论文信息 - RequestPolicy: Increasing Web Browsing Privacy through Control of Cross-Site Requests

RequestPolicy: Increasing Web Browsing Privacy through Control of Cross-Site Requests

Many requests that a Web browser makes are not made to the primary site a user is visiting. It is common for websites to instruct browsers to make additional requests to third-party sites for content, advertisements, as well as for purely user-tracking purposes. Current techniques for maintaining user privacy with respect to cross-site requests are limited and inadequate. We propose a client-side whitelist for controlling third-party website requests. We implement this as RequestPolicy, an extension for Mozilla browsers. We look at the usability of RequestPolicy as well its impact on the Web browsing experience. Our extension maintains a high level of usability while safeguarding user privacy against well-known threats in addition to new threats we draw attention to.

Justin Samuel | Beichuan Zhang

[1] Balachander Krishnamurthy,et al. Generating a privacy footprint on the internet , 2006, IMC '06.

[2] Edward W. Felten,et al. Timing attacks on Web privacy , 2000, CCS.

[3] Balachander Krishnamurthy,et al. WWW 2009 MADRID! Track: Security and Privacy / Session: Web Privacy Privacy Diffusion on the Web: A Longitudinal Perspective , 2022 .

[4] Dan Boneh,et al. Protecting browser state from web privacy attacks , 2006, WWW '06.

[5] Eric C. Price,et al. Browser-Based Attacks on Tor , 2007, Privacy Enhancing Technologies.

[6] Balachander Krishnamurthy,et al. Measuring privacy loss and the impact of privacy protection in web browsing , 2007, SOUPS '07.