通信学报 ›› 2014, Vol. 35 ›› Issue (9): 1-11.doi: 10.3969/j.issn.1000-436x.2014.09.001
• 论文Ⅰ 网络攻击与防范 • 下一篇
张玉清,武倩如,刘奇旭,董颖
出版日期:
2014-09-25
发布日期:
2017-06-14
基金资助:
Yu-qing ZHANG,Qian-ru WU,Qi-xu LIU,Ying DONG
Online:
2014-09-25
Published:
2017-06-14
Supported by:
摘要:
第三方追踪可以获得用户的浏览历史等隐私信息,如何保护第三方追踪带来的隐私威胁问题成为安全领域的重要研究内容。首先介绍第三方追踪的基本概念、特点及安全现状,并结合第三方应用的类型,总结了第三方追踪存在的隐私威胁。然后从有状态追踪和无状态追踪2个方面介绍第三方追踪的技术,并对第三方追踪防御的相关研究进行了分析和比较。最后总结第三方追踪中研究领域的开放性问题和发展方向。
张玉清,武倩如,刘奇旭,董颖. 第三方追踪的安全研究[J]. 通信学报, 2014, 35(9): 1-11.
Yu-qing ZHANG,Qian-ru WU,Qi-xu LIU,Ying DONG. Research on security of third-party tracking[J]. Journal on Communications, 2014, 35(9): 1-11.
[1] | LIBERT T . Privacy implications of health information seeking on the Web[EB/OL]. . 2014. |
[2] | NIKIFORAKIS N , KAPRAVELOS A , JOOSEN W , et al. Cookieless monster: exploring the ecosystem of Web-based device fingerprinting[A]. 2013 IEEE Symposium on Security and Privacy[C]. 2013.541-555. |
[3] | MAYER J R , MITCHELL J C , . Third-party Web tracking: policy and technology[A]. IEEE Symposium on Security and Privacy (SP)[C]. 2012.413-427. |
[4] | MAYER J . Tracking the trackers: to catch a history thief[EB/OL]. , 2011. |
[5] | MAYER J . Tracking the trackers: where everybody knows your user-name[EB/OL]. , 2011. |
[6] | KRISHNAMURTHY B , NARYSHKIN K , WILLS C . Privacy leakage vs.protection measures: the growing disconnect[A]. Web 2.0 Security and Privacy Workshop[C]. 2011.1-10. |
[7] | MALANDRINO D , SCARANO V . Privacy leakage on the Web:diffusion and countermeasures[J]. Computer Networks, 2013,57:2833-2855. |
[8] | ROESNER F , KOHNO T , WETHERALL D . Detecting and defending against third-party tracking on the Web[A]. Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementa-tion[C]. 2012.12-12. |
[9] | LI Z , ZHANG K , XIE Y , et al. Knowing your enemy: understanding and detecting malicious web advertising[A]. Proceedings of the 2012 ACM Conference on Computer and Communications Security[C]. 2012.674-686. |
[10] | BARFORD P , CANADI I , KRUSHEVSKAJA D , et al. Adscape:harvesting and analyzing online display ads[A]. Proceedings of the 23rd International Conference on World Wide Web[C]. 2014.597-608. |
[11] | SMIT E G , VAN N G , VOORVELD H A M . Understanding online behavioural advertising: user knowledge,privacy concerns and online coping behaviour in Europe[J]. Computers in Human Behavior, 2014,32:15-22. |
[12] | YAN J , LIU N , WANG G , et al. How much can behavioral targeting help online advertising[A]. Proceedings of the 18th International Con-ference on World Wide Web[C]. 2009.261-270. |
[13] | KOROLOVA A . Privacy violations using microtargeted ads: a case study[A]. IEEE International Conference on Data Mining Workshops (ICDMW)[C]. 2010.474-482. |
[14] | STUTZMAN F , GROSS R , ACQUISTI A . Silent listeners: the evolu-tion of privacy and disclosure on facebook[J]. Journal of Privacy and Confidentiality, 2013,4(2):2. |
[15] | RADER E . Awareness of behavioral tracking and information privacy concern in facebook and Google[A]. Symposium on Usable Privacy and Security (SOUPS)[C]. 2014. |
[16] | Google Libraries API[EB/OL]. . 2014. |
[17] | Google Feed API[EB/OL]. , 2014. |
[18] | Wordpress[EB/OL]. , 2014. |
[19] | Akamai[EB/OL]. , 2014. |
[20] | KRISHNAMURTHY B . Privacy leakage on the Internet[EB/OL]. , 2010. |
[21] | KRISHNAMURTHY B , WILLS C E . On the leakage of personally identifiable information via online social networks[A]. Proceedings of the 2nd ACM workshop on Online social networks[C]. 2009.7-12. |
[22] | HTTP cookie[EB/OL]. . 2014. |
[23] | SOLTANI A , CANTY S , MAYO Q , et al. Flash Cookies and pri-vacy[A]. AAAI Spring Symposium: Intelligent Information Privacy Management[C]. 2010. |
[24] | COSTANTE E , DEN HARTOG J , PETKOVI? M . What Web Sites Know About You Data Privacy Management and Autonomous Spon-taneous Security[M]. Springer Berlin Heidelberg, 2013.146-159. |
[25] | PRINCE J D . HTML5: not just a substitute for flash[J]. Journal of Electronic Resources in Medical Libraries, 2013,10(2):108-112. |
[26] | AYENSON M , WAMBACH D J , SOLTANI A , et al. Flash cookies and privacy II: now with HTML5 and etag respawning[EBOL]. . 2011. |
