia

    Joseph K. Liu

  2. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis Katsikas

  3. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  4. University of Wollongong, Wollongong, NSW, Australia

    Willy Susilo

  5. Petra Christian University, Surabaya, Indonesia

    Rolly Intan

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Akhavani, S.A., Jueckstock, J., Su, J., Kapravelos, A., Kirda, E., Lu, L. (2021). Browserprint: an Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy. In: Liu, J.K., Katsikas, S., Meng, W., Susilo, W., Intan, R. (eds) Information Security. ISC 2021. Lecture Notes in Computer Science(), vol 13118. Springer, Cham. https://doi.org/10.1007/978-3-030-91356-4_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-91356-4_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-91355-7

  • Online ISBN: 978-3-030-91356-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation