RePriv: Re-Envisioning In-Browser Privacy

In this paper, we present REPRIV, a system for managing and controlling the release of private information from the browser. We demonstrate how always-on user interest mining can effectively infer user interests in a real browser. We go on to discuss an extension framework that allows third-party code to extract and disseminate more detailed information, as well as language-based techniques for verifying the absence of privacy leaks in this untrusted code. To demonstrate the effectiveness of our model, we present REPRIV extensions that perform personalization for Netflix, Twitter, Bing, and GetGlue. We evaluated several aspects of REPRIV in realistic scenarios. We show that REPRIV’s default in-browser mining can be done with no noticeable overhead to normal browsing, and that the results it produces converge quickly. We then go on to show similar results for each of our case studies: that REPRIV enables high-quality personalization, as shown by cases studies in news and search result personalization we evaluated on thousands of instances, and that the performance impact each case has on the browser is minimal. We conclude that personalized content and individual privacy on the web are not mutually

[1]  Ari Juels,et al.  Targeted Advertising ... And Privacy Too , 2001, CT-RSA.

[2]  Víctor Pàmies,et al.  Open Directory Project , 2003 .

[3]  Georgios Paliouras,et al.  Web Usage Mining as a Tool for Personalization: A Survey , 2003, User Modeling and User-Adapted Interaction.

[4]  Dan Boneh,et al.  Protecting browser state from web privacy attacks , 2006, WWW '06.

[5]  Abhinandan Das,et al.  Google news personalization: scalable online collaborative filtering , 2007, WWW '07.

[6]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[7]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[8]  Stephen McCamant,et al.  Quantitative information flow as network flow capacity , 2008, PLDI '08.

[9]  Justin Zhijun Zhan,et al.  Privacy-preserving collaborative data mining , 2007, IEEE Computational Intelligence Magazine.

[10]  M. Jakobsson,et al.  Privacy-Preserving History Mining for Web Browsers , 2008 .

[11]  Ilya Mironov,et al.  Differentially private recommender systems: building privacy into the net , 2009, KDD.

[12]  Saikat Guha,et al.  Serving Ads from localhost for Performance, Privacy, and Profit , 2009, HotNets.

[13]  Julien Freudiger,et al.  Towards Privacy-Friendly Online Advertising , 2009 .

[14]  Justine Becker Measuring privacy risk in online social networks , 2009 .

[15]  Lorrie Faith Cranor,et al.  A Comparative Study of Online Privacy Policies and Formats , 2009, Privacy Enhancing Technologies.

[16]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[17]  Foster Provost,et al.  Audience selection for on-line brand advertising: privacy-friendly social network targeting , 2009, KDD.

[18]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.

[19]  Dan Boneh,et al.  An Analysis of Private Browsing Modes in Modern Browsers , 2010, USENIX Security Symposium.

[20]  Yehuda Koren,et al.  Factor in the neighbors: Scalable and accurate collaborative filtering , 2010, TKDD.

[21]  Peter Eckersley,et al.  How Unique Is Your Web Browser? , 2010, Privacy Enhancing Technologies.

[22]  Juan Chen,et al.  Enforcing Stateful Authorization and Information Flow Policies in Fine , 2010, ESOP.

[23]  Artur Janc,et al.  Feasibility and Real-World Implications of Web Browser History Detection , 2010 .

[24]  Benjamin Livshits,et al.  ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser , 2010, 2010 IEEE Symposium on Security and Privacy.

[25]  Christopher Krügel,et al.  A Practical Attack to De-anonymize Social Network Users , 2010, 2010 IEEE Symposium on Security and Privacy.

[26]  Wolfram Schulte,et al.  C3: An Experimental, Extensible, Reconfigurable Platform for HTML-based Applications , 2011, WebApps.