[27] | LAWSON B , SHARP R . Introducing html5[M]. New Riders, 2011. |
[28] | CHRIS J , HOOFNAGLE N G . The Web privacy census[EB/OL]. , 2012. |
[29] | RUIZ-MARTíNEZ A . A survey on solutions and main free tools for privacy enhancing Web communications[J]. Journal of Network and Computer Applications, 2012,35(5):1473-1492. |
[30] | ECKERSLEY P . How unique is your Web browser?[A]. Privacy Enhancing Technologies[C]. 2010.1-18. |
[31] | CARRASCAL J P , RIEDERER C , ERRAMILLI V , et al. Your browsing behavior for a big mac: Economics of personal information online[A]. Proceedings of the 22nd international conference on World Wide Web[C]. 2013.189-200. |
[32] | BlueCava[EB/OL]. , 2014. |
[33] | YEN T F , XIE Y , YU F , et al. Host fingerprinting and tracking on the web:Privacy and security implications[A]. Proceedings of NDSS[C]. 2012. |
[34] | ACAR G , JUAREZ M , NIKIFORAKIS N , et al. FPDetective: Dusting the web for fingerprinters[A]. Proceedings of the 2013 ACM SIGSAC confer-ence on Computer & communications security[C]. 2013.1129-1140. |
[35] | The history of the do not track header[EB/OL]. , 2007. |
[36] | Consumer data privacy in a networked world[EB/OL]. , 2012. |
[37] | Letter to the online advertising industry[EB/OL]. , 2011. |
[38] | Commission proposes a comprehensive reform of the data protection rules[EB/OL]. , 2012. |
[39] | IE9 and Privacy: Introducing Tracking Protection[EB/OL]. , 2010. |
[40] | Web tool on firefox to deter tracking[EB/OL]. , 2011. |
[41] | WINGFIELD N . Apple adds do-not-track tool to new browser[EB/OL]. , 2011. |
[42] | TOUBIANA V , NARAYANAN A , BONEH D , et al. Adnostic: pri-vacy preserving targeted advertising[A]. NDSS[C]. 2010. |
[43] | REZNICHENKO A , GUHA S , FRANCIS P . Auctions in do-not-track compliant internet advertising[A]. Proceedings of the 18th ACM Con-ference on Computer and Communications Security[C]. 2011,667-676. |
[44] | GUHA S , CHENG B , FRANCIS P . Privad: practical privacy in online advertising[A]. Proceedings of the 8th USENIX Conference on Net-worked Systems Design and Implementation[C]. 2011.169-182. |
[45] | AKKUS I E , CHEN R , HARDT M , et al. Non-tracking web ana-lytics[A]. Proceedings of the 2012 ACM Conference on Computer and Communications Security[C]. 2012.687-698. |
[46] | No cookie for Google search[EB/OL]. , 2014. |
[47] | BetterPrivacy[EB/OL]. , 2014. |
[48] | NoScript[EB/OL]. , 2014. |
[49] | Keep My Opt-Outs[EB/OL]. , 2014. |
[50] | Targeted advertising Cookie Opt-Out[EB/OL]. , 2014. |
[51] | LEON P , UR B , SHAY R , et al. Why Johnny can't opt out: a usability evaluation of tools to limit online behavioral advertising[A]. Proceed-ings of the SIGCHI Conference on Human Factors in Computing Sys-tems[C]. 2012.589-598. |
[52] | DoNotTrackMe: online privacy protection[EB/OL]. , 2014. |
[53] | Ghostery[EB/OL]. , 2014. |
[54] | Adblock plus[EB/OL]. , 2014. |
[55] | BAU J , MAYER J , PASKOV R , et al. A promising direction for Web tracking countermeasures[A]. Web 2.0 Security & Privacy[C]. 2013. |
[1] | 马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153. |
[2] | 张佳乐, 朱诚诚, 孙小兵, 陈兵. 基于GAN的联邦学习成员推理攻击与防御方法[J]. 通信学报, 2023, 44(5): 193-205. |
[3] | 冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233. |
[4] | 尹沛捷, 李凤华, 牛犇, 罗海洋, 邝彬, 张玲翠. 面向版式文档的细粒度隐私操作控制方法[J]. 通信学报, 2023, 44(5): 94-109. |
[5] | 余晟兴, 陈泽凯, 陈钟, 刘西蒙. DAGUARD:联邦学习下的分布式后门攻击防御方案[J]. 通信学报, 2023, 44(5): 110-122. |
[6] | 夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123. |
[7] | 胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200. |
[8] | 徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127. |
[9] | 张淑芬, 董燕灵, 徐精诚, 王豪石. 基于目标扰动的AdaBoost算法[J]. 通信学报, 2023, 44(2): 198-209. |
[10] | 余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28. |
[11] | 汤凌韬, 王迪, 刘盛云. 面向非独立同分布数据的联邦学习数据增强方案[J]. 通信学报, 2023, 44(1): 164-176. |
[12] | 袁程胜, 郭强, 付章杰. 基于差分隐私的深度伪造指纹检测模型版权保护算法[J]. 通信学报, 2022, 43(9): 181-193. |
[13] | 王瀚仪, 李效光, 毕文卿, 陈亚虹, 李凤华, 牛犇. 多级本地化差分隐私算法推荐框架[J]. 通信学报, 2022, 43(8): 52-64. |
[14] | 张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141. |
[15] | 陈炜宇, 骆俊杉, 王方刚, 丁海洋, 王世练, 夏国江. 无线隐蔽通信容量限与实现技术综述[J]. 通信学报, 2022, 43(8): 203-218. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|