{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T22:01:08Z","timestamp":1757541668048},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030220372"},{"type":"electronic","value":"9783030220389"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-22038-9_3","type":"book-chapter","created":{"date-parts":[[2019,6,9]],"date-time":"2019-06-09T19:02:31Z","timestamp":1560106951000},"page":"43-66","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":22,"title":["Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting"],"prefix":"10.1007","author":[{"given":"Pierre","family":"Laperdrix","sequence":"first","affiliation":[]},{"given":"Gildas","family":"Avoine","sequence":"additional","affiliation":[]},{"given":"Benoit","family":"Baudry","sequence":"additional","affiliation":[]},{"given":"Nick","family":"Nikiforakis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,6,6]]},"reference":[{"key":"3_CR1","unstructured":"Pale Moon browser - Version 25.6.0 adds a canvas poisoning feature (2015). \n                      https:\/\/www.palemoon.org\/releasenotes-archived.shtml"},{"key":"3_CR2","unstructured":"Bugzilla - Bug 1231701: Ship an emoji font on Windows XP-7 (2017). \n                      https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1231701"},{"key":"3_CR3","unstructured":"Yahoo breach actually hit all 3 billion user accounts - CNET (2017). \n                      https:\/\/www.cnet.com\/news\/yahoo-announces-all-3-billion-accounts-hit-in-2013-breach\/"},{"key":"3_CR4","unstructured":"Canvas Defender - Firefox add-on that adds noise to a canvas element (2018). \n                      https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/no-canvas-fingerprinting\/"},{"key":"3_CR5","unstructured":"Over a billion people\u2019s data was compromised in 2018 - NordVPN (2018). \n                      https:\/\/nordvpn.com\/blog\/biggest-data-breaches-2018\/"},{"key":"3_CR6","unstructured":"Two Factor Auth List - List of websites supporting two-factor authentication and the methods they use (2018). \n                      https:\/\/twofactorauth.org\/"},{"key":"3_CR7","unstructured":"User Authentication with OAuth 2.0 (2018). \n                      https:\/\/oauth.net\/articles\/authentication\/"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., Diaz, C.: The web never forgets: persistent tracking mechanisms in the wild. In: CCS 2014 (2014)","DOI":"10.1145\/2660267.2660347"},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., G\u00fcrses, S., Piessens, F., Preneel, B.: FPDetective: dusting the web for fingerprinters. In: CCS 2013 (2013)","DOI":"10.1145\/2508859.2516674"},{"key":"3_CR10","doi-asserted-by":"crossref","unstructured":"Alaca, F., van Oorschot, P.: Device fingerprinting for augmenting web authentication: classification and analysis of methods. In: ACSAC 2016 (2016)","DOI":"10.1145\/2991079.2991091"},{"key":"3_CR11","doi-asserted-by":"crossref","unstructured":"Bonneau, J., Herley, C., Van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: S&P 2012 (2012)","DOI":"10.1109\/SP.2012.44"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Bursztein, E., Malyshev, A., Pietraszek, T., Thomas, K.: Picasso: lightweight device class fingerprinting for web clients. In: SPSM 2016 (2016)","DOI":"10.1145\/2994459.2994467"},{"key":"3_CR13","doi-asserted-by":"crossref","unstructured":"Cao, Y., Li, S., Wijmans, E.: (Cross-)Browser fingerprinting via OS and hardware level features. In: NDSS 2017 (2017)","DOI":"10.14722\/ndss.2017.23152"},{"key":"3_CR14","unstructured":"Conway, J.H.: On Numbers and Games. No. 6 in London Mathematical Society Monographs. Academic Press, London-New-San Francisco (1976)"},{"key":"3_CR15","unstructured":"Duo Labs: State of the Auth: Experiences and Perceptions of Multi-Factor Authentication. \n                      https:\/\/duo.com\/assets\/ebooks\/state-of-the-auth.pdf"},{"key":"3_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-14527-8_1","volume-title":"Privacy Enhancing Technologies","author":"P Eckersley","year":"2010","unstructured":"Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1\u201318. Springer, Heidelberg (2010). \n                      https:\/\/doi.org\/10.1007\/978-3-642-14527-8_1"},{"key":"3_CR17","doi-asserted-by":"crossref","unstructured":"Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: CCS 2016 (2016)","DOI":"10.1145\/2976749.2978313"},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"G\u00f3mez-Boix, A., Laperdrix, P., Baudry, B.: Hiding in the crowd: an analysis of the effectiveness of browser fingerprinting at large scale. In: WWW 2018 (2018)","DOI":"10.1145\/3178876.3186097"},{"key":"3_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-319-62105-0_7","volume-title":"Engineering Secure Software and Systems","author":"P