{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T00:29:36Z","timestamp":1766449776609},"reference-count":112,"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","issue":"2","license":[{"start":{"date-parts":[[2022,3,3]],"date-time":"2022-03-03T00:00:00Z","timestamp":1646265600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/3.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,4,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Browser fingerprinting is a stateless tracking technique that aims to combine information exposed by multiple different web APIs to create a unique identifier for tracking users across the web. Over the last decade, trackers have abused several existing and newly proposed web APIs to further enhance the browser fingerprint. Existing approaches are limited to detecting a specific fingerprinting technique(s) at a particular point in time. Thus, they are unable to systematically detect novel fingerprinting techniques that abuse different web APIs. In this paper, we propose FP-R<jats:sc>adar<\/jats:sc>, a machine learning approach that leverages longitudinal measurements of web API usage on top-100K websites over the last decade for early detection of new and evolving browser fingerprinting techniques. The results show that FP-R<jats:sc>adar<\/jats:sc> is able to early detect the abuse of newly introduced properties of already known (e.g., <jats:monospace>WebGL<\/jats:monospace>, <jats:monospace>Sensor<\/jats:monospace>) and as well as previously unknown (e.g., <jats:monospace>Gamepad<\/jats:monospace>, <jats:monospace>Clipboard<\/jats:monospace>) APIs for browser fingerprinting. To the best of our knowledge, FP-R<jats:sc>adar<\/jats:sc> is the first to detect the abuse of the <jats:monospace>Visibility <\/jats:monospace>API for ephemeral fingerprinting in the wild.<\/jats:p>","DOI":"10.2478\/popets-2022-0056","type":"journal-article","created":{"date-parts":[[2022,3,5]],"date-time":"2022-03-05T04:28:17Z","timestamp":1646454497000},"page":"557-577","source":"Crossref","is-referenced-by-count":16,"title":["FP-Radar: Longitudinal Measurement and Early Detection of Browser Fingerprinting"],"prefix":"10.56553","volume":"2022","author":[{"given":"Pouneh Nikkhah","family":"Bahrami","sequence":"first","affiliation":[{"name":"University of California , Davis"}]},{"given":"Umar","family":"Iqbal","sequence":"additional","affiliation":[{"name":"University of Washington"}]},{"given":"Zubair","family":"Shafiq","sequence":"additional","affiliation":[{"name":"University of California , Davis"}]}],"member":"35752","published-online":{"date-parts":[[2022,3,3]]},"reference":[{"key":"2022060209292548839_j_popets-2022-0056_ref_001","unstructured":"[1] Modern & flexible browser fingerprinting library. https:\/\/github.com\/Valve\/fingerprintjs2."},{"key":"2022060209292548839_j_popets-2022-0056_ref_002","doi-asserted-by":"crossref","unstructured":"[2] G. Acar, C. Eubank, S. Englehardt, M. Juarez, A. Narayanan, and C. Diaz. The Web Never Forgets: Persistent Tracking Mechanisms in the Wild. In CCS, 2014.10.1145\/2660267.2660347","DOI":"10.1145\/2660267.2660347"},{"key":"2022060209292548839_j_popets-2022-0056_ref_003","doi-asserted-by":"crossref","unstructured":"[3] G. Acar, M. Juarez, N. Nikiforakis, C. Diaz, S. G\u00fcrses, F. Piessens, and B. Preneel. FPDetective: dusting the web for fingerprinters. In ACM CCS, 2013.10.1145\/2508859.2516674","DOI":"10.1145\/2508859.2516674"},{"key":"2022060209292548839_j_popets-2022-0056_ref_004","doi-asserted-by":"crossref","unstructured":"[4] F. Alaca and P. van Oorschot. Device Fingerprinting for Augmenting Web Authentication: Classification and Analysis of Methods. In ACSAC, 2016.10.1145\/2991079.2991091","DOI":"10.1145\/2991079.2991091"},{"key":"2022060209292548839_j_popets-2022-0056_ref_005","doi-asserted-by":"crossref","unstructured":"[5] P. Baumann, S. Katzenbeisser, M. Stopczynski, and E. Tews. Disguised Chromium Browser: Robust Browser, Flash and Canvas Fingerprinting Protection. In ACM on Workshop on Privacy in the Electronic Society, 2016.10.1145\/2994620.2994621","DOI":"10.1145\/2994620.2994621"},{"key":"2022060209292548839_j_popets-2022-0056_ref_006","doi-asserted-by":"crossref","unstructured":"[6] V. D. Blondel, J.