{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,23]],"date-time":"2026-06-23T19:31:32Z","timestamp":1782243092387,"version":"3.54.5"},"reference-count":109,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2021,9,28]],"date-time":"2021-09-28T00:00:00Z","timestamp":1632787200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Web"],"published-print":{"date-parts":[[2022,2,28]]},"abstract":"<jats:p>Modern browsers give access to several attributes that can be collected to form a browser fingerprint. Although browser fingerprints have primarily been studied as a web tracking tool, they can contribute to improve the current state of web security by augmenting web authentication mechanisms. In this article, we investigate the adequacy of browser fingerprints for web authentication. We make the link between the digital fingerprints that distinguish browsers, and the biological fingerprints that distinguish Humans, to evaluate browser fingerprints according to properties inspired by biometric authentication factors. These properties include their distinctiveness, their stability through time, their collection time, their size, and the accuracy of a simple verification mechanism. We assess these properties on a large-scale dataset of 4,145,408\u00a0fingerprints composed of 216\u00a0attributes and collected from 1,989,365\u00a0browsers. We show that, by time-partitioning our dataset, more than 81.3% of our fingerprints are shared by a single browser. Although browser fingerprints are known to evolve, an average of 91% of the attributes of our fingerprints stay identical between two observations, even when separated by nearly six\u00a0months. About their performance, we show that our fingerprints weigh a dozen of kilobytes and take a few seconds to collect. Finally, by processing a simple verification mechanism, we show that it achieves an equal error rate of 0.61%. We enrich our results with the analysis of the correlation between the attributes and their contribution to the evaluated properties. We conclude that our browser fingerprints carry the promise to strengthen web authentication mechanisms.<\/jats:p>","DOI":"10.1145\/3478026","type":"journal-article","created":{"date-parts":[[2021,9,28]],"date-time":"2021-09-28T20:56:14Z","timestamp":1632862574000},"page":"1-62","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["A Large-scale Empirical Analysis of Browser Fingerprints Properties for Web Authentication"],"prefix":"10.1145","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0224-5664","authenticated-orcid":false,"given":"Nampoina","family":"Andriamilanto","sequence":"first","affiliation":[{"name":"Institute of Research and Technology b-com, France and Univ Rennes, CNRS, IRISA, Rennes, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2777-0027","authenticated-orcid":false,"given":"Tristan","family":"Allard","sequence":"additional","affiliation":[{"name":"Univ Rennes, CNRS, IRISA, Rennes, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ga\u00ebtan","family":"Le Guelvouit","sequence":"additional","affiliation":[{"name":"Institute of Research and Technology b-com, Cesson-S\u00e9vign\u00e9, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alexandre","family":"Garel","sequence":"additional","affiliation":[{"name":"Institute of Research and Technology b-com, Cesson-S\u00e9vign\u00e9, France"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2021,9,28]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Consolidated text: Directive 2002\/58\/EC of the European Parliament and of the Council of","year":"2002","unstructured":"2002. Consolidated text: Directive 2002\/58\/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). Retrieved from https:\/\/data.europa.eu\/eli\/dir\/2002\/58\/2009-12-19. 2002. Consolidated text: Directive 2002\/58\/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications). Retrieved from https:\/\/data.europa.eu\/eli\/dir\/2002\/58\/2009-12-19."