Quantifying Web Adblocker Privacy

  • Arthur Gervais
  • Alexandros Filios
  • Vincent Lenders
  • Srdjan Capkun
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)

Abstract

Web advertisements, an integral part of today’s web browsing experience, financially support countless websites. Meaningful advertisements, however, require behavioral targeting, user tracking and profile fingerprinting that raise serious privacy concerns. To counter privacy issues and enhance usability, adblockers emerged as a popular way to filter web requests that do not serve the website’s main content. Despite their popularity, little work has focused on quantifying the privacy provisions of adblockers.

In this paper, we develop a quantitative framework to compare the privacy provisions of adblockers objectively. For our methodology, we introduce several privacy metrics that capture not only the technical web architecture but also the underlying corporate institutions of the problem across time and geography.

Using our framework, we quantify the web privacy implications of 12 ad-blocking software combinations and browser settings on 1000 websites on a daily basis over a timespan of three weeks (a total of 252’000 crawls). Our results highlight a significant difference among adblockers regarding filtering performance, in particular, affected by the applied configurations. Our experimental results confirm that our framework provides consistent results and hence can be used as a quantitative methodology to assess other configurations and adblockers further.

References

  1. 1.
    Allowing acceptable ads in adblock plus. https://adblockplus.org/en/acceptable-ads
  2. 2.
  3. 3.
  4. 4.
  5. 5.
    The state of do not track in firefox. https://dnt-dashboard.mozilla.org/
  6. 6.
    Number of mobile-only internet users now exceeds desktop-only in the U.S, April 2015. http://www.comscore.com/Insights/Blog/Number-of-Mobile-Only-Internet-Users-Now-Exceeds-Desktop-Only-in-the-U.S
  7. 7.
    Balebako, R., Leon, P., Shay, R., Ur, B., Wang, Y., Cranor, L.: Measuring the effectiveness of privacy tools for limiting behavioral advertising. Web (2012)Google Scholar
  8. 8.
    Barford, P., Canadi, I., Krushevskaja, D., Ma, O., Muthukrishnan, S.: Adscape: harvesting and analyzing online display ads. In: Proceedings of the 23rd International Conference on World Wide Web, pp. 597–608. ACM (2014)Google Scholar
  9. 9.
    Butkiewicz, M., Madhyastha, H.V., Sekar, V.: Understanding website complexity: measurements, metrics, and implications. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, pp. 313–328. ACM (2011)Google Scholar
  10. 10.
    Castelluccia, C., Kaafar, M.-A., Tran, M.-D.: Betrayed by your ads!. In: Fischer-Hübner, S., Wright, M. (eds.) PETS 2012. LNCS, vol. 7384, pp. 1–17. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31680-7_1CrossRefGoogle Scholar
  11. 11.
    Datta, A., Tschantz, M.C., Datta, A.: Automated experiments on ad privacy settings. Proc. Priv. Enhanc. Technol. 2015(1), 92–112 (2015)Google Scholar
  12. 12.
    Englehardt, S., Eubank, C., Zimmerman, P., Reisman, D., Narayanan, A.: Web privacy measurement: scientific principles, engineering platform, and new results (2014). http://randomwalker.info/publications/WebPrivacyMeasurement.pdf
  13. 13.
    Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1388–1401. ACM (2016)Google Scholar
  14. 14.
    Gill, P., Erramilli, V., Chaintreau, A., Krishnamurthy, B., Papagiannaki, K., Rodriguez, P.: Best paper - follow the money: understanding economics of online aggregation and advertising. In: Proceedings of the 2013 Conference on Internet Measurement Conference, IMC 2013, pp. 141–148. ACM, New York (2013)Google Scholar
  15. 15.
    Gugelmann, D., Happe, M., Ager, B., Lenders, V.: An automated approach for complementing ad blockers’ blacklists. Proc. Priv. Enhanc. Technol. 2015(2), 282–298 (2015)Google Scholar
  16. 16.
    Guha, S., Cheng, B., Francis, P.: Privad: practical privacy in online advertising. In: USENIX Conference on Networked Systems Design and Implementation, pp. 169–182 (2011)Google Scholar
  17. 17.