-L. Guillaume, R. Lambiotte, and E. Lefebvre. Fast unfolding of communities in large networks. Journal of statistical mechanics: theory and experiment, 2008(10):P10008, 2008.10.1088\/1742-5468\/2008\/10\/P10008","DOI":"10.1088\/1742-5468\/2008\/10\/P10008"},{"key":"2022060209292548839_j_popets-2022-0056_ref_007","unstructured":"[7] H. Bojinov, Y. Michalevsky, G. Nakibly, and D. Boneh. Mobile Device Identification via Sensor Fingerprinting. arXiv preprint arXiv:1408.1416, 2014."},{"key":"2022060209292548839_j_popets-2022-0056_ref_008","unstructured":"[8] L. Breiman. Random Forests. In Machine learning, 2001."},{"key":"2022060209292548839_j_popets-2022-0056_ref_009","doi-asserted-by":"crossref","unstructured":"[9] J. F. Brunelle, M. Kelly, H. SalahEldeen, M. C. Weigle, and M. L. Nelson. Not all mementos are created equal: Measuring the impact of missing resources. International Journal on Digital Libraries, 16(3):283\u2013301, 2015.","DOI":"10.1007\/s00799-015-0150-6"},{"key":"2022060209292548839_j_popets-2022-0056_ref_010","unstructured":"[10] WebRTC Internal IP Address Leakage. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=959893."},{"key":"2022060209292548839_j_popets-2022-0056_ref_011","unstructured":"[11] Remove web content access to Battery API. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1313580, 2016."},{"key":"2022060209292548839_j_popets-2022-0056_ref_012","unstructured":"[12] Bug 1372072 - Neutralize the threat of fingerprinting of network information API When \u2019privacy.resistFingerprinting\u2019 is true. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1372072, 2017."},{"key":"2022060209292548839_j_popets-2022-0056_ref_013","doi-asserted-by":"crossref","unstructured":"[13] E. B\u00fct\u00fcn, M. Kaya, and R. Alhajj. Extension of neighbor-based link prediction methods for directed, weighted and temporal social networks. Information Sciences, 463:152\u2013165, 2018.10.1016\/j.ins.2018.06.051","DOI":"10.1016\/j.ins.2018.06.051"},{"key":"2022060209292548839_j_popets-2022-0056_ref_014","unstructured":"[14] M. Caceres. Securing Gamepad API. https:\/\/hacks.mozilla.org\/2020\/07\/securing-gamepad-api\/, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_015","unstructured":"[15] D. Cameron. Apple Declares War on Browser Fingerprinting, the Sneaky Tactic That Tracks You in Incognito Mode. https:\/\/gizmodo.com\/apple-declares-war-on-browser-fingerprinting-the-sneak-1826549108."},{"key":"2022060209292548839_j_popets-2022-0056_ref_016","doi-asserted-by":"crossref","unstructured":"[16] Y. Cao, S. Li, and E. Wijmans. (Cross-) browser fingerprinting via OS and hardware level features. In NDSS, 2017.10.14722\/ndss.2017.23152","DOI":"10.14722\/ndss.2017.23152"},{"key":"2022060209292548839_j_popets-2022-0056_ref_017","doi-asserted-by":"crossref","unstructured":"[17] A. Das, G. Acar, N. Borisov, and A. Pradeep. The Web\u2019s Sixth Sense:A Study of Scripts Accessing Smartphone Sensors. In CCS, 2018.10.1145\/3243734.3243860","DOI":"10.1145\/3243734.3243860"},{"key":"2022060209292548839_j_popets-2022-0056_ref_018","unstructured":"[18] DuckDuckGo\u2019s Tracker Radar. https:\/\/github.com\/duckduckgo\/tracker-radar\/blob\/3c82647d3a5ea16ab6408cad2a52ba4b72f66637\/docs\/FAQ.md."},{"key":"2022060209292548839_j_popets-2022-0056_ref_019","unstructured":"[19] DuckDuckGo\u2019s Tracker Radar Detected Fingerprinting APIs. https:\/\/github.com\/duckduckgo\/tracker-radar\/blob\/main\/build-data\/generated\/api_fingerprint_weights.json."