},{"key":"e_1_2_1_2_1","volume-title":"Consolidated text: Directive 2009\/136\/EC of the European Parliament and of the Council of","year":"2009","unstructured":"2009. Consolidated text: Directive 2009\/136\/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002\/22\/EC on universal service and users\u2019 rights relating to electronic communications networks and services, Directive 2002\/58\/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006\/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws (Text with EEA relevance). Retrieved from https:\/\/data.europa.eu\/eli\/dir\/2009\/136\/2009-12-19. 2009. Consolidated text: Directive 2009\/136\/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002\/22\/EC on universal service and users\u2019 rights relating to electronic communications networks and services, Directive 2002\/58\/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006\/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws (Text with EEA relevance). Retrieved from https:\/\/data.europa.eu\/eli\/dir\/2009\/136\/2009-12-19."},{"key":"e_1_2_1_3_1","unstructured":"2017. Browser Market Share France | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/browser-market-share\/all\/france\/2017.  2017. Browser Market Share France | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/browser-market-share\/all\/france\/2017."},{"key":"e_1_2_1_4_1","unstructured":"2017. Operating System Market Share France | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/os-market-share\/all\/france\/2017.  2017. Operating System Market Share France | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/os-market-share\/all\/france\/2017."},{"key":"e_1_2_1_5_1","volume-title":"createDataChannel","unstructured":"2021. \u201c createDataChannel \u201d | Can I use... Support tables for HTML5, CSS3, etc. Retrieved from https:\/\/caniuse.com\/?search=createDataChannel. 2021. \u201ccreateDataChannel\u201d | Can I use... Support tables for HTML5, CSS3, etc. Retrieved from https:\/\/caniuse.com\/?search=createDataChannel."},{"key":"e_1_2_1_6_1","volume-title":"SpeechSynthesis","unstructured":"2021. \u201c SpeechSynthesis \u201d | Can I use... Support tables for HTML5, CSS3, etc. Retrieved from https:\/\/caniuse.com\/?search=SpeechSynthesis. 2021. \u201cSpeechSynthesis\u201d | Can I use... Support tables for HTML5, CSS3, etc. Retrieved from https:\/\/caniuse.com\/?search=SpeechSynthesis."},{"key":"e_1_2_1_7_1","volume-title":"Web Audio API","unstructured":"2021. \u201c Web Audio API \u201d | Can I use... Support tables for HTML5, CSS3, etc. Retrieved from https:\/\/caniuse.com\/?search=Web Audio API. 2021. \u201cWeb Audio API\u201d | Can I use... Support tables for HTML5, CSS3, etc. Retrieved from https:\/\/caniuse.com\/?search=Web Audio API."},{"key":"e_1_2_1_8_1","unstructured":"2021. WebGL. Retrieved from https:\/\/get.webgl.org.  2021. WebGL. Retrieved from https:\/\/get.webgl.org."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660347"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-64200-0_7"},{"key":"e_1_2_1_11_1","volume-title":"Mitchell","author":"Al-Fannah Nasser Mohammed","year":"2018","unstructured":"Nasser Mohammed Al-Fannah , Wanpeng Li , and Chris J . Mitchell . 2018 . Beyond cookie monster amnesia: Real world persistent online tracking. In Information Security, Liqun Chen, Mark Manulis, and Steve Schneider (Eds .). 481\u2013501. DOI:https:\/\/doi.org\/10.1007\/978-3-319-99136-8_26 10.1007\/978-3-319-99136-8_26 Nasser Mohammed Al-Fannah, Wanpeng Li, and Chris J. Mitchell. 2018. Beyond cookie monster amnesia: Real world persistent online tracking. In Information Security, Liqun Chen, Mark Manulis, and Steve Schneider (Eds.). 481\u2013501. DOI:https:\/\/doi.org\/10.1007\/978-3-319-99136-8_26"},{"key":"e_1_2_1_12_1","volume-title":"Too little too late: Can we control browser fingerprinting?Journal of Intellectual Capital 21, 2","author":"Al-Fannah Nasser Mohammed","year":"2020","unstructured":"Nasser Mohammed Al-Fannah and Chris Mitchell . 2020. Too little too late: Can we control browser fingerprinting?Journal of Intellectual Capital 21, 2 ( 2020 ), 165\u2013180. DOI:https:\/\/doi.org\/10.1108\/JIC-04-2019-0067 10.1108\/JIC-04-2019-0067 Nasser Mohammed Al-Fannah and Chris Mitchell. 2020. Too little too late: Can we control browser fingerprinting?Journal of Intellectual Capital 21, 2 (2020), 165\u2013180. DOI:https:\/\/doi.org\/10.1108\/JIC-04-2019-0067"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991091"},{"key":"e_1_2_1_14_1","unstructured":"Alexa Internet. 