Fida Kamal Dankar
ABSTRACT
Information about consumer's web navigation trails are increasingly being collected, analyzed, and used to target them with advertisements. This information can be quite personal, indicating individuals' likes and dislikes, as well as current and long term needs. While the ability to effectively target advertisements helps keep many sites and services on the web available freely, this practice has also raised privacy concerns. These concerns concern multiple factors: lack of transparency by the data aggregators and lack of control by the consumers. One viable approach that individuals can take to regain control is obfuscation, whereby real user requests are masked via the injection of noisy requests. In this paper, we describe a theoretical model and design for a web browser extension that relies on a trusted third party to generate fake HTTP requests (dummies). The dummy requests are generated as k different users' profiles surfing in parallel with the actual user. The value of k can be adjusted by the user to achieve the level of obfuscation they are comfortable with.
- B. Krishnamurthy and C. Wills, "Privacy diffusion on the web: A longitudinal perspective," in Proceedings of the 18th international conference on World wide web, 2009, pp. 541--550. Google Scholar
Digital Library
- B. Krishnamurthy, K. Naryshkin, and C. Wills, "Privacy leakage vs. protection measures: the growing disconnect," in Web 2.0 Security and Privacy Workshop, 2011.Google Scholar
- R. K. Miller, The 2007 Entertainment, Media & Advertising Market Research Handbook. Richard K Miller & Associates, 2007.Google Scholar
- A. Klever, Behavioural Targeting: An Online Analysis for Efficient Media Planning? Diplomica Verlag, 2009.Google Scholar
- B. Krishnamurthy, "I know what you will do next summer," ACM SIGCOMM Computer Communication Review, vol. 40, no. 5, pp. 65--70, 2010. Google ScholarDigital Library
- J. Rosen, "Who Do Online Advertisers Think You Are?," The New York Times, Nov. 2012.Google Scholar
- J. Domingo-Ferrer, A. Solanas, and J. Castellà-Roca, "h(k)-private information retrieval from privacy-uncooperative queryable databases," Online Information Review, vol. 33, no. 4, pp. 720--744, 2009.Google ScholarCross Ref
- M. Murugesan and C. Clifton, "Providing privacy through plausibly deniable search," in Proceedings of the 9th SIAM International Conference on Data Mining (SDM), 2009, pp. 768--779.Google Scholar
- D. Rebollo-Monedero and J. Forne, "Optimized Query Forgery for Private Information Retrieval," IEEE Transactions on Information Theory, vol. 56, no. 9, pp. 4631--4642, Sep. 2010. Google ScholarDigital Library
- B. Shapira, Y. Elovici, A. Meshiach, and T. Kuflik, "PRAW---A PRivAcy model for the Web: Research Articles," J. Am. Soc. Inf. Sci. Technol., vol. 56, no. 2, pp. 159--172, Jan. 2005. Google ScholarDigital Library
- S. Ye, F. Wu, R. Pandey, and H. Chen, "Noise injection for search privacy protection," in Computational Science and Engineering, 2009. CSE'09. International Conference on, 2009, vol. 3, pp. 1--8. Google ScholarDigital Library
- D. C. Howe and H. Nissenbaum, "TrackMeNot: Resisting surveillance in web search," Lessons from the Identity Trail: Anonymity, Privacy, and Identity in a Networked Society, pp. 417--436, 2009.Google Scholar
- H. H. Pang, X. Xiao, and J. Shen, "Obfuscating the Topical Intention in Enterprise Text Search," in 2012 IEEE 28th International Conference on Data Engineering (ICDE), 2012, pp. 1168--1179. Google ScholarDigital Library
- R. Dingledine, N. Mathewson, and P. Syverson, "Tor: The second-generation onion router," DTIC Document, 2004.Google Scholar
- S. L. Blond, P. Manils, C. Abdelberi, M. A. D. Kaafar, C. Castelluccia, A. Legout, and W. Dabbous, "One bad apple spoils the bunch: Exploiting P2P applications to trace and profile tor users," arXiv preprint arXiv:1103.1518, 2011. Google ScholarDigital Library
