Skip to main content
SpringerLink
Log in

Detecting Web Tracking at the Network Layer

  • Conference paper
  • First Online:
ICT Systems Security and Privacy Protection (SEC 2023)

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 679))

  • 16 Accesses

Abstract

Third-party tracking allows companies to identify users and track their online activity across different websites or digital services. This paper presents a first experimental study to detect advertisements and tracker by inspecting fully encrypted network transactions at the TCP/IP network level associated with a website. The first results are encouraging and motivate to extend this first proof-of-concept study even further in the future. A classical application area in the future would be the use in areas where communication can only be accessed on encrypted TCP/IP level (keyword secure IoT environments) or the presented approach is used simply to enable a classical extension of the portfolio for tracker detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The source code of our study is available at: https://github.com/wim50594/network-traffic-tracker-observer.

  2. 2.

    https://majestic.com/reports/majestic-million.

  3. 3.

    https://easylist.to/.

  4. 4.

    https://github.com/brave/adblock-rust.

  5. 5.

    The interested reader can find an in-depth analysis in [22].

  6. 6.

    https://www.cyren.com/products/url-lookup-api.

References

  1. Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., Diaz, C.: The web never forgets: persistent tracking mechanisms in the wild. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 674–689 (2014). https://doi.org/10.1145/2660267.2660347

  2. Agogo, D.: Invisible market for online personal data: an examination. Electron. Mark. 31(4), 989–1010 (2020). https://doi.org/10.1007/s12525-020-00437-0

    Article  Google Scholar 

  3. Akbari, I., et al.: A look behind the curtain: traffic classification in an increasingly encrypted web. In: Proceedings of the ACM on Measurement and Analysis of Computing Systems, vol. 5, no. 1 (2021). https://doi.org/10.1145/3447382

  4. Bekos, P., Papadopoulos, P., Markatos, E.P., Kourtellis, N.: The Hitchhiker’s guide to facebook web tracking with invisible pixels and click IDs. In: Proceedings of the ACM Web Conference 2023 (2023).https://doi.org/10.1145/3543507.3583311

  5. Bhagavatula, S., Dunn, C., Kanich, C., Gupta, M., Ziebart, B.: Leveraging machine learning to improve unwanted resource filtering. In: Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, pp. 95–102 (2014). https://doi.org/10.1145/2666652.2666662

  6. Brave: Fingerprint randomization (2020). https://brave.com/privacy-updates/3-fingerprint-randomization/

  7. Bujlow, T., Carela-Español, V., Solé-Pareta, J., Barlet-Ros, P.: A survey on web tracking: mechanisms, implications, and defenses. Proc. IEEE 105(8), 1476–1510 (2017). https://doi.org/10.1109/JPROC.2016.2637878

    Article  Google Scholar 

  8. Chen, Q., Ilia, P., Polychronakis, M., Kapravelos, A.: Cookie swap party: abusing first-party cookies for web tracking. In: Proceedings of the Web Conference 2021, pp. 2117–2129 (2021). https://doi.org/10.1145/3442381.3449837

  9. Demir, N., Theis, D., Urban, T., Pohlmann, N.: Towards understanding CNAME based first-party cookie tracking in the field. In: GI Sicherheit 2022 (2022)

    Google Scholar 

  10. Dimova, Y., Acar, G., Olejnik, L., Joosen, W., Van Goethem, T.: The CNAME of the game: large-scale analysis of DNS-based tracking evasion. Proc. Priv. Enhanc. Technol. 3, 394–412 (2021). https://doi.org/10.2478/popets-2021-0053

    Article  Google Scholar 

  11. Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1388–1401 (2016).https://doi.org/10.1145/2976749.2978313

  12. Fathi-Kazerooni, S., Kaymak, Y., Rojas-Cessa, R.: Tracking user application activity by using machine learning techniques on network traffic. In: 2019 International Conference on Artificial Intelligence in Information and Communication, pp. 405–410 (2019). https://doi.org/10.1109/ICAIIC.2019.8669040

  13. Gugelmann, D., Happe, M., Ager, B., Lenders, V.: An automated approach for complementing ad blockers’ blacklists. In: Proceedings on Privacy Enhancing Technologies, pp. 282–298. No. 2 (2015). https://doi.org/10.1515/popets-2015-0018

  14. Hayes, J., Danezis, G.: K-Fingerprinting: a robust scalable website fingerprinting technique. In: Proceedings of the 25th USENIX Conference on Security Symposium, pp. 1187–1203 (2016)

    Google Scholar 

  15. Iqbal, U., Shafiq, Z., Qian, Z.: The ad wars: retrospective measurement and analysis of anti-adblock filter lists. In: Proceedings of the 2017 Internet Measurement Conference, pp. 171–183 (2017). https://doi.org/10.1145/3131365.3131387