2021. Top Sites in France - Alexa. Retrieved from https:\/\/www.alexa.com\/topsites\/countries\/FR.  Alexa Internet. 2021. Top Sites in France - Alexa. Retrieved from https:\/\/www.alexa.com\/topsites\/countries\/FR."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427297"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-50399-4_16"},{"key":"e_1_2_1_17_1","unstructured":"Tompoariniaina Nampoina Andriamilanto. 2020. Leveraging Browser Fingerprinting for Web Authentication. Retrieved from https:\/\/tel.archives-ouvertes.fr\/tel-03150590.  Tompoariniaina Nampoina Andriamilanto. 2020. Leveraging Browser Fingerprinting for Web Authentication. Retrieved from https:\/\/tel.archives-ouvertes.fr\/tel-03150590."},{"key":"e_1_2_1_18_1","unstructured":"Antidetect. 2021. Antidetect. Retrieved from https:\/\/antidetect.org.  Antidetect. 2021. Antidetect. Retrieved from https:\/\/antidetect.org."},{"key":"e_1_2_1_19_1","unstructured":"The HTTP Archive. 2020. Median Loading Time of Web Pages. Retrieved from https:\/\/httparchive.org\/reports\/loading-speed#ol.  The HTTP Archive. 2020. Median Loading Time of Web Pages. Retrieved from https:\/\/httparchive.org\/reports\/loading-speed#ol."},{"key":"e_1_2_1_20_1","unstructured":"Mohammadreza Ashouri. 2019. A large-scale analysis of browser fingerprinting via chrome instrumentation. 25\u201336. Retrieved from https:\/\/www.thinkmind.org\/index.php?view=article&articleid=icimp_2019_2_20_30045.  Mohammadreza Ashouri. 2019. A large-scale analysis of browser fingerprinting via chrome instrumentation. 25\u201336. Retrieved from https:\/\/www.thinkmind.org\/index.php?view=article&articleid=icimp_2019_2_20_30045."},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3264628"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994620.2994621"},{"key":"e_1_2_1_23_1","unstructured":"Sarah Bird Vikas Mishra Steven Englehardt Rob Willoughby David Zeber Walter Rudametkin and Martin Lopatka. 2020. Actions speak louder than words: Semi-supervised learning for browser fingerprinting detection. Retrieved from https:\/\/arxiv.org\/abs\/2003.04463.  Sarah Bird Vikas Mishra Steven Englehardt Rob Willoughby David Zeber Walter Rudametkin and Martin Lopatka. 2020. Actions speak louder than words: Semi-supervised learning for browser fingerprinting detection. Retrieved from https:\/\/arxiv.org\/abs\/2003.04463."},{"key":"#cr-split#-e_1_2_1_24_1.1","doi-asserted-by":"crossref","unstructured":"C. Blakemore J. Redol and M. Correia. 2016. Fingerprinting for web applications: From devices to related groups. In IEEE Trustcom\/BigDataSE\/ISPA. 144-151. DOI:https:\/\/doi.org\/10.1109\/TrustCom.2016.0057 10.1109\/TrustCom.2016.0057","DOI":"10.1109\/TrustCom.2016.0057"},{"key":"#cr-split#-e_1_2_1_24_1.2","doi-asserted-by":"crossref","unstructured":"C. Blakemore J. Redol and M. Correia. 2016. Fingerprinting for web applications: From devices to related groups. In IEEE Trustcom\/BigDataSE\/ISPA. 144-151. DOI:https:\/\/doi.org\/10.1109\/TrustCom.2016.0057","DOI":"10.1109\/TrustCom.2016.0057"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.49"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2699390"},{"key":"e_1_2_1_27_1","volume-title":"Twente Student Conference on IT.","author":"Broenink Ralph","year":"2012","unstructured":"Ralph Broenink . 2012 . Using browser properties for fingerprinting purposes . In Twente Student Conference on IT. Ralph Broenink. 2012. Using browser properties for fingerprinting purposes. In Twente Student Conference on IT."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994459.2994467"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23152"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243860"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23357"},{"key":"e_1_2_1_32_1","unstructured":"Data Is Beautiful. 2019. Usage Share of Internet Browsers 1996\u20132019. Retrieved from https:\/\/www.youtube.com\/watch?v=es9DNe0l0Qo.  Data Is Beautiful. 2019. Usage Share of Internet Browsers 1996\u20132019. Retrieved from https:\/\/www.youtube.com\/watch?v=es9DNe0l0Qo."},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/1881151.1881152"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978313"},{"key":"#cr-split#-e_1_2_1_35_1.1","doi-asserted-by":"crossref","unstructured":"David Fifield and Serge Egelman. 2015. Fingerprinting web users through font metrics. In Financial Cryptography and Data Security (FC) Rainer B\u00f6hme and Tatsuaki Okamoto (Eds.). 107-124. DOI:https:\/\/doi.org\/10.1007\/978-3-662-47854-7_7 10.1007\/978-3-662-47854-7_7","DOI":"10.1007\/978-3-662-47854-7_7"},{"key":"#cr-split#-e_1_2_1_35_1.2","doi-asserted-by":"crossref","unstructured":"David Fifield and Serge Egelman. 2015. Fingerprinting web users through font metrics. In Financial Cryptography and Data Security (FC) Rainer B\u00f6hme and Tatsuaki Okamoto (Eds.). 107-124. DOI:https:\/\/doi.org\/10.1007\/978-3-662-47854-7_7","DOI":"10.1007\/978-3-662-47854-7_7"},{"key":"e_1_2_1_36_1","unstructured":"fingerprintjs. 2021. fingerprintjs\/fingerprintjs: Browser fingerprinting library with the highest accuracy and stability. Retrieved from https:\/\/github.com\/fingerprintjs\/fingerprintjs.  fingerprintjs. 2021. fingerprintjs\/fingerprintjs: Browser fingerprinting library with the highest accuracy and stability. Retrieved from https:\/\/github.com\/fingerprintjs\/fingerprintjs."},{"key":"e_1_2_1_37_1","unstructured":"Micro Focus. 2019. Device Fingerprinting for Low Friction Authentication. Retrieved from https:\/\/www.microfocus.com\/media\/white-paper\/device-fingerprinting-for-low-friction-authentication-wp.pdf.  Micro Focus. 2019. Device Fingerprinting for Low Friction Authentication. Retrieved from https:\/\/www.microfocus.com\/media\/white-paper\/device-fingerprinting-for-low-friction-authentication-wp.pdf."},{"key":"e_1_2_1_38_1","volume-title":"Network and Distributed System Security Symposium (NDSS).","author":"Francillon Aur\u00e9lien","year":"2011","unstructured":"Aur\u00e9lien Francillon , Boris Danev , and Srdjan Capkun . 2011 . Relay attacks on passive keyless entry and start systems in modern cars . In Network and Distributed System Security Symposium (NDSS). Retrieved from https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/2017\/09\/franc.pdf. Aur\u00e9lien Francillon, Boris Danev, and Srdjan Capkun. 2011. Relay attacks on passive keyless entry and start systems in modern cars. In Network and Distributed System Security Symposium (NDSS). Retrieved from https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/2017\/09\/franc.pdf."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIM.2005.851087"},{"key":"e_1_2_1_40_1","unstructured":"Ewa Gasperowicz. 2018. OffscreenCanvas\u2014Speed up Your Canvas Operations with a Web Worker. Retrieved from https:\/\/developers.google.com\/web\/updates\/2018\/08\/offscreen-canvas.  Ewa Gasperowicz. 2018. OffscreenCanvas\u2014Speed up Your Canvas Operations with a Web Worker. Retrieved from https:\/\/developers.google.com\/web\/updates\/2018\/08\/offscreen-canvas."},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30806-7_7"},{"key":"e_1_2_1_42_1","volume-title":"USENIX Symposium on Usable Privacy and Security (SOUPS).","author":"Golla Maximilian","year":"2018","unstructured":"Maximilian Golla , Theodor Schnitzler , and Markus D\u00fcrmuth . 2018 . \u201c Will any password do?\u201d Exploring rate-limiting on the web . In USENIX Symposium on Usable Privacy and Security (SOUPS). Maximilian Golla, Theodor Schnitzler, and Markus D\u00fcrmuth. 2018. \u201cWill any password do?\u201d Exploring rate-limiting on the web. In USENIX Symposium on Usable Privacy and Security (SOUPS)."},{"key":"e_1_2_1_43_1","unstructured":"Google. 2017. Background Tabs in Chrome 57 | Web | Google Developers. Retrieved from https:\/\/developers.google.com\/web\/updates\/2017\/03\/background_tabs#background_timer_alignment.  Google. 2017. Background Tabs in Chrome 57 | Web | Google Developers. Retrieved from https:\/\/developers.google.com\/web\/updates\/2017\/03\/background_tabs#background_timer_alignment."