},{"key":"2022060209292548839_j_popets-2022-0056_ref_020","unstructured":"[20] J. G. Dean Jackson. WebGL 2 Specification. https:\/\/www.khronos.org\/registry\/webgl\/specs\/2.0\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_021","unstructured":"[21] J. G. Dean Jackson. WebGL specification. https:\/\/www.khronos.org\/registry\/webgl\/specs\/latest\/1.0."},{"key":"2022060209292548839_j_popets-2022-0056_ref_022","unstructured":"[22] Disconnect tracking protection lists. https:\/\/disconnect.me\/trackerprotection."},{"key":"2022060209292548839_j_popets-2022-0056_ref_023","unstructured":"[23] N. Doty. W3C Fingerprinting Guidance. https:\/\/w3c.github.io\/fingerprinting-guidance."},{"key":"2022060209292548839_j_popets-2022-0056_ref_024","doi-asserted-by":"crossref","unstructured":"[24] P. Eckersley. How unique is your web browser? In International Symposium on Privacy Enhancing Technologies Symposium, 2010.10.1007\/978-3-642-14527-8_1","DOI":"10.1007\/978-3-642-14527-8_1"},{"key":"2022060209292548839_j_popets-2022-0056_ref_025","doi-asserted-by":"crossref","unstructured":"[25] S. Englehardt and A. Narayanan. Online Tracking: A 1-million-site Measurement and Analysis. In ACM Conference on Computer and Communications Security (CCS), 2016.10.1145\/2976749.2978313","DOI":"10.1145\/2976749.2978313"},{"key":"2022060209292548839_j_popets-2022-0056_ref_026","doi-asserted-by":"crossref","unstructured":"[26] A. FaizKhademi, M. Zulkernine, and K. Weldemariam. Fp-guard: Detection and prevention of browser fingerprinting. In IFIP Annual Conference on Data and Applications Security and Privacy, 2015.10.1007\/978-3-319-20810-7_21","DOI":"10.1007\/978-3-319-20810-7_21"},{"key":"2022060209292548839_j_popets-2022-0056_ref_027","doi-asserted-by":"crossref","unstructured":"[27] D. Fifield and S. Egelman. Fingerprinting web users through font metrics. In International Conference on Financial Cryptography and Data Security, pages 107\u2013124. Springer, 2015.10.1007\/978-3-662-47854-7_7","DOI":"10.1007\/978-3-662-47854-7_7"},{"key":"2022060209292548839_j_popets-2022-0056_ref_028","unstructured":"[28] G. A. Fowler. Think you\u2019re anonymous online? A third of popular websites are \u2019fingerprinting\u2019 you. https:\/\/www.washingtonpost.com\/technology\/2019\/10\/31\/think-youre-anonymous-online-third-popular-websites-are-fingerprinting-you\/, 2019."},{"key":"2022060209292548839_j_popets-2022-0056_ref_029","unstructured":"[29] E. Gasperowicz. OffscreenCanvas \u2014 Speed up Your Canvas Operations with a Web Worker. https:\/\/developers.google.com\/web\/updates\/2018\/08\/offscreen-canvas, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_030","unstructured":"[30] M. Graham. robots.txt meant for search engines don\u2019t work well for web archives. https:\/\/blog.archive.org\/2017\/04\/17\/robots-txt-meant-for-search-engines-dont-work-well-for-web-archives\/, 2017."},{"key":"2022060209292548839_j_popets-2022-0056_ref_031","unstructured":"[31] I. Grigorik. Quickstart guide to exploring the HTTP Archive. https:\/\/discuss.httparchive.org\/t\/quickstart-guide-to-exploring-the-http-archive\/682."},{"key":"2022060209292548839_j_popets-2022-0056_ref_032","unstructured":"[32] I. Grigorik. Network Information API. https:\/\/wicg.github.io\/netinfo\/, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_033","doi-asserted-by":"crossref","unstructured":"[33] A. Grover and J. Leskovec. node2vec: Scalable feature learning for networks. In KDD, 2016.10.1145\/2939672.2939754510865427853626","DOI":"10.1145\/2939672.2939754"},{"key":"2022060209292548839_j_popets-2022-0056_ref_034","unstructured":"[34] N. H. Hashim, J. Murphy, and P. O\u2019Connor. Take me back: Validating the wayback machine as a measure of website evolution. In Information and Communication Technologies in Tourism 2007, 2007."},{"key":"2022060209292548839_j_popets-2022-0056_ref_035","unstructured":"[35] A. Herath. Ephemeral Fingerprinting On The Web. https:\/\/github.com\/asankah\/ephemeral-fingerprinting, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_036","unstructured":"[36] I. Hickson. Web Workers. https:\/\/www.w3.org\/TR\/2009\/WD-workers-20090423, 2009."