Laperdrix","year":"2017","unstructured":"Laperdrix, P., Baudry, B., Mishra, V.: FPRandom: randomizing core browser objects to break advanced device fingerprinting techniques. In: Bodden, E., Payer, M., Athanasopoulos, E. (eds.) ESSoS 2017. LNCS, vol. 10379, pp. 97\u2013114. Springer, Cham (2017). \n                      https:\/\/doi.org\/10.1007\/978-3-319-62105-0_7"},{"key":"3_CR20","doi-asserted-by":"crossref","unstructured":"Laperdrix, P., Rudametkin, W., Baudry, B.: Beauty and the beast: diverting modern web browsers to build unique browser fingerprints. In: S&P 2016 (2016)","DOI":"10.1109\/SP.2016.57"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Laperdrix, P., Rudametkin, W., Baudry, B.: Mitigating browser fingerprint tracking: multi-level reconfiguration and diversification. In: SEAMS 2015 (2015)","DOI":"10.1109\/SEAMS.2015.18"},{"key":"3_CR22","unstructured":"Milka, G.: Anatomy of Account Takeover (2018). \n                      https:\/\/www.usenix.org\/node\/208154"},{"key":"3_CR23","unstructured":"Mowery, K., Shacham, H.: Pixel perfect: fingerprinting canvas in HTML5. In: W2SP 2012 (2012)"},{"key":"3_CR24","unstructured":"Mulazzani, M., Reschl, P., Huber, M., Leithner, M., Schrittwieser, S., Weippl, E., Wien, F.C.: Fast and reliable browser identification with javascript engine fingerprinting. In: W2SP 2013 (2013)"},{"key":"3_CR25","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Joosen, W., Livshits, B.: Privaricator: deceiving fingerprinters with little white lies. In: WWW 2015 (2015)","DOI":"10.1145\/2736277.2741090"},{"key":"3_CR26","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: S&P 2013 (2013)","DOI":"10.1109\/SP.2013.43"},{"key":"3_CR27","unstructured":"Picazo-Sanchez, P., Sj\u00f6sten, A., Van Acker, S., Sabelfeld, A.: LATEX GLOVES: protecting browser extensions from probing and revelation attacks. In: NDSS 2019 (2019)"},{"key":"3_CR28","unstructured":"Rupertus Fine Art Research: What Is Morellian Analysis. \n                      http:\/\/rupertusresearch.com\/2016\/09\/27\/what-is-morellian-analysis\/\n                      \n                     (2016)"},{"key":"3_CR29","doi-asserted-by":"crossref","unstructured":"S\u00e1nchez-Rola, I., Santos, I., Balzarotti, D.: Clock around the clock: time-based device fingerprinting. In: CCS 2018 (2018)","DOI":"10.1145\/3243734.3243796"},{"key":"3_CR30","unstructured":"Sanchez-Rola, I., Santos, I., Balzarotti, D.: Extension breakdown: security analysis of browsers extension resources control policies. In: USENIX Security 2017 (2017)"},{"issue":"3","key":"3_CR31","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"CE Shannon","year":"1948","unstructured":"Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(3), 379\u2013423 (1948)","journal-title":"Bell Syst. Tech. J."},{"key":"3_CR32","doi-asserted-by":"crossref","unstructured":"Sj\u00f6sten, A., Van Acker, S., Sabelfeld, A.: Discovering browser extensions via web accessible resources. In: CODASPY 2017 (2017)","DOI":"10.1145\/3029806.3029820"},{"key":"3_CR33","doi-asserted-by":"crossref","unstructured":"Spooren, J., Preuveneers, D., Joosen, W.: Mobile device fingerprinting considered harmful for risk-based authentication. In: EuroSec 2015 (2015)","DOI":"10.1145\/2751323.2751329"},{"key":"3_CR34","doi-asserted-by":"crossref","unstructured":"Starov, O., Laperdrix, P., Kapravelos, A., Nikiforakis, N.: Unnecessarily identifiable: quantifying the fingerprintability of browser extensions due to bloat. In: WWW 2019 (2019)","DOI":"10.1145\/3308558.3313458"},{"key":"3_CR35","doi-asserted-by":"crossref","unstructured":"Starov, O., Nikiforakis, N.: XHOUND: quantifying the fingerprintability of browser extensions. In: S&P 2017 (2017)","DOI":"10.1109\/SP.2017.18"},{"key":"3_CR36","unstructured":"Vastel, A., Laperdrix, P., Rudametkin, W., Rouvoy, R.: FP-Scanner: the privacy implications of browser fingerprint inconsistencies. In: USENIX Security 2018 (2018)"},{"key":"3_CR37","doi-asserted-by":"crossref","unstructured":"Vastel, A., Laperdrix, P., Rudametkin, W., Rouvoy, R.: FP-STALKER: tracking browser fingerprint evolutions. In: S&P 2018 (2018)","DOI":"10.1109\/SP.2018.00008"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-22038-9_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,9]],"date-time":"2019-06-09T19:09:04Z","timestamp":1560107344000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-22038-9_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030220372","9783030220389"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-22038-9_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"6 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Gothenburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dimva2019.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"dimca2019.hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}