{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T00:29:34Z","timestamp":1766449774153,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":32,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789811692284"},{"type":"electronic","value":"9789811692291"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Browser fingerprinting is a practical user tracking technology widely adopted by many real-world websites to potentially track users\u2019 browsing behaviors. By collecting information such as screen resolution, user agent, and WebGL rendered data, the tracker can generate a unique identifier for users without their knowledge, leading to a severe violation of user privacy. Therefore, an effective detection and defense technology for browser fingerprinting is needed to protect user privacy. In this paper, we proposed FPFlow, a dynamic JavaScript taint analysis framework to detect and prevent browser fingerprinting. FPFlow monitors the whole process of browser fingerprinting, including collecting information, generating fingerprinting, and sending it to the remote server. We evaluated FPFlow on TRANCO top 10,000 websites. Our experiments showed that our framework could effectively detect browser fingerprints. We found 66.6% of the websites performing fingerprinting and revealed how browser fingerprinting is applied in real-world websites. We also showed that FPFlow could prevent browser fingerprinting with an acceptable overhead.<\/jats:p>","DOI":"10.1007\/978-981-16-9229-1_4","type":"book-chapter","created":{"date-parts":[[2022,1,21]],"date-time":"2022-01-21T12:03:56Z","timestamp":1642766636000},"page":"51-67","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["FPFlow: Detect and\u00a0Prevent Browser Fingerprinting with Dynamic Taint Analysis"],"prefix":"10.1007","author":[{"given":"Tianyi","family":"Li","sequence":"first","affiliation":[]},{"given":"Xiaofeng","family":"Zheng","sequence":"additional","affiliation":[]},{"given":"Kaiwen","family":"Shen","sequence":"additional","affiliation":[]},{"given":"Xinhui","family":"Han","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,1,21]]},"reference":[{"key":"4_CR1","unstructured":"Amiunique. https:\/\/amiunique.org\/fp"},{"key":"4_CR2","unstructured":"Firefox\u2019s protection against fingerprinting. https:\/\/support.mozilla.org\/en-US\/kb\/firefox-protection-against-fingerprinting"},{"key":"4_CR3","unstructured":"JS-beautify. https:\/\/github.com\/beautify-web\/js-beautify"},{"key":"4_CR4","unstructured":"mitmproxy. https:\/\/mitmproxy.org\/"},{"key":"4_CR5","unstructured":"Puppeteer. https:\/\/pptr.dev\/"},{"key":"4_CR6","unstructured":"Tor project. https:\/\/www.torproject.org\/"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., Diaz, C.: The web never forgets: persistent tracking mechanisms in the wild. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 674\u2013689 (2014)","DOI":"10.1145\/2660267.2660347"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., G\u00fcrses, S., Piessens, F., Preneel, B.: FPDetective: dusting the web for fingerprinters. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 1129\u20131140 (2013)","DOI":"10.1145\/2508859.2516674"},{"key":"4_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1007\/978-3-319-99136-8_26","volume-title":"Information Security","author":"NM Al-Fannah","year":"2018","unstructured":"Al-Fannah, N.M., Li, W., Mitchell, C.J.: Beyond cookie monster amnesia: real world persistent online tracking. In: Chen, L., Manulis, M., Schneider, S. (eds.) ISC 2018. LNCS, vol. 11060, pp. 481\u2013501. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-99136-8_26"},{"key":"4_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1007\/978-3-030-52683-2_8","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"B Amin Azad","year":"2020","unstructured":"Amin Azad, B., Starov, O., Laperdrix, P., Nikiforakis, N.: Short paper - taming the shape shifter: detecting anti-fingerprinting browsers. In: Maurice, C., Bilge, L., Stringhini, G., Neves, N. (eds.) DIMVA 2020. LNCS, vol. 12223, pp. 160\u2013170. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-52683-2_8"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Baumann, P., Katzenbeisser, S., Stopczynski, M., Tews, E.: Disguised chromium browser: robust browser, flash and canvas fingerprinting protection. In: Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, pp. 37\u201346 (2016)","DOI":"10.1145\/2994620.2994621"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Cao, Y., Li, S., Wijmans, E., et al.: (cross-) browser fingerprinting via OS and hardware level features. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23152"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Chen, Q., Kapravelos, A.: Mystique: uncovering information leakage from browser extensions. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1687\u20131700 (2018)","DOI":"10.1145\/3243734.3243823"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Datta, A., Lu, J., Tschantz, M.C.: Evaluating anti-fingerprinting privacy enhancing technologies. In: The World Wide Web Conference, pp. 351\u2013362 (2019)","DOI":"10.1145\/3308558.3313703"},{"key":"4_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-14527-8_1","volume-title":"Privacy Enhancing Technologies","author":"P Eckersley","year":"2010","unstructured":"Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1\u201318. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14527-8_1"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1388\u20131401 (2016)","DOI":"10.1145\/2976749.2978313"},{"key":"4_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-319-20810-7_21","volume-title":"Data and Applications Security and Privacy XXIX","author":"A FaizKhademi","year":"2015","unstructured":"FaizKhademi, A., Zulkernine, M., Weldemariam, K.: FPGuard: detection and prevention of browser fingerprinting. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 293\u2013308. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-20810-7_21"},{"key":"4_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-662-47854-7_7","volume-title":"Financial Cryptography and Data Security","author":"D Fifield","year":"2015","unstructured":"Fifield, D., Egelman, S.: Fingerprinting web users through font metrics. In: B\u00f6hme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 107\u2013124. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47854-7_7"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Iqbal, U., Englehardt, S., Shafiq, Z.: Fingerprinting the fingerprinters: learning to detect browser fingerprinting behaviors. arXiv preprint arXiv:2008.04480 (2020)","DOI":"10.1109\/SP40001.2021.00017"},{"key":"4_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-319-62105-0_7","volume-title":"Engineering Secure Software and Systems","author":"P Laperdrix","year":"2017","unstructured":"Laperdrix, P., Baudry, B., Mishra, V.: FPRandom: randomizing core browser objects to break advanced device fingerprinting techniques. In: Bodden, E., Payer, M., Athanasopoulos, E. (eds.) ESSoS 2017. LNCS, vol. 10379, pp. 97\u2013114. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-62105-0_7"},{"issue":"2","key":"4_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3386040","volume":"14","author":"P Laperdrix","year":"2020","unstructured":"Laperdrix, P., Bielova, N., Baudry, B., Avoine, G.: Browser fingerprinting: a survey. ACM Trans. Web (TWEB) 14(2), 1\u201333 (2020)","journal-title":"ACM Trans. Web (TWEB)"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Laperdrix, P., Rudametkin, W., Baudry, B.: Beauty and the beast: diverting modern web browsers to build unique browser fingerprints. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 878\u2013894. IEEE (2016)","DOI":"10.1109\/SP.2016.57"},{"key":"4_CR23","unstructured":"Mowery, K., Shacham, H.: Pixel perfect: fingerprinting canvas in HTML5. In: Proceedings of W2SP, pp. 1\u201312 (2012)"},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Joosen, W., Livshits, B.: PriVaricator: deceiving fingerprinters with little white lies. In: Proceedings of the 24th International Conference on World Wide Web, pp. 820\u2013830 (2015)","DOI":"10.1145\/2736277.2741090"},{"key":"4_CR25","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: 2013 IEEE Symposium on Security and Privacy, pp. 541\u2013555. IEEE (2013)","DOI":"10.1109\/SP.2013.43"},{"key":"4_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"254","DOI":"10.1007\/978-3-319-29883-2_18","volume-title":"Data Privacy Management, and Security Assurance","author":"\u0141 Olejnik","year":"2016","unstructured":"Olejnik, \u0141, Acar, G., Castelluccia, C., Diaz, C.: The leaking battery. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM\/QASA -2015. LNCS, vol. 9481, pp. 254\u2013263. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29883-2_18"},{"key":"4_CR27","unstructured":"Pochat, V.L., Van Goethem, T., Tajalizadehkhoob, S., Korczy\u0144ski, M., Joosen, W.: Tranco: a research-oriented top sites ranking hardened against manipulation. arXiv preprint arXiv:1806.01156 (2018)"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Sj\u00f6sten, A., Van Acker, S., Sabelfeld, A.: Discovering browser extensions via web accessible resources. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 329\u2013336 (2017)","DOI":"10.1145\/3029806.3029820"},{"key":"4_CR29","doi-asserted-by":"crossref","unstructured":"Starov, O., Laperdrix, P., Kapravelos, A., Nikiforakis, N.: Unnecessarily identifiable: quantifying the fingerprintability of browser extensions due to bloat. In: The World Wide Web Conference, pp. 3244\u20133250 (2019)","DOI":"10.1145\/3308558.3313458"},{"key":"4_CR30","doi-asserted-by":"crossref","unstructured":"Starov, O., Nikiforakis, N.: XHOUND: quantifying the fingerprintability of browser extensions. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 941\u2013956. IEEE (2017)","DOI":"10.1109\/SP.2017.18"},{"key":"4_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-24177-7_1","volume-title":"Computer Security \u2013 ESORICS 2015","author":"CF Torres","year":"2015","unstructured":"Torres, C.F., Jonker, H., Mauw, S.: FP-Block: usable web privacy by controlling browser fingerprinting. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 3\u201319. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-24177-7_1"},{"key":"4_CR32","unstructured":"Vastel, A., Laperdrix, P., Rudametkin, W., Rouvoy, R.: FP-scanner: the privacy implications of browser fingerprint inconsistencies. In: 27th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 18), pp. 135\u2013150 (2018)"}],"container-title":["Communications in Computer and Information Science","Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-16-9229-1_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,21]],"date-time":"2022-04-21T14:21:48Z","timestamp":1650550908000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-16-9229-1_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9789811692284","9789811692291"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-981-16-9229-1_4","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"21 January 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CNCERT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China Cyber Security Annual Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Beijing","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 July 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 July 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cncert2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/conf.cert.org.cn","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}