KU-Leuven researchers have found that 145 of the Internet's top 10,000 websites track users without their knowledge or consent. The sites use hidden scripts to extract a device fingerprint from users' browsers.
The researchers identified 16 new providers of device fingerprinting, only one of which had been identified in earlier research. However, device fingerprinting can be used for various security-related tasks, including fraud detection, protection against account hijacking, and anti-bot and anti-scraping services. In addition, the technology is being employed for analytics and marketing purposes through fingerprinting scripts concealed in advertising banners and Web widgets.
The researchers' FPDetective tool can detect fingerprinting websites by crawling and analyzing sites for suspicious scripts. The researchers will present their findings at the 20th ACM Conference on Computer and Communications Security this November in Berlin.
From KU Leuven
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found