},{"key":"2022060209292548839_j_popets-2022-0056_ref_037","unstructured":"[37] W. Hsieh. Async Clipboard API. https:\/\/webkit.org\/blog\/10855\/async-clipboard-api, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_038","unstructured":"[38] HTTP Archive. https:\/\/httparchive.org\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_039","unstructured":"[39] HTTP Archive Data. https:\/\/github.com\/HTTPArchive\/httparchive.org\/blob\/main\/docs\/gettingstarted_bigquery.md#understanding-how-the-tables-are-structured."},{"key":"2022060209292548839_j_popets-2022-0056_ref_040","unstructured":"[40] J. M. Ilya Grigorik, James Simonsen. High Resolution Time Level 3. https:\/\/www.w3.org\/TR\/2016\/WD-hr-time-3-20161031\/#privacy-security, 2016."},{"key":"2022060209292548839_j_popets-2022-0056_ref_041","doi-asserted-by":"crossref","unstructured":"[41] U. Iqbal, S. Englehardt, and Z. Shafiq. Fingerprinting the Fingerprinters: Learning to Detect Browser Fingerprinting Behaviors. In Proceedings of the IEEE Symposium on Security & Privacy, 2021.10.1109\/SP40001.2021.00017","DOI":"10.1109\/SP40001.2021.00017"},{"key":"2022060209292548839_j_popets-2022-0056_ref_042","doi-asserted-by":"crossref","unstructured":"[42] U. Iqbal, Z. Shafiq, and Z. Qian. The Ad Wars: Retrospective Measurement and Analysis of Anti-Adblock Filter Lists. In IMC, 2017.10.1145\/3131365.3131387","DOI":"10.1145\/3131365.3131387"},{"key":"2022060209292548839_j_popets-2022-0056_ref_043","doi-asserted-by":"crossref","unstructured":"[43] U. Iqbal, P. Snyder, S. Zhu, B. Livshits, Z. Qian, and Z. Shafiq. AdGraph: A Graph-Based Approach to Ad and Tracker Blocking. In Proceedings of the IEEE Symposium on Security & Privacy, 2020.10.1109\/SP40000.2020.00005","DOI":"10.1109\/SP40000.2020.00005"},{"key":"2022060209292548839_j_popets-2022-0056_ref_044","unstructured":"[44] A. J. Jatinder Mann. Page Visibility. https:\/\/www.w3.org\/TR\/2011\/WD-page-visibility-20110602\/, 2011."},{"key":"2022060209292548839_j_popets-2022-0056_ref_045","unstructured":"[45] Z. W. Jatinder Mann. Performance Timeline. https:\/\/www.w3.org\/TR\/2011\/WD-performance-timeline-20110811\/, 2011."},{"key":"2022060209292548839_j_popets-2022-0056_ref_046","doi-asserted-by":"crossref","unstructured":"[46] John Ross Quinlan. Induction of decision trees. Kluwer Academic Publisher, 1986.10.1007\/BF00116251","DOI":"10.1007\/BF00116251"},{"key":"2022060209292548839_j_popets-2022-0056_ref_047","doi-asserted-by":"crossref","unstructured":"[47] M. Kelly, J. F. Brunelle, M. C. Weigle, and M. L. Nelson. On the change in archivability of websites over time. In International Conference on Theory and Practice of Digital Libraries, pages 35\u201347. Springer, 2013.10.1007\/978-3-642-40501-3_5","DOI":"10.1007\/978-3-642-40501-3_5"},{"key":"2022060209292548839_j_popets-2022-0056_ref_048","unstructured":"[48] Khronos releases Final WebGL 1.0 specification. https:\/\/www.khronos.org\/news\/press\/khronos-releases-final-webgl-1.0-specification, 2011."},{"key":"2022060209292548839_j_popets-2022-0056_ref_049","unstructured":"[49] A. Kostiainen. Battery status event specification. https:\/\/www.w3.org\/TR\/2011\/WD-battery-status-20110426\/, 2011."},{"key":"2022060209292548839_j_popets-2022-0056_ref_050","unstructured":"[50] M. Lamouri. The Network Information API. https:\/\/www.w3.org\/TR\/2012\/WD-netinfo-api-20121129\/#security-and-privacy-considerations, 2012."},{"key":"2022060209292548839_j_popets-2022-0056_ref_051","unstructured":"[51] M. Lamouri. The Network Information API. https:\/\/dvcs.w3.org\/hg\/dap\/raw-file\/tip\/network-api\/Overview.html, 2014."},{"key":"2022060209292548839_j_popets-2022-0056_ref_052","doi-asserted-by":"crossref","unstructured":"[52] P. Laperdrix, G. Avoine, B. Baudry, and N. Nikiforakis. Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), 2019.10.1007\/978-3-030-22038-9_3","DOI":"10.1007\/978-3-030-22038-9_3"},{"key":"2022060209292548839_j_popets-2022-0056_ref_053","doi-asserted-by":"crossref","unstructured":"[53] P. Laperdrix, B. Baudry, and V. Mishra. Fprandom: Randomizing core browser objects to break advanced device fingerprinting techniques. In International Symposium on Engineering Secure Software and Systems, pages 97\u2013114. Springer, 2017.10.1007\/978-3-319-62105-0_7","DOI":"10.1007\/978-3-319-62105-0_7"},{"key":"2022060209292548839_j_popets-2022-0056_ref_054","doi-asserted-by":"crossref","unstructured":"[54] P. Laperdrix, N. Bielova, B. Baudry, and G. Avoine. Browser fingerprinting: A survey. ACM Transactions on the Web, 2020.10.1145\/3386040","DOI":"10.1145\/3386040"},{"key":"2022060209292548839_j_popets-2022-0056_ref_055","unstructured":"[55] A. B. Lassey. Combating Fingerprinting with a Privacy Budget Explainer. https:\/\/github.com\/bslassey\/privacy-budget."},{"key":"2022060209292548839_j_popets-2022-0056_ref_056","unstructured":"[56] A. Lerner, A. K. Simpson, T. Kohno, and F. Roesner. Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016. In USENIX Security Symposium, 2016."},{"key":"2022060209292548839_j_popets-2022-0056_ref_057","unstructured":"[57] J. R. Mayer. Any person... a pamphleteer\u201d: Internet anonymity in the age of web 2.0. Undergraduate Senior Thesis, Princeton University, page 85, 2009."},{"key":"2022060209292548839_j_popets-2022-0056_ref_058","unstructured":"[58] CanvasRenderingContext2D.font. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/CanvasRenderingContext2D\/font."},{"key":"2022060209292548839_j_popets-2022-0056_ref_059","unstructured":"[59] Clipboard API. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Clipboard_API."},{"key":"2022060209292548839_j_popets-2022-0056_ref_060","unstructured":"[60] DeviceMotionEvent. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/DeviceMotionEvent."},{"key":"2022060209292548839_j_popets-2022-0056_ref_061","unstructured":"[61] HTMLElement.style. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/HTMLElement\/style."},{"key":"2022060209292548839_j_popets-2022-0056_ref_062","unstructured":"[62] Navigator - Web APIs: MDN. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Navigator."},{"key":"2022060209292548839_j_popets-2022-0056_ref_063","unstructured":"[63] Network Information API - Web APIs: MDN. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Network_Information_API."},{"key":"2022060209292548839_j_popets-2022-0056_ref_064","unstructured":"[64] PerformancePaintTiming. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/PerformancePaintTiming."},{"key":"2022060209292548839_j_popets-2022-0056_ref_065","unstructured":"[65] Sensor APIs. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Sensor_APIs."},{"key":"2022060209292548839_j_popets-2022-0056_ref_066","unstructured":"[66] TouchEvent. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/TouchEvent."},{"key":"2022060209292548839_j_popets-2022-0056_ref_067","unstructured":"[67] Touch Events Specification. https:\/\/www.w3.org\/TR\/2011\/WD-touch-events-20110505, 2011."},{"key":"2022060209292548839_j_popets-2022-0056_ref_068","unstructured":"[68] Battery Status API removed from Firefox. https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Firefox\/Releases\/52#other_apis, 2016."},{"key":"2022060209292548839_j_popets-2022-0056_ref_069","unstructured":"[69] MDN Web APIs., https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API."},{"key":"2022060209292548839_j_popets-2022-0056_ref_070","doi-asserted-by":"crossref","unstructured":"[70] G. Merzdovnik, M. Huber, D. Buhov, N. Nikiforakis, S. Neuner, M. Schmiedecker, and E. Weippl. Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools. In IEEE European Symposium on Security and Privacy, 2017.10.1109\/EuroSP.2017.26","DOI":"10.1109\/EuroSP.2017.26"},{"key":"2022060209292548839_j_popets-2022-0056_ref_071","unstructured":"[71] K. Mowery, D. Bogenreif, S. Yilek, and H. Shacham. Fingerprinting information in javascript implementations. In Web 2.0 Workshop on Security and Privacy (W2SP), 2011."