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3178876.3186097"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/5254.708428"},{"key":"e_1_2_1_46_1","unstructured":"Peter Hra\u0161ka. 2018. Browser Fingerprinting. Retrieved from https:\/\/virpo.sk\/browser-fingerprinting-hraska-diploma-thesis.pdf  Peter Hra\u0161ka. 2018. Browser Fingerprinting. Retrieved from https:\/\/virpo.sk\/browser-fingerprinting-hraska-diploma-thesis.pdf"},{"key":"e_1_2_1_47_1","unstructured":"Troy Hunt. 2018. Troy Hunt: 86% of Passwords are Terrible (and Other Statistics). Retrieved from https:\/\/www.troyhunt.com\/86-of-passwords-are-terrible-and-other-statistics.  Troy Hunt. 2018. Troy Hunt: 86% of Passwords are Terrible (and Other Statistics). Retrieved from https:\/\/www.troyhunt.com\/86-of-passwords-are-terrible-and-other-statistics."},{"key":"e_1_2_1_48_1","unstructured":"Amnesty International. 2018. When Best Practice Isn\u2019t Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users. Retrieved from https:\/\/www.amnesty.org\/en\/latest\/research\/2018\/12\/when-best-practice-is-not-good-enough.  Amnesty International. 2018. When Best Practice Isn\u2019t Good Enough: Large Campaigns of Phishing Attacks in Middle East and North Africa Target Privacy-Conscious Users. Retrieved from https:\/\/www.amnesty.org\/en\/latest\/research\/2018\/12\/when-best-practice-is-not-good-enough."},{"key":"e_1_2_1_49_1","volume-title":"IEEE Symposium on Security and Privacy (S&P). IEEE Computer Society, 283\u2013301","author":"Iqbal U.","year":"2021","unstructured":"U. Iqbal , S. Englehardt , and Z. Shafiq . 2021. Fingerprinting the fingerprinters: Learning to detect browser fingerprinting behaviors . In IEEE Symposium on Security and Privacy (S&P). IEEE Computer Society, 283\u2013301 . DOI:https:\/\/doi.org\/10.1109\/SP40001. 2021 .00017 10.1109\/SP40001.2021.00017 U. Iqbal, S. Englehardt, and Z. Shafiq. 2021. Fingerprinting the fingerprinters: Learning to detect browser fingerprinting behaviors. In IEEE Symposium on Security and Privacy (S&P). IEEE Computer Society, 283\u2013301. DOI:https:\/\/doi.org\/10.1109\/SP40001.2021.00017"},{"key":"e_1_2_1_50_1","volume-title":"\u201cX headers","author":"Useful","unstructured":"jonarne. 2008. Useful \u201cX headers \u201d - mobiForge. Retrieved from https:\/\/mobiforge.com\/design-development\/useful-x-headers. jonarne. 2008. Useful \u201cX headers\u201d - mobiForge. Retrieved from https:\/\/mobiforge.com\/design-development\/useful-x-headers."},{"key":"e_1_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.5555\/1214993"},{"key":"e_1_2_1_52_1","volume-title":"International Conference on Computer Science and Technology (CST). DOI:https:\/\/doi.org\/10","year":"2017","unstructured":"Nian-hua Kang, Ming-zhi Chen, Ying-yan Feng, Wei-ning Lin, Chuan-bao Liu, and Guang-yao Li. 2017 . Zero-permission mobile device identification based on the similarity of browser fingerprints . In International Conference on Computer Science and Technology (CST). DOI:https:\/\/doi.org\/10 .12783\/dtcse\/cst2017\/12531 10.12783\/dtcse Nian-hua Kang, Ming-zhi Chen, Ying-yan Feng, Wei-ning Lin, Chuan-bao Liu, and Guang-yao Li. 2017. Zero-permission mobile device identification based on the similarity of browser fingerprints. In International Conference on Computer Science and Technology (CST). DOI:https:\/\/doi.org\/10.12783\/dtcse\/cst2017\/12531"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24383"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2015.77"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2015-0027"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_3"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-62105-0_7"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3386040"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/SEAMS.2015.18"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.57"},{"key":"e_1_2_1_61_1","volume-title":"IEEE International Workshop on Measurement and Networking (M&N). 1\u20136. DOI:https:\/\/doi.org\/10","author":"Le H.","year":"2017","unstructured":"H. Le , F. Fallace , and P. Barlet-Ros . 2017. Towards accurate detection of obfuscated web tracking . In IEEE International Workshop on Measurement and Networking (M&N). 1\u20136. DOI:https:\/\/doi.org\/10 .1109\/IWMN. 2017 .8078365 10.1109\/IWMN.2017.8078365 H. Le, F. Fallace, and P. Barlet-Ros. 2017. Towards accurate detection of obfuscated web tracking. In IEEE International Workshop on Measurement and Networking (M&N). 