  16. Iqbal, U., Snyder, P., Zhu, S., Livshits, B., Qian, Z., Shafiq, Z.: AdGraph: a graph-based approach to ad and tracker blocking. In: 2020 IEEE Symposium on Security and Privacy, pp. 763–776 (2020). https://doi.org/10.1109/SP40000.2020.00005

  17. Jha, N., Trevisan, M., Vassio, L., Mellia, M.: The internet with privacy policies: measuring the web upon consent. ACM Trans. Web 16(3) (2022). https://doi.org/10.1145/3555352

  18. Ma, Q., Huang, W., Jin, Y., Mao, J.: Encrypted traffic classification based on traffic reconstruction. In: 2021 4th International Conference on Artificial Intelligence and Big Data, pp. 572–576 (2021).https://doi.org/10.1109/ICAIBD51990.2021.9459072

  19. Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: 2012 IEEE Symposium on Security and Privacy, pp. 413–427 (2012). https://doi.org/10.1109/SP.2012.47

  20. Mohajeri Moghaddam, H., et al.: Watching you watch: the tracking ecosystem of over-the-top TV streaming devices. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 131–147 (2019). https://doi.org/10.1145/3319535.3354198

  21. Panchenko, A., Niessen, L., Zinnen, A., Engel, T.: Website fingerprinting in onion routing based anonymization networks. In: Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society, pp. 103–114 (2011). https://doi.org/10.1145/2046556.2046570

  22. Papadogiannakis, E., Papadopoulos, P., Kourtellis, N., Markatos, E.P.: User tracking in the post-cookie era: how websites bypass GDPR consent to track users. In: Proceedings of the Web Conference 2021, pp. 2130–2141 (2021). https://doi.org/10.1145/3442381.3450056

  23. Roesner, F., Kohno, T., Wetherall, D.: Detecting and defending against third-party tracking on the web. In: Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation, pp. 155–168 (2012)

    Google Scholar 

  24. Shuba, A., Markopoulou, A., Shafiq, Z.: NoMoAds: effective and efficient cross-app mobile ad-blocking. Proc. Priv. Enhanc. Technol. (4) (2018)

    Google Scholar 

  25. Siby, S., Iqbal, U., Englehardt, S., Shafiq, Z., Troncoso, C.: WebGraph: capturing advertising and tracking information flows for robust blocking. In: 31st USENIX Security Symposium, pp. 2875–2892 (2022)

    Google Scholar 

  26. Siby, S., Juarez, M., Diaz, C., Vallina-Rodriguez, N., Troncoso, C.: Encrypted DNS \(->\) privacy? A traffic analysis perspective. In: Network and Distributed System Security Symposium (2020)

    Google Scholar 

  27. Sirinam, P., Juarez, M., Imani, M., Wright, M.: Deep fingerprinting: undermining website fingerprinting defenses with deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (2018). https://doi.org/10.1145/3243734.3243768

  28. Sjösten, A., Snyder, P., Pastor, A., Papadopoulos, P., Livshits, B.: Filter list generation for underserved regions. In: Proceedings of The Web Conference 2020, pp. 1682–1692 (2020). https://doi.org/10.1145/3366423.3380239

  29. Snyder, P., Vastel, A., Livshits, B.: Who filters the filters: understanding the growth, usefulness and efficiency of crowdsourced ad blocking. SIGMETRICS (2020). https://doi.org/10.1145/3392144

    Article  Google Scholar 

  30. Varmarken, J., Le, H., Shuba, A., Markopoulou, A., Shafiq, Z.: The TV is smart and full of trackers: measuring smart TV advertising and tracking. Proc. Priv. Enhanc. Technol. 2, 129–154 (2020). https://doi.org/10.2478/popets-2020-0021

    Article  Google Scholar 

  31. Yuan, S., Abidin, A.Z., Sloan, M., Wang, J.: Internet advertising: an interplay among advertisers, online publishers, ad exchanges and web users. arXiv: 1206.1754 (2012)

  32. Zuboff, S.: The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power. PublicAffairs (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Regensburg, Regensburg, Germany

    Maximilian Wittig & Doğan Kesdoğan

Authors
  1. Maximilian Wittig
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Doğan Kesdoğan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maximilian Wittig .

Editor information

Editors and Affiliations

  1. Poznan Supercomputing and Networking Center, Poznań, Poland

    Norbert Meyer

  2. Poznań University of Technology, Poznań, Poland

    Anna Grocholewska-Czuryło

Rights and permissions

Reprints and permissions

Copyright information

© 2024 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wittig, M., Kesdoğan, D. (2024). Detecting Web Tracking at the Network Layer. In: Meyer, N., Grocholewska-Czuryło, A. (eds) ICT Systems Security and Privacy Protection. SEC 2023. IFIP Advances in Information and Communication Technology, vol 679. Springer, Cham. https://doi.org/10.1007/978-3-031-56326-3_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-56326-3_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-56325-6

  • Online ISBN: 978-3-031-56326-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation