Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Tracking users on the Internet with behavioral patterns: Evaluation of its practical feasibility

: Banse, C.; Herrmann, D.; Federrath, H.


Gritzalis, D. ; International Federation for Information Processing -IFIP-, Technical Committee Security and Privacy Protection in Information Processing Systems:
Information security and privacy research. 27th IFIP TC 11 Information Security and Privacy Conference, SEC 2012 : Heraklion, Crete, Greece, June 4 - 6, 2012. Proceedings
Heidelberg: Springer, 2012 (IFIP advances in information and communication technology 376)
ISBN: 3-642-30435-4 (print)
ISBN: 978-3-642-30435-4 (print)
ISBN: 978-3-642-30436-1 (online)
Information Security and Privacy Conference (SEC) <27, 2012, Heraklion>
Fraunhofer AISEC ()

Traditionally, service providers, who want to track the activities of Internet users, rely on explicit tracking techniques like HTTP cookies. From a privacy perspective behavior-based tracking is even more dangerous, because it allows service providers to track users passively, i. e., without cookies. In this case multiple sessions of a user are linked by exploiting characteristic patterns mined from network traffic. In this paper we study the feasibility of behavior-based tracking in a real-world setting, which is unknown so far. In principle, behavior-based tracking can be carried out by any attacker that can observe the activities of users on the Internet. We design and implement a behavior-based tracking technique that consists of a Naive Bayes classifier supported by a cosine similarity decision engine. We evaluate our technique using a large-scale dataset that contains all queries received by a DNS resolver that is used by more than 2100 concurrent users on averag e per day. Our technique is able to correctly link 88.2 % of the surfing sessions on a day-to-day basis. We also discuss various countermeasures that reduce the effectiveness of our technique.