},{"key":"2022060209292548839_j_popets-2022-0056_ref_072","unstructured":"[72] K. Mowery and H. Shacham. Pixel perfect: Fingerprinting canvas in html5. Proceedings of W2SP, 2012."},{"key":"2022060209292548839_j_popets-2022-0056_ref_073","unstructured":"[73] How to block fingerprinting with Firefox. https:\/\/blog.mozilla.org\/firefox\/how-to-block-fingerprinting-with-firefox\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_074","unstructured":"[74] Removing the Battery Status API? https:\/\/groups.google.com\/g\/mozilla.dev.platform\/c\/5U8NHoUY-1k\/m\/9ybyzQIYCAAJ?pli=1, 2016."},{"key":"2022060209292548839_j_popets-2022-0056_ref_075","doi-asserted-by":"crossref","unstructured":"[75] Nick Nikiforakis and Wouter Joosen and Benjamin Livshits. PriVaricator: Deceiving Fingerprinters with Little White Lies. In WWW, 2015.10.1145\/2736277.2741090","DOI":"10.1145\/2736277.2741090"},{"key":"2022060209292548839_j_popets-2022-0056_ref_076","doi-asserted-by":"crossref","unstructured":"[76] N. Nikiforakis, A. Kapravelos, W. Joosen, C. Kruegel, F. Piessens, and G. Vigna. Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In 2013 IEEE Symposium on Security and Privacy, pages 541\u2013555. IEEE, 2013.10.1109\/SP.2013.43","DOI":"10.1109\/SP.2013.43"},{"key":"2022060209292548839_j_popets-2022-0056_ref_077","unstructured":"[77] M. Nottingham. Unsanctioned Web Tracking. https:\/\/www.w3.org\/2001\/tag\/doc\/unsanctioned-tracking\/, 2015."},{"key":"2022060209292548839_j_popets-2022-0056_ref_078","doi-asserted-by":"crossref","unstructured":"[78] L. Olejnik, G. Acar, C. Castelluccia, and C. Diaz. The leaking battery: A privacy analysis of the HTML5 Battery Status API. In Proceedings of the 10th International Workshop Data Privacy Management, and Security Assurance, 2015.10.1007\/978-3-319-29883-2_18","DOI":"10.1007\/978-3-319-29883-2_18"},{"key":"2022060209292548839_j_popets-2022-0056_ref_079","unstructured":"[79] L. Olejnik, S. Englehardt, and A. Narayanan. Battery Status Not Included: Assessing Privacy in Web Standards. In International Workshop on Privacy Engineering, 2017."},{"key":"2022060209292548839_j_popets-2022-0056_ref_080","doi-asserted-by":"crossref","unstructured":"[80] B. Perozzi, R. Al-Rfou, and S. Skiena. Deepwalk: Online learning of social representations. In KDD, 2014.10.1145\/2623330.2623732","DOI":"10.1145\/2623330.2623732"},{"key":"2022060209292548839_j_popets-2022-0056_ref_081","unstructured":"[81] M. Perry, E. Clark, S. Murdoch, and G. Koppen. Fingerprinting defenses in the tor browser. https:\/\/www.torproject.org\/projects\/torbrowser\/design\/#fingerprinting-defenses."},{"key":"2022060209292548839_j_popets-2022-0056_ref_082","unstructured":"[82] A. Popescu. geolocation api specification. https:\/\/www.w3.org\/TR\/2008\/WD-geolocation-API-20081222\/, 2008."},{"key":"2022060209292548839_j_popets-2022-0056_ref_083","unstructured":"[83] Princeton Web Transparency & Accountability Project. https:\/\/webtap.princeton.edu\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_084","doi-asserted-by":"crossref","unstructured":"[84] M. Pusara and C. E. Brodley. User re-authentication via mouse movements. In 2004 ACM workshop on Visualization and data mining for computer security, 2004.10.1145\/1029208.1029210","DOI":"10.1145\/1029208.1029210"},{"key":"2022060209292548839_j_popets-2022-0056_ref_085","doi-asserted-by":"crossref","unstructured":"[85] N. Reitinger and M. L. Mazurek. Ml-cb: Machine learning canvas block. Proceedings on Privacy Enhancing Technologies, 2021.10.2478\/popets-2021-0056","DOI":"10.2478\/popets-2021-0056"},{"key":"2022060209292548839_j_popets-2022-0056_ref_086","doi-asserted-by":"crossref","unstructured":"[86] V. Rizzo, S. Traverso, and M. Mellia. Unveiling web fingerprinting in the wild via code mining and machine learning. PETS, 