4,313 research outputs found
Web Tracking: Mechanisms, Implications, and Defenses
This articles surveys the existing literature on the methods currently used
by web services to track the user online as well as their purposes,
implications, and possible user's defenses. A significant majority of reviewed
articles and web resources are from years 2012-2014. Privacy seems to be the
Achilles' heel of today's web. Web services make continuous efforts to obtain
as much information as they can about the things we search, the sites we visit,
the people with who we contact, and the products we buy. Tracking is usually
performed for commercial purposes. We present 5 main groups of methods used for
user tracking, which are based on sessions, client storage, client cache,
fingerprinting, or yet other approaches. A special focus is placed on
mechanisms that use web caches, operational caches, and fingerprinting, as they
are usually very rich in terms of using various creative methodologies. We also
show how the users can be identified on the web and associated with their real
names, e-mail addresses, phone numbers, or even street addresses. We show why
tracking is being used and its possible implications for the users (price
discrimination, assessing financial credibility, determining insurance
coverage, government surveillance, and identity theft). For each of the
tracking methods, we present possible defenses. Apart from describing the
methods and tools used for keeping the personal data away from being tracked,
we also present several tools that were used for research purposes - their main
goal is to discover how and by which entity the users are being tracked on
their desktop computers or smartphones, provide this information to the users,
and visualize it in an accessible and easy to follow way. Finally, we present
the currently proposed future approaches to track the user and show that they
can potentially pose significant threats to the users' privacy.Comment: 29 pages, 212 reference
Privacy-Preserving Crowd-Sourcing of Web Searches with Private Data Donor
Search engines play an important role on the Web, helping users find relevant resources and answers to their questions. At the same time, search logs can also be of great utility to researchers. For instance, a number of recent research efforts have relied on them to build prediction and inference models, for applications ranging from economics and marketing to public health surveillance. However, companies rarely release search logs, also due to the related privacy issues that ensue, as they are inherently hard to anonymize. As a result, it is very difficult for researchers to have access to search data, and even if they do, they are fully dependent on the company providing them. Aiming to overcome these issues, this paper presents Private Data Donor (PDD), a decentralized and private-by-design platform providing crowd-sourced Web searches to researchers. We build on a cryptographic protocol for privacy preserving data aggregation, and address a few practical challenges to add reliability into the system with regards to users disconnecting or stopping using the platform. We discuss how PDD can be used to build a flu monitoring model, and evaluate the impact of the privacy-preserving layer on the quality of the results. Finally, we present the implementation of our platform, as a browser extension and a server, and report on a pilot deployment with real users
Joint optimisation of privacy and cost of in-app mobile user profiling and targeted ads
Online mobile advertising ecosystems provide advertising and analytics
services that collect, aggregate, process and trade rich amount of consumer's
personal data and carries out interests-based ads targeting, which raised
serious privacy risks and growing trends of users feeling uncomfortable while
using internet services. In this paper, we address user's privacy concerns by
developing an optimal dynamic optimisation cost-effective framework for
preserving user privacy for profiling, ads-based inferencing, temporal apps
usage behavioral patterns and interest-based ads targeting. A major challenge
in solving this dynamic model is the lack of knowledge of time-varying updates
during profiling process. We formulate a mixed-integer optimisation problem and
develop an equivalent problem to show that proposed algorithm does not require
knowledge of time-varying updates in user behavior. Following, we develop an
online control algorithm to solve equivalent problem using Lyapunov
optimisation and to overcome difficulty of solving nonlinear programming by
decomposing it into various cases and achieve trade-off between user privacy,
cost and targeted ads. We carry out extensive experimentations and demonstrate
proposed framework's applicability by implementing its critical components
using POC `System App'. We compare proposed framework with other privacy
protecting approaches and investigate that it achieves better privacy and
functionality for various performance parameters
- …