- Federal Trade Commission, "Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers," FTC Privacy Report, Mar. 2012.Google Scholar
- L. A. Adamic and B. A. Huberman, "The Web's hidden order," Communications of the ACM, vol. 44, no. 9, pp. 55--60, 2001. Google ScholarDigital Library
- D. Olmedilla, E. Frías-Martínez, and R. Lara, "Mobile web profiling: A study of off-portal surfing habits of mobile users," User Modeling, Adaptation, and Personalization, pp. 339--350, 2010. Google ScholarDigital Library
- E. Balsa, C. Troncoso, and C. Diaz, "OB-PWS: Obfuscation-Based Private Web Search," in Security and Privacy (SP), 2012 IEEE Symposium on, 2012, pp. 491--505. Google ScholarDigital Library
- S. T. Peddinti and N. Saxena, "On the privacy of web search based on query obfuscation: a case study of TrackMeNot," in Proceedings of the 10th international conference on Privacy enhancing technologies, Berlin, Heidelberg, 2010, pp. 19--37. Google ScholarDigital Library
- M. Hartmann and D. Schreiber, "Prediction algorithms for user actions," Proceedings of Lernen Wissen Adaption, ABIS, pp. 349--354, 2007.Google Scholar
- S. Sigg, D. Gordon, G. von Zengen, M. Beigl, S. Haseloff, and K. David, "Investigation of Context Prediction Accuracy for Different Context Abstraction Levels," IEEE Transactions on Mobile Computing, vol. 11, no. 6, pp. 1047--1059, Jun. 2012. Google ScholarDigital Library
- W. Ali, S. M. Shamsuddin, and A. S. Ismail, "A survey of Web caching and prefetching," Int. J. Advance. Soft Comput. Appl, vol. 3, no. 1, pp. 18--44, 2011.Google Scholar
- T. Palpanas and A. Mendelzon, Web prefetching using partial match prediction. University of Toronto, Department of Computer Science, 1998.Google Scholar
- Z. Ban, Z. Gu, and Y. Jin, "A PPM Prediction Model Based on Stochastic Gradient Descent for Web Prefetching," in 22nd International Conference on Advanced Information Networking and Applications, 2008. AINA 2008, 2008, pp. 166--173. Google ScholarDigital Library
- I. Burbey and T. L. Martin, "Predicting future locations using prediction-by-partial-match," in Proceedings of the first ACM international workshop on Mobile entity localization and tracking in GPS-less environments, 2008, pp. 1--6. Google ScholarDigital Library
- Q. Liu, "Web latency reduction with prefetching," THE UNIVERSITY OF WESTERN ONTARIO, 2010. Google ScholarDigital Library
- F. Khalil, J. Li, and H. Wang, "An integrated model for next page access prediction," International Journal of Knowledge and Web Intelligence, vol. 1, no. 1, pp. 48--80, 2009. Google ScholarDigital Library
Index Terms
- A theoretical model for obfuscating web navigation trails
Recommendations
MyAdChoices: Bringing Transparency and Control to Online Advertising
The intrusiveness and the increasing invasiveness of online advertising have, in the last few years, raised serious concerns regarding user privacy and Web usability. As a reaction to these concerns, we have witnessed the emergence of a myriad of ad-...
Web Tracking Technologies and Protection Mechanisms
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityBillions of users browse the Web on a daily basis, leaving their digital traces on millions of websites. Every such visit, every mouse move or button click may trigger a wide variety of hidden data exchanges across multiple tracking companies. As a ...
Detecting Obfuscated JavaScript Malware Using Sequences of Internal Function Calls
ACM SE '14: Proceedings of the 2014 ACM Southeast Regional ConferenceWeb browsers are often used as a popular means for compromising Internet hosts. An attacker may inject a JavaScript malware into a web page. When a victim visits this page, the malware is executed and attempts to exploit a specific browser vulnerability ...
Comments