Identificando Indicadores de Browser Fingerprinting em Páginas Web
Abstract
Browser Fingerprinting techniques are those employed to identify (or re-identify) a user or device and are considered a potential threat to users' privacy. In this context, this article proposes a way to detect fingerprinting calls to JavaScript information provider objects on web pages and measure the level of severity of the threat to the user.References
Damasceno, A., Rocha, T., and Souto, E. (2018). Taintjsec: Um método de análise estática de marcação em código javascript para detecção de vazamento de dados sensíveis. In Anais Principais do XVIII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 196–209, Porto Alegre, RS, Brasil. SBC.
Khademi, A. F., Zulkernine, M., and Weldemariam, K. (2015). An empirical evaluation of web-based fingerprinting. IEEE Software, 32(4):46–52.
Mayer, J. R. (2009). Any person... a pamphleteer”: Internet anonymity in the age of web 2.0. Undergraduate Senior Thesis, Princeton University, page 85.
Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., and Vigna, G. (2013). Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In 2013 IEEE Symposium on Security and Privacy, pages 541–555. IEEE.
Saraiva, A. R. e Feitosa, E. L. (2016). Determinando o risco de fingerprinting em páginas web. Dissertação de Mestrado, Universidade Federal do Amazonas, page 94.
Xu, W., Zhang, F., and Zhu, S. (2012). The power of obfuscation techniques in malicious javascript code: A measurement study. In 2012 7th International Conference on Malicious and Unwanted Software, pages 9–16.
Khademi, A. F., Zulkernine, M., and Weldemariam, K. (2015). An empirical evaluation of web-based fingerprinting. IEEE Software, 32(4):46–52.
Mayer, J. R. (2009). Any person... a pamphleteer”: Internet anonymity in the age of web 2.0. Undergraduate Senior Thesis, Princeton University, page 85.
Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., and Vigna, G. (2013). Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In 2013 IEEE Symposium on Security and Privacy, pages 541–555. IEEE.
Saraiva, A. R. e Feitosa, E. L. (2016). Determinando o risco de fingerprinting em páginas web. Dissertação de Mestrado, Universidade Federal do Amazonas, page 94.
Xu, W., Zhang, F., and Zhu, S. (2012). The power of obfuscation techniques in malicious javascript code: A measurement study. In 2012 7th International Conference on Malicious and Unwanted Software, pages 9–16.
Published
2020-10-13
How to Cite
MATOS, Geandro Farias de; FEITOSA, Eduardo L..
Identificando Indicadores de Browser Fingerprinting em Páginas Web. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 20. , 2020, Petrópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2020
.
p. 478-483.
DOI: https://doi.org/10.5753/sbseg.2020.19258.
