When: Nov 15, 2022 01:45 PM Indiana (East)

Abstract
More and more users are finding out about browser fingerprinting and how trackers can use it to supplement or altogether replace cookie-based tracking. In this talk, we will explore the landscape of a specific kind of browser fingerprinting, namely browser-extension fingerprinting. Since users explicitly choose which extensions to install, the discovery of a user’s extensions can reveal sensitive socioeconomic properties about that user, such as, their level of income, their political leanings, their technical expertise, and even their religion. Moreover, since different users install different sets of browser extensions, the set of extension of a given user can be straightforwardly turned into that user’s fingerprint. We will go over the different techniques that are available for fingerprinting browser extensions (including web-accessible resources, DOM modifications, stylesheet hijacking) and what modern browsers are doing in order to protect their users against fingerprinting.

Bio
Dr. Nick Nikiforakis (PhD’13) is an Associate Professor in the Department of Computer Science at Stony Brook University. He leads the PragSec Lab, where his students conduct research in cyber security, with a focus on web security, web privacy, DNS security, attack-surface reduction, and deception-based security. He is the author of more than 70 peer-reviewed academic publications and his work is cited over 4,700 times. He is the recipient of the National Science Foundation CAREER award (2020), the Office of Naval Research Young Investigator Award (2020), as well as a range of other security-related and privacy-related awards by federal funding agencies.