Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, renderin...Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, rendering many existing defences ineffective. This study performs a large-scale measurement of online tracking mechanisms across a large pool of websites using the OpenWPM (Open Web Privacy Measurement) platform. It systematically evaluates the effectiveness of several ad blockers and underlying Privacy Enhancing Technologies (PET) that are primarily used to mitigate different tracking techniques. By quantifying the strengths and limitations of these tools against modern tracking methods, the findings highlight gaps in existing privacy protections. Actionable recommendations are provided to enhance user privacy defences, guide tool developers and inform policymakers on addressing invasive online tracking practices.展开更多
Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Buildin...Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Building a PII retrieval service over multi-cloud,which is a modern strategy to make services stable where multiple servers are deployed,seems to be a promising solution.However,three major technical challenges remain to be solved.The first is the privacy and access control of PII.In fact,each entry in PII can be shared to different users with different access rights.Hence,flexible and fine-grained access control is needed.Second,a reliable user revocation mechanism is required to ensure that users can be revoked efficiently,even if few cloud servers are compromised or collapse,to avoid data leakage.Third,verifying the correctness of received PII and locating a misbehaved server when wrong data are returned is crucial to guarantee user’s privacy,but challenging to realize.In this paper,we propose Rainbow,a secure and practical PII retrieval scheme to solve the above issues.In particular,we design an important cryptographic tool,called Reliable Outsourced Attribute Based Encryption(ROABE)which provides data privacy,flexible and fine-grained access control,reliable immediate user revocation and verification for multiple servers simultaneously,to support Rainbow.Moreover,we present how to build Rainbow with ROABE and several necessary cloud techniques in real world.To evaluate the performance,we deploy Rainbow on multiple mainstream clouds,namely,AWS,GCP and Microsoft Azure,and experiment in browsers on mobile phones and computers.Both theoretical analysis and experimental results indicate that Rainbow is secure and practical.展开更多
It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide preci...It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide precise and recommending services.Meanwhile,Internet service providers(ISPs)or local network providers also have strong requirements to collect PIIs for finer-grained traffic control and security services.However,it is a challenge to locate PIIs accurately in the massive data of network traffic just like looking a needle in a haystack.In this paper,we address this challenge by presenting an efficient and light-weight approach,namely TPII,which can locate and track PIIs from the HTTP layer rebuilt from raw network traffics.This approach only collects three features from HTTP fields as users'behaviors and then establishes a tree-based decision model to dig PIIs efficiently and accurately.Without any priori knowledge,TPII can identify any types of PIIs from any mobile applications,which has a broad vision of applications.We evaluate the proposed approach on a real dataset collected from a campus network with more than 13k users.The experimental results show that the precision and recall of TPII are 91.72%and 94.51%respectively and a parallel implementation of TPII can achieve 213 million records digging and labelling within one hour,reaching near to support 1Gbps wirespeed inspection in practice.Our approach provides network service providers a practical way to collect PIIs for better services.展开更多
文摘Online tracking mechanisms employed by internet companies for user profiling and targeted advertising raise major privacy concerns. Despite efforts to defend against these mechanisms, they continue to evolve, rendering many existing defences ineffective. This study performs a large-scale measurement of online tracking mechanisms across a large pool of websites using the OpenWPM (Open Web Privacy Measurement) platform. It systematically evaluates the effectiveness of several ad blockers and underlying Privacy Enhancing Technologies (PET) that are primarily used to mitigate different tracking techniques. By quantifying the strengths and limitations of these tools against modern tracking methods, the findings highlight gaps in existing privacy protections. Actionable recommendations are provided to enhance user privacy defences, guide tool developers and inform policymakers on addressing invasive online tracking practices.
基金This work was supported by National Natural Science Foundation of China(Nos.62172411,62172404,61972094)。
文摘Personally identifiable information(PII)refers to any information that links to an individual.Sharing PII is extremely useful in public affairs yet hard to implement due to the worries about privacy violations.Building a PII retrieval service over multi-cloud,which is a modern strategy to make services stable where multiple servers are deployed,seems to be a promising solution.However,three major technical challenges remain to be solved.The first is the privacy and access control of PII.In fact,each entry in PII can be shared to different users with different access rights.Hence,flexible and fine-grained access control is needed.Second,a reliable user revocation mechanism is required to ensure that users can be revoked efficiently,even if few cloud servers are compromised or collapse,to avoid data leakage.Third,verifying the correctness of received PII and locating a misbehaved server when wrong data are returned is crucial to guarantee user’s privacy,but challenging to realize.In this paper,we propose Rainbow,a secure and practical PII retrieval scheme to solve the above issues.In particular,we design an important cryptographic tool,called Reliable Outsourced Attribute Based Encryption(ROABE)which provides data privacy,flexible and fine-grained access control,reliable immediate user revocation and verification for multiple servers simultaneously,to support Rainbow.Moreover,we present how to build Rainbow with ROABE and several necessary cloud techniques in real world.To evaluate the performance,we deploy Rainbow on multiple mainstream clouds,namely,AWS,GCP and Microsoft Azure,and experiment in browsers on mobile phones and computers.Both theoretical analysis and experimental results indicate that Rainbow is secure and practical.
基金supported by the National Natural Science Foundation of China(Grant Nos.61672101,U1636119.6186603S,61962059)2018 College Students’Innovation and Entrepreneurship Training Program(D2018127)。
文摘It is widely common that mobile applications collect non-critical personally identifiable information(PII)from users'devices to the cloud by application service providers(ASPs)in a positive manner to provide precise and recommending services.Meanwhile,Internet service providers(ISPs)or local network providers also have strong requirements to collect PIIs for finer-grained traffic control and security services.However,it is a challenge to locate PIIs accurately in the massive data of network traffic just like looking a needle in a haystack.In this paper,we address this challenge by presenting an efficient and light-weight approach,namely TPII,which can locate and track PIIs from the HTTP layer rebuilt from raw network traffics.This approach only collects three features from HTTP fields as users'behaviors and then establishes a tree-based decision model to dig PIIs efficiently and accurately.Without any priori knowledge,TPII can identify any types of PIIs from any mobile applications,which has a broad vision of applications.We evaluate the proposed approach on a real dataset collected from a campus network with more than 13k users.The experimental results show that the precision and recall of TPII are 91.72%and 94.51%respectively and a parallel implementation of TPII can achieve 213 million records digging and labelling within one hour,reaching near to support 1Gbps wirespeed inspection in practice.Our approach provides network service providers a practical way to collect PIIs for better services.