1\u20136. DOI:https:\/\/doi.org\/10.1109\/IWMN.2017.8078365"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423614"},{"key":"e_1_2_1_63_1","unstructured":"Multilogin Software Ltd.2021. Multilogin - Replace Multiple Computers with Virtual Browser Profiles - Multilogin. Retrieved from https:\/\/multilogin.com.  Multilogin Software Ltd.2021. Multilogin - Replace Multiple Computers with Virtual Browser Profiles - Multilogin. Retrieved from https:\/\/multilogin.com."},{"key":"e_1_2_1_64_1","unstructured":"PortSwigger Ltd.2021. Burp Suite - Application Security Testing Software - PortSwigger. Retrieved from https:\/\/portswigger.net\/burp.  PortSwigger Ltd.2021. Burp Suite - Application Security Testing Software - PortSwigger. Retrieved from https:\/\/portswigger.net\/burp."},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274714"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.5555\/1557624"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313539"},{"key":"e_1_2_1_68_1","volume-title":"Network and Distributed System Security Symposium (NDSS).","author":"Markert Philipp","year":"2020","unstructured":"Philipp Markert , Maximilian Golla , Elizabeth Stobert , and Markus D\u00fcrmuth . 2020 . Work in progress: A comparative long-term study of fallback authentication . In Network and Distributed System Security Symposium (NDSS). Retrieved from https:\/\/www.ndss-symposium.org\/ndss-paper\/auto-draft-30\/. Philipp Markert, Maximilian Golla, Elizabeth Stobert, and Markus D\u00fcrmuth. 2020. Work in progress: A comparative long-term study of fallback authentication. In Network and Distributed System Security Symposium (NDSS). Retrieved from https:\/\/www.ndss-symposium.org\/ndss-paper\/auto-draft-30\/."},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/3374878"},{"key":"e_1_2_1_70_1","unstructured":"Jo\u00e3o Pedro Figueiredo Correia Rijo Mendes. 2011. noPhish\u2014Anti-phishing System using Browser Fingerprinting. Retrieved from https:\/\/estagios.dei.uc.pt\/cursos\/mei\/relatorios-de-estagio\/?id=279.  Jo\u00e3o Pedro Figueiredo Correia Rijo Mendes. 2011. noPhish\u2014Anti-phishing System using Browser Fingerprinting. Retrieved from https:\/\/estagios.dei.uc.pt\/cursos\/mei\/relatorios-de-estagio\/?id=279."},{"key":"e_1_2_1_71_1","unstructured":"Keaton Mowery and Hovav Shacham. 2012. Pixel perfect: Fingerprinting canvas in HTML5. (2012) 1\u201312. Retrieved from https:\/\/www.ieee-security.org\/TC\/W2SP\/2012\/papers\/w2sp12-final4.pdf.  Keaton Mowery and Hovav Shacham. 2012. Pixel perfect: Fingerprinting canvas in HTML5. (2012) 1\u201312. Retrieved from https:\/\/www.ieee-security.org\/TC\/W2SP\/2012\/papers\/w2sp12-final4.pdf."},{"key":"e_1_2_1_72_1","unstructured":"Mozilla. 2021. Service Worker API - Web APIs | MDN. In W2SP. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Service_Worker_API.  Mozilla. 2021. Service Worker API - Web APIs | MDN. In W2SP. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Service_Worker_API."},{"key":"e_1_2_1_73_1","unstructured":"Mozilla. 2021. WindowOrWorkerGlobalScope.setTimeout() - Web APIs | MDN. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/WindowOrWorkerGlobalScope\/setTimeout.  Mozilla. 2021. WindowOrWorkerGlobalScope.setTimeout() - Web APIs | MDN. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/WindowOrWorkerGlobalScope\/setTimeout."},{"key":"e_1_2_1_74_1","unstructured":"Mozilla and individual contributors. 2021. NavigatorPlugins.plugins - Web APIs | MDN. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/NavigatorPlugins\/plugins.  Mozilla and individual contributors. 2021. NavigatorPlugins.plugins - Web APIs | MDN. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/NavigatorPlugins\/plugins."},{"key":"e_1_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23070"},{"key":"e_1_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/2695664.2695908"},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2020-0041"},{"key":"e_1_2_1_78_1","volume-title":"Feitosa","author":"Queiroz Jordan S.","year":"2019","unstructured":"Jordan S. Queiroz and Eduardo L . Feitosa . 