    Haddadi, H., Guha, S., Francis, P.: Not all adware is badware: towards privacy-aware advertising. In: Godart, C., Gronau, N., Sharma, S., Canals, G. (eds.) I3E 2009. IAICT, vol. 305, pp. 161–172. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04280-5_14CrossRefGoogle Scholar
  18. 18.
    Kontaxis, G., Chew, M.: Tracking protection in firefox for privacy and performance. arXiv preprint arXiv:1506.04104 (2015)
  19. 19.
    Krishnamurthy, B., Malandrino, D., Wills, C.E.: Measuring privacy loss and the impact of privacy protection in web browsing. In: Proceedings of the 3rd Symposium on Usable Privacy and Security, pp. 52–63. ACM (2007)Google Scholar
  20. 20.
    Krishnamurthy, B., Wills, C.: Privacy diffusion on the web: a longitudinal perspective. In: Proceedings of the 18th International Conference on World Wide Web, pp. 541–550. ACM (2009)Google Scholar
  21. 21.
    Leon, P., Ur, B., Shay, R., Wang, Y., Balebako, R., Cranor, L.: Why johnny can’t opt out: a usability evaluation of tools to limit online behavioral advertising. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 589–598. ACM (2012)Google Scholar
  22. 22.
    Levin, D., Bhattacharjee, B., Douceur, J.R., Lorch, J.R., Mickens, J., Moscibroda, T.: Nurikabe: private yet accountable targeted advertising (2009, under submission). johndo@microsoft.comGoogle Scholar
  23. 23.
    Libert, T.: Exposing the invisible web: an analysis of third-party http requests on 1 million websites. Int. J. Commun. 9, 18 (2015)Google Scholar
  24. 24.
    Ma, J., Saul, L.K., Savage, S., Voelker, G.M.: Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1245–1254. ACM (2009)Google Scholar
  25. 25.
    Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 413–427. IEEE (2012)Google Scholar
  26. 26.
    Merzdovnik, G., Huber, M., Buhov, D., Nikiforakis, N., Neuner, S., Schmiedecker, M., Weippl, E.: Block me if you can: a large-scale study of tracker-blocking tools. In: 2nd IEEE European Symposium on Security and Privacy, Paris, France (2017)Google Scholar
  27. 27.
    Mikians, J., Gyarmati, L., Erramilli, V., Laoutaris, N.: Detecting price and search discrimination on the internet. In: Proceedings of the 11th ACM Workshop on Hot Topics in Networks, pp. 79–84. ACM (2012)Google Scholar
  28. 28.
    Nikiforakis, N., Acar, G.: Browse at your own risk. IEEE Spectr. 51(8), 30–35 (2014)CrossRefGoogle Scholar
  29. 29.
    Pujol, E., Hohlfeld, O., Feldmann, A.: Annoyed users: ads and ad-block usage in the wild. In: Proceedings of the 2015 ACM Conference on Internet Measurement Conference, pp. 93–106. ACM (2015)Google Scholar
  30. 30.
    Roesner, F., Kohno, T., Wetherall, D.: Detecting and defending against third-party tracking on the web. In: Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation, pp. 12–12. USENIX Association (2012)Google Scholar
  31. 31.
    Singer, D., Fielding, R.T.: Tracking preference expression (DNT). Technical report, May 2015Google Scholar
  32. 32.
    Ruffell, M., Hong, J.B., Kim, D.S.: Analyzing the effectiveness of privacy related add-ons employed to thwart web based tracking. In: 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 264–272. IEEE (2015)Google Scholar
  33. 33.
    Soltani, A., Canty, S., Mayo, Q., Thomas, L., Hoofnagle, C.J.: Flash cookies and privacy. In: AAAI Spring Symposium: Intelligent Information Privacy Management, vol. 2010, pp. 158–163 (2010)Google Scholar
  34. 34.
    Toubiana, V., Narayanan, A., Boneh, D., Nissenbaum, H., Barocas, S.: Adnostic: privacy preserving targeted advertising. In: Proceedings Network and Distributed System Symposium (2010)Google Scholar
  35. 35.
    Tran, M., Dong, X., Liang, Z., Jiang, X.: Tracking the trackers: fast and scalable dynamic analysis of web content for privacy violations. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 418–435. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31284-7_25CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Arthur Gervais
    • 1
  • Alexandros Filios
    • 1
  • Vincent Lenders
    • 2
  • Srdjan Capkun
    • 1
  1. 1.ETH ZurichZurichSwitzerland
  2. 2.ArmasuisseThunSwitzerland

Personalised recommendations