PriVaricator: Deceiving Fingerprinters with Little White Lies

Nick Nikiforakis, Wouter Joosen, and Benjamin Livshits

Abstract

This paper proposes a solution to the problem of browser-based fingerprinting.

An important observation is that making fingerprints non-deterministic also

makes them hard to link across subsequent web site visits. Our key insight is

that when it comes to web tracking, the real problem with fingerprinting is not

uniqueness of a fingerprint, it is linkability, i.e. the ability to connect the

same fingerprint across multiple visits. In PriVaricator we use the power of

randomization to "break" linkability by exploring a space of parameterized

randomization policies. We evaluate our techniques in terms of being able to

prevent fingerprinting and also in terms of not breaking existing (benign)

sites. The best of our randomization policies renders all the fingerprinters we

tested ineffective, while causing minimal damage on a set of 1,000 Alexa sites

on which we tested, with no noticeable performance overhead.

Details

Publication typeTechReport
NumberMSR-TR-2014-26
> Publications > PriVaricator: Deceiving Fingerprinters with Little White Lies