While advertising has become commonplace in today's online interactions, there is a notable dearth of research investigating the extent to which browser fingerprinting is harnessed for user tracking and targeted advertising. Prior studies only measured whether fingerprinting-related scripts are being run on the websites but that in itself does not necessarily mean that fingerprinting is being used for the privacy-invasive purpose of online tracking because fingerprinting might be deployed for the defensive purposes of bot/fraud detection and user authentication. It is imperative to address the mounting concerns regarding the utilization of browser fingerprinting in the realm of online advertising. To understand the privacy-invasive use of fingerprinting for user tracking, this paper introduces a new framework ``FPTrace'' (fingerprinting-based tracking assessment and comprehensive evaluation framework) designed to identify alterations in advertisements resulting from adjustments in browser fingerprinting settings. Our approach involves emulating genuine user interactions, capturing advertiser bid data, and closely monitoring HTTP information. Using FPTrace we conduct a large-scale measurement study to identify whether browser fingerprinting is being used for the purpose of user tracking and ad targeting. The results we have obtained provide robust evidence supporting the utilization of browser fingerprinting for the purposes of advertisement tracking and targeting. This is substantiated by significant disparities in bid values and a reduction in HTTP records subsequent to changes in fingerprinting. In conclusion, our research unveils the widespread employment of browser fingerprinting in online advertising, prompting critical considerations regarding user privacy and data security within the digital advertising landscape.
翻译:尽管广告已成为当今在线互动中的普遍现象,但关于浏览器指纹被用于用户追踪和定向广告的程度,目前仍缺乏显著的研究。先前的研究仅测量了网站上是否运行与指纹相关的脚本,但这本身并不一定意味着指纹技术被用于在线追踪这一侵犯隐私的目的,因为指纹技术可能被部署用于机器人/欺诈检测和用户认证等防御性目的。解决关于浏览器指纹在在线广告领域使用的日益增长的担忧势在必行。为了理解指纹技术用于用户追踪的隐私侵犯性使用,本文引入了一个新框架“FPTrace”(基于指纹的追踪评估与综合评估框架),旨在识别因浏览器指纹设置调整而导致的广告变化。我们的方法包括模拟真实用户交互、捕获广告商竞价数据以及密切监控HTTP信息。利用FPTrace,我们进行了一项大规模测量研究,以识别浏览器指纹是否被用于用户追踪和广告定向。我们获得的结果提供了强有力的证据,支持浏览器指纹被用于广告追踪和定向。这通过竞价值的显著差异以及指纹更改后HTTP记录的减少得到了证实。总之,我们的研究揭示了浏览器指纹在在线广告中的广泛使用,引发了关于数字广告领域中用户隐私和数据安全的关键考量。