2021.10.2478\/popets-2021-0004","DOI":"10.2478\/popets-2021-0004"},{"key":"2022060209292548839_j_popets-2022-0056_ref_087","doi-asserted-by":"crossref","unstructured":"[87] T. Saito, K. Yasuda, K. Tanabe, and K. Takahashi. Web browser tampering: inspecting cpu features from side-channel information. In International Conference on Broadband and Wireless Computing, Communication and Applications, 2017.10.1007\/978-3-319-69811-3_36","DOI":"10.1007\/978-3-319-69811-3_36"},{"key":"2022060209292548839_j_popets-2022-0056_ref_088","doi-asserted-by":"crossref","unstructured":"[88] I. Sanchez-Rola, I. Santos, and D. Balzarotti. Clock around the clock: Time-based device fingerprinting. In ACM CCS, 2018.10.1145\/3243734.3243796","DOI":"10.1145\/3243734.3243796"},{"key":"2022060209292548839_j_popets-2022-0056_ref_089","doi-asserted-by":"crossref","unstructured":"[89] S. Sarker, J. Jueckstock, and A. Kapravelos. Hiding in Plain Site: Detecting JavaScript Obfuscation through Concealed Browser API Usage. In ACM Internet Measurement Conference (IMC), 2020.10.1145\/3419394.3423616","DOI":"10.1145\/3419394.3423616"},{"key":"2022060209292548839_j_popets-2022-0056_ref_090","unstructured":"[90] J. Schuh. Building a more private web: A path towards making third party cookies obsolete. https:\/\/blog.chromium.org\/2020\/01\/building-more-private-web-path-towards.html, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_091","unstructured":"[91] T. M. Scott Graham. Gamepad. https:\/\/www.w3.org\/TR\/2014\/WD-gamepad-20140225."},{"key":"2022060209292548839_j_popets-2022-0056_ref_092","doi-asserted-by":"crossref","unstructured":"[92] M. Shahzad, A. X. Liu, and A. Samuel. Secure unlocking of mobile touch screen devices by simple gestures: You can see it but you can not do it. In Proceedings of the 19th annual international conference on Mobile computing & networking, 2013.10.1145\/2500423.2500434","DOI":"10.1145\/2500423.2500434"},{"key":"2022060209292548839_j_popets-2022-0056_ref_093","doi-asserted-by":"crossref","unstructured":"[93] P. Skolka, C.-A. Staicu, and M. Pradel. Anything to Hide? Studying Minified and Obfuscated Code in the Web. In World Wide Web (WWW) Conference, 2019.10.1145\/3308558.3313752","DOI":"10.1145\/3308558.3313752"},{"key":"2022060209292548839_j_popets-2022-0056_ref_094","unstructured":"[94] Apple Declined To Implement 16 Web APIs in Safari Due To Privacy Concerns. https:\/\/apple.slashdot.org\/story\/20\/06\/29\/1456247\/apple-declined-to-implement-16-web-apis-in-safari-due-to-privacy-concerns, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_095","doi-asserted-by":"crossref","unstructured":"[95] P. Snyder, L. Ansari, C. Taylor, and C. Kanich. Browser feature usage on the modern web. In Proceedings of the 2016 Internet Measurement Conference, 2016.10.1145\/2987443.2987466","DOI":"10.1145\/2987443.2987466"},{"key":"2022060209292548839_j_popets-2022-0056_ref_096","doi-asserted-by":"crossref","unstructured":"[96] O. Starov and N. Nikiforakis. Xhound: Quantifying the fingerprintability of browser extensions. In 2017 IEEE Symposium on Security and Privacy (SP), pages 941\u2013956. IEEE, 2017.10.1109\/SP.2017.18","DOI":"10.1109\/SP.2017.18"},{"key":"2022060209292548839_j_popets-2022-0056_ref_097","unstructured":"[97] H. R. M. Steen. Clipboard API and events. https:\/\/www.w3.org\/TR\/2015\/WD-clipboard-apis-20151215\/, 2015."},{"key":"2022060209292548839_j_popets-2022-0056_ref_098","doi-asserted-by":"crossref","unstructured":"[98] H. M. Thang, V. Q. Viet, N. D. Thuc, and D. Choi. Gait identification using accelerometer on mobile phone. In International Conference on Control, Automation and Information Sciences (ICCAIS), pages 344\u2013348. IEEE, 2012.10.1109\/ICCAIS.2012.6466615","DOI":"10.1109\/ICCAIS.2012.6466615"},{"key":"2022060209292548839_j_popets-2022-0056_ref_099","doi-asserted-by":"crossref","unstructured":"[99] P. A. Thomas and K. P. Mathew. A broad review on non-intrusive active user authentication in biometrics. Journal of Ambient Intelligence and Humanized Computing, 2021.10.1007\/s12652-021-03301-x817727034109006","DOI":"10.1007\/s12652-021-03301-x"},{"key":"2022060209292548839_j_popets-2022-0056_ref_100","unstructured":"[100] Tor browser canvas font fingerprinting. https:\/\/gitlab.torproject.org\/legacy\/trac\/-\/issues\/13400."