Authors:
Vítor Bernardo
and
Dulce Domingos
Affiliation:
Faculdade de Ciências and Universidade de Lisboa, Portugal
Keyword(s):
Browser Fingerprinting, Cross-browser Fingerprinting, Device Fingerprinting, Privacy, Fingerprint.
Related
Ontology
Subjects/Areas/Topics:
Data and Application Security and Privacy
;
Information and Systems Security
;
Personal Data Protection for Information Systems
;
Privacy
;
Security and Privacy in Web Services
Abstract:
The concept of device fingerprinting is based in the assumption that each electronic device holds a unique set
of physical and/or logical features that others can capture and use to differentiate it from the whole. Web-based
fingerprinting, a particular case of device fingerprinting, allows website owners to differentiate devices based
on the set of information that browsers transmit. Depending on the techniques being used, a website can track
a device based on its browser features (browser fingerprinting) or based on system settings (cross-browser
fingerprinting). The latter allows identification of the device even when more than one browser is used.
Several different works have introduced new techniques over the last years proving that fingerprinting can be
done in multiple ways, but there is not a consolidated work gathering all of them. The current work identifies
known web-based fingerprinting techniques, categorizing them as which ones are browser and which are
cross-browser an
d showing real examples of the data that can be captured with each technique. The study is
synthesized in a taxonomy, which provides a clear separation between techniques, making it easier to identify
the threats to security and privacy inherent to each one.
(More)