2019 . A web browser fingerprinting method based on the web audio API. DOI :https:\/\/doi.org\/10.1093\/comjnl\/bxy146 10.1093\/comjnl Jordan S. Queiroz and Eduardo L. Feitosa. 2019. A web browser fingerprinting method based on the web audio API. DOI:https:\/\/doi.org\/10.1093\/comjnl\/bxy146"},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2021-0004"},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313637"},{"key":"e_1_2_1_81_1","volume-title":"Fielding","author":"Reschke Julian F.","year":"2014","unstructured":"Julian F. Reschke and Roy T . Fielding . 2014 . RFC 7231 - Hypertext Transfer Protocol (HTTP\/1.1): Semantics and Content. Retrieved from https:\/\/tools.ietf.org\/html\/rfc7231#section-5.5.3. Julian F. Reschke and Roy T. Fielding. 2014. RFC 7231 - Hypertext Transfer Protocol (HTTP\/1.1): Semantics and Content. Retrieved from https:\/\/tools.ietf.org\/html\/rfc7231#section-5.5.3."},{"key":"e_1_2_1_82_1","volume-title":"Milad Bafroei, and Alireza Ejlali.","author":"Safaei Bardia","year":"2017","unstructured":"Bardia Safaei , Amir Mahdi Monazzah , Milad Bafroei, and Alireza Ejlali. 2017 . Reliability side-effects in internet of things application layer protocols. DOI:https:\/\/doi.org\/10.1109\/ICSRS.2017.8272822 10.1109\/ICSRS.2017.8272822 Bardia Safaei, Amir Mahdi Monazzah, Milad Bafroei, and Alireza Ejlali. 2017. Reliability side-effects in internet of things application layer protocols. DOI:https:\/\/doi.org\/10.1109\/ICSRS.2017.8272822"},{"key":"e_1_2_1_83_1","unstructured":"Samsung. 2015. SAMSUNG UMTS Handset UA Prof. http:\/\/wap.samsungmobile.com\/uaprof\/SM-B550H.xml.  Samsung. 2015. SAMSUNG UMTS Handset UA Prof. http:\/\/wap.samsungmobile.com\/uaprof\/SM-B550H.xml."},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23155"},{"key":"e_1_2_1_85_1","unstructured":"SecureAuth. 2020. Device \/ Browser Fingerprinting - Heuristic-based Authentication. Retrieved from https:\/\/docs.secureauth.com\/pages\/viewpage.action?pageId=33063454.  SecureAuth. 2020. Device \/ Browser Fingerprinting - Heuristic-based Authentication. Retrieved from https:\/\/docs.secureauth.com\/pages\/viewpage.action?pageId=33063454."},{"key":"e_1_2_1_86_1","doi-asserted-by":"publisher","DOI":"10.1145\/3029806.3029820"},{"key":"e_1_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/2751323.2751329"},{"key":"e_1_2_1_88_1","doi-asserted-by":"crossref","unstructured":"Jan Spooren Davy Preuveneers and Wouter Joosen. 2017. Leveraging battery usage from mobile devices for active authentication. DOI:https:\/\/doi.org\/10.1155\/2017\/1367064    10.1155\/2017\nJan Spooren Davy Preuveneers and Wouter Joosen. 2017. Leveraging battery usage from mobile devices for active authentication. DOI:https:\/\/doi.org\/10.1155\/2017\/1367064","DOI":"10.1155\/2017\/1367064"},{"key":"e_1_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.18"},{"key":"e_1_2_1_90_1","unstructured":"StatCounter. 2017. Browser Market Share Worldwide | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/browser-market-share\/all\/worldwide\/2017.  StatCounter. 2017. Browser Market Share Worldwide | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/browser-market-share\/all\/worldwide\/2017."},{"key":"e_1_2_1_91_1","unstructured":"StatCounter. 2017. Operating System Market Share Worldwide | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/os-market-share\/all\/worldwide\/2017.  StatCounter. 2017. Operating System Market Share Worldwide | StatCounter Global Stats. Retrieved from https:\/\/gs.statcounter.com\/os-market-share\/all\/worldwide\/2017."},{"key":"e_1_2_1_92_1","volume-title":"International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS). 520\u2013524","author":"Takasu K.","year":"2015","unstructured":"K. Takasu , T. Saito , T. Yamada , and T. Ishikawa . 2015. A survey of hardware features in modern browsers: 2015 edition . In International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS). 520\u2013524 . DOI:https:\/\/doi.org\/10.1109\/IMIS. 2015 .72. 10.1109\/IMIS.2015.72 K. Takasu, T. Saito, T. Yamada, and T. Ishikawa. 2015. A survey of hardware features in modern browsers: 2015 edition. In International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS). 520\u2013524. DOI:https:\/\/doi.org\/10.1109\/IMIS.2015.72."