},{"key":"2022060209292548839_j_popets-2022-0056_ref_101","doi-asserted-by":"crossref","unstructured":"[101] C. F. Torres, H. Jonker, and S. Mauw. FP-Block: Usable web privacy by controlling browser fingerprinting. In ESORICS, 2015.10.1007\/978-3-319-24177-7_1","DOI":"10.1007\/978-3-319-24177-7_1"},{"key":"2022060209292548839_j_popets-2022-0056_ref_102","unstructured":"[102] D. D. Tran. Sensor API Specification. https:\/\/dvcs.w3.org\/hg\/dap\/raw-file\/default\/sensor-api\/Overview.html, 2012."},{"key":"2022060209292548839_j_popets-2022-0056_ref_103","unstructured":"[103] umar iqbal. FP-Inspector Code and Data. https:\/\/uiowa-irl.github.io\/FP-Inspector\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_104","doi-asserted-by":"crossref","unstructured":"[104] T. Van Goethem, W. Scheepers, D. Preuveneers, and W. Joosen. Accelerometer-based device fingerprinting for multi-factor mobile authentication. In International Symposium on Engineering Secure Software and Systems. Springer, 2016.10.1007\/978-3-319-30806-7_7","DOI":"10.1007\/978-3-319-30806-7_7"},{"key":"2022060209292548839_j_popets-2022-0056_ref_105","unstructured":"[105] Wayback Machine API. https:\/\/archive.org\/help\/wayback_api.php."},{"key":"2022060209292548839_j_popets-2022-0056_ref_106","unstructured":"[106] Wayback Machine. https:\/\/archive.org\/web\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_107","unstructured":"[107] Y. Weiss. High Resolution Time, Privacy and Security. https:\/\/www.w3.org\/TR\/hr-time-3\/#sec-privacy-security."},{"key":"2022060209292548839_j_popets-2022-0056_ref_108","unstructured":"[108] J. Wilander. Full Third-Party Cookie Blocking and More. https:\/\/webkit.org\/blog\/10218\/full-third-party-cookie-blocking-and-more\/."},{"key":"2022060209292548839_j_popets-2022-0056_ref_109","unstructured":"[109] J. Wilander. Full third-party cookie blocking and more. https:\/\/webkit.org\/blog\/10218\/full-third-party-cookie-blocking-and-more, 2020."},{"key":"2022060209292548839_j_popets-2022-0056_ref_110","unstructured":"[110] M. Wood. Today\u2019s Firefox Blocks Third-Party Tracking Cookies and Cryptomining by Default. https:\/\/blog.mozilla.org\/blog\/2019\/09\/03\/todays-firefox-blocks-third-party-tracking-cookies-and-cryptomining-by-default\/, 2019."},{"key":"2022060209292548839_j_popets-2022-0056_ref_111","unstructured":"[111] S. Wu, S. Li, Y. Cao, and N. Wang. Rendered private: Making GLSL execution uniform to prevent WebGL-based browser fingerprinting. In Proceedings of the 28th USENIX Security Symposium (USENIX Security), 2019."},{"key":"2022060209292548839_j_popets-2022-0056_ref_112","doi-asserted-by":"crossref","unstructured":"[112] Z. Yu, S. Macbeth, K. Modi, and J. M. Pujol. Tracking the Trackers. In World Wide Web (WWW) Conference, 2016.10.1145\/2872427.2883028","DOI":"10.1145\/2872427.2883028"}],"container-title":["Proceedings on Privacy Enhancing Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.sciendo.com\/pdf\/10.2478\/popets-2022-0056","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,20]],"date-time":"2022-07-20T16:32:08Z","timestamp":1658334728000},"score":1,"resource":{"primary":{"URL":"https:\/\/petsymposium.org\/popets\/2022\/popets-2022-0056.php"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,3,3]]},"references-count":112,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,3,3]]},"published-print":{"date-parts":[[2022,4,1]]}},"alternative-id":["10.2478\/popets-2022-0056"],"URL":"https:\/\/doi.org\/10.2478\/popets-2022-0056","relation":{},"ISSN":["2299-0984"],"issn-type":[{"value":"2299-0984","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,3,3]]}}}