Full Program »
On the Robustness of Mobile Device Fingerprinting
Presentation 1.2MB |
A unique identifier is created based on characteristic attributes of the client device and then used for deployment of personalized advertisements or similar use cases.
While fingerprinting performs well for highly customized devices (especially desktop computers), these methods often lack in precision for highly standardized devices like mobile phones.
In this paper, we show that widely used techniques do not perform well for mobile devices yet, but that it is possible to build a fingerprinting system for precise recognition and identification.
We evaluate our proposed system in an online study and verify its robustness against misclassification.
Fingerprinting of web clients is often seen as an offence to web users' privacy as it usually takes place without the users' knowledge, awareness, and consent. Thus, we also analyze whether it is possible to outrun fingerprinting of mobile devices. We investigate different scenarios how users are able to circumvent a fingerprinting system and evade our newly created methods.
Author(s):
Thomas Hupperich
Horst Görtz Institute for IT-Security, Ruhr-University Bochum
Germany
Davide Maiorca
Department of Electrical and Electronic Engineering, University of Cagliari
Italy
Marc Kührer
Horst Görtz Institute for IT-Security, Ruhr-University Bochum
Germany
Giorgio Giacinto
Department of Electrical and Electronic Engineering, University of Cagliari
Italy
Thorsten Holz
Horst Görtz Institute for IT-Security, Ruhr-University Bochum
Germany