},{"key":"e_1_2_1_93_1","volume-title":"International Conference on Advances on Broadband and Wireless Computing, Communication and Applications (BWCCA), Leonard Barolli, Fang-Yie Leu, Tomoya Enokido, and Hsing-Chung Chen (Eds.). 671\u2013681","author":"Tanabe Kazuhisa","year":"2018","unstructured":"Kazuhisa Tanabe , Ryohei Hosoya , and Takamichi Saito . 2018 . Combining features in browser fingerprinting . In International Conference on Advances on Broadband and Wireless Computing, Communication and Applications (BWCCA), Leonard Barolli, Fang-Yie Leu, Tomoya Enokido, and Hsing-Chung Chen (Eds.). 671\u2013681 . DOI:https:\/\/doi.org\/10.1007\/978-3-030-02613-4_60. 10.1007\/978-3-030-02613-4_60 Kazuhisa Tanabe, Ryohei Hosoya, and Takamichi Saito. 2018. Combining features in browser fingerprinting. In International Conference on Advances on Broadband and Wireless Computing, Communication and Applications (BWCCA), Leonard Barolli, Fang-Yie Leu, Tomoya Enokido, and Hsing-Chung Chen (Eds.). 671\u2013681. DOI:https:\/\/doi.org\/10.1007\/978-3-030-02613-4_60."},{"key":"e_1_2_1_94_1","unstructured":"Adobe Communications Team. 2017. Flash & the Future of Interactive Content. Retrieved from https:\/\/blog.adobe.com\/en\/publish\/2017\/07\/25\/adobe-flash-update.html.  Adobe Communications Team. 2017. Flash & the Future of Interactive Content. Retrieved from https:\/\/blog.adobe.com\/en\/publish\/2017\/07\/25\/adobe-flash-update.html."},{"key":"e_1_2_1_95_1","unstructured":"The Carat Team. 2021. Carat Project Statistics. http:\/\/carat.cs.helsinki.fi\/statistics.  The Carat Team. 2021. Carat Project Statistics. http:\/\/carat.cs.helsinki.fi\/statistics."},{"key":"e_1_2_1_96_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134067"},{"key":"e_1_2_1_97_1","unstructured":"Henning Tillmann. 2014. Browser Fingerprinting: 93% of all user configurations are unique | Henning Tillmann. Retrieved from https:\/\/www.henning-tillmann.de\/en\/2014\/05\/browser-fingerprinting-93-of-all-user-configurations-are-unique.  Henning Tillmann. 2014. Browser Fingerprinting: 93% of all user configurations are unique | Henning Tillmann. Retrieved from https:\/\/www.henning-tillmann.de\/en\/2014\/05\/browser-fingerprinting-93-of-all-user-configurations-are-unique."},{"key":"e_1_2_1_98_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24177-7_1"},{"key":"e_1_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2013.33"},{"key":"e_1_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1145\/2785989.2786002"},{"key":"e_1_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00008"},{"key":"e_1_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.14722\/madweb.2020.23010"},{"key":"e_1_2_1_103_1","unstructured":"Rick Waldron. 2021. Generic Sensor API. Retrieved from https:\/\/www.w3.org\/TR\/2021\/CRD-generic-sensor-20210619.  Rick Waldron. 2021. Generic Sensor API. Retrieved from https:\/\/www.w3.org\/TR\/2021\/CRD-generic-sensor-20210619."},{"key":"e_1_2_1_104_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978339"},{"key":"e_1_2_1_105_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22312-0_10"},{"key":"e_1_2_1_106_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2016.2626395"},{"key":"e_1_2_1_107_1","doi-asserted-by":"publisher","DOI":"10.1108\/09685220410518883"}],"container-title":["ACM Transactions on the Web"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3478026","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3478026","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:31:32Z","timestamp":1750188692000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3478026"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,9,28]]},"references-count":109,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2022,2,28]]}},"alternative-id":["10.1145\/3478026"],"URL":"https:\/\/doi.org\/10.1145\/3478026","relation":{},"ISSN":["1559-1131","1559-114X"],"issn-type":[{"value":"1559-1131","type":"print"},{"value":"1559-114X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,9,28]]},"assertion":[{"value":"2020-06-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-07-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-09-28","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}