G. Acar, C. Eubank, S. Englehardt, M. Juarez, A. Narayanan, and C. Diaz. The Web never forgets: Persistent tracking mechanisms in the wild. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), 2014.
 G. Acar, M. Juarez, N. Nikiforakis, C. Diaz, S. Gürses, F. Piessens, and B. Preneel. FPDetective: Dusting the Web for fingerprinters. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2013.
 Alexa. Top 1 million websites. http://s3.amazonaws.com/alexa-static/top-1m.csv.zip.
 J. Angwin. Meet the Online Tracking Device That is Virtually Impossible to Block. http://www.propublica.org/article/meet-the-online-tracking-device-that-isvirtually-impossible-to-block, 2014.
 BrowserMob Proxy. http://bmp.lightbody.net/.
 A. Chaabane, Y. Ding, R. Dey, M. Ali Kaafar, and K. Ross. A Closer Look at Third-Party OSN Applications: Are They Leaking Your Personal Information? In Passive and Active Measurement conference (2014), Los Angeles, United States, Mar. 2014. Springer.
 P. Eckersley. How Unique Is Your Browser? In Proceedings of the Privacy Enhancing Technologies Symposium (PETS), pages 1-17, 2010.
 W. Enck, P. Gilbert, S. Han, V. Tendulkar, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2):5, 2014. [Web of Science]
 S. Englehardt, D. Reisman, C. Eubank, P. Zimmerman, J. Mayer, A. Narayanan, and E. W. Felten. Cookies that give you away: The surveillance implications of web tracking. In Proceedings of the 24th International Conference on World Wide Web (WWW), pages 289-299, 2014.
 FourthParty: Web Measurement Platform. http://www.fourthparty.info.
 Ghostery. https://www.ghostery.com.
 J. HOFFMAN-ANDREWS. Verizon Injecting Perma-Cookies to Track Mobile Customers, Bypassing Privacy Controls. https://www.eff.org/deeplinks/2014/11/verizon-x-uidh, 2014.
 P. Hornyack, S. Han, J. Jung, S. Schechter, and D. Wetherall. These aren’t the droids you’re looking for: retrofitting android to protect data from imperious applications. In Proceedings of the 18th ACM conference on Computer and communications security, pages 639-652. ACM, 2011.
 F. Jacobs. How Reuters got compromised by the Syrian Electronic Army. https://medium.com/@FredericJacobs/the-reuters-compromise-by-the-syrian-electronic-army-6bf570e1a85b, 2014.
 B. Krishnamurthy, K. Naryshkin, and C. E. Wills. Privacy leakage vs. protection measures: the growing disconnect. In Web 2.0 Security and Privacy Workshop, 2011.
 B. Krishnamurthy and C. Wills. Privacy diffusion on the web: A longitudinal perspective. In Proceedings of the 18th International Conference on World Wide Web, WWW ’09, pages 541-550, New York, NY, USA, 2009. ACM.
 B. Krishnamurthy and C. E. Wills. On the leakage of personally identifiable information via online social networks. In Proceedings of the 2nd ACM workshop on Online social networks, pages 7-12. ACM, 2009.
 Who are these tracking companies? Meet LeadLander. http://www.abine.com/blog/2012/leadlander/, 2012.
 LeadLander. Website Visitor Analytics. http://www.leadlander.com.
 I. D. Marino. Ghost Driver / PhantomJSDriver. https://github.com/detro/ghostdriver.
 M. Marlinspike. New Tricks for Defeating SSL in Practice. In Proceedings of BlackHat 2009, DC, 2009.
 J. Mayer. Tracking the trackers: Where everybody knows your username. http://cyberlaw.stanford.edu/node/6740, 2011.
 J. R. Mayer and J. C. Mitchell. Third-party web tracking: Policy and technology. In IEEE Symposium on Security and Privacy, pages 413-427. IEEE Computer Society, 2012.
 J. Mikians, L. Gyarmati, V. Erramilli, and N. Laoutaris. Crowd-assisted Search for Price Discrimination in ECommerce: First results. In Proceedings of the 9th International Conference on emerging Networking EXperiments and Technologies (CoNEXT), 2013.
 M. Motoyama, K. Levchenko, C. Kanich, D. McCoy, G. M. Voelker, and S. Savage. Re: Captchas-understanding captcha-solving services in an economic context. In USENIX Security Symposium, volume 10, page 3, 2010.
 K. Mowery and H. Shacham. Pixel perfect: Fingerprinting canvas in HTML5. In Proceedings of the Workshop on Web 2.0 Security and Privacy (W2SP). IEEE Computer Society, May 2012.
 Network Advertising Initiative. Understanding Online Advertising. https://www.networkadvertising.org/faq.
 N. Nikiforakis, A. Kapravelos, W. Joosen, C. Kruegel, F. Piessens, and G. Vigna. Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In Proceedings of the 2013 IEEE Symposium on Security and Privacy, SP ’13, pages 541-555, Washington, DC, USA, 2013. IEEE Computer Society.
 N. Nikiforakis, S. Van Acker, F. Piessens, and W. Joosen. Exploring the Ecosystem of Referrer-Anonymizing Services. In Proceedings of the 12th Privacy Enhancing Technology Symposium (PETS), pages 259-278, 2012.
 D. Nix. You’re not anonymous. I know your name, email, and company. https://web.archive.org/web/20140103065932/http://blog.42floors.com/youre-notanonymous-i-know-your-name-email-and-company/, 2012.
 PhantomJS. Headless WebKit. http://phantomjs.org.
 E. Picard. We Don’t Need No Stinkin’ Third-Party Cookies. http://adexchanger.com/data-driven-thinking/we-dontneed-no-stinkin-third-party-cookies/, 2013.
 F. Roesner, T. Kohno, and D. Wetherall. Detecting and defending against third-party tracking on the web. In Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation, NSDI’12, pages 12-12, Berkeley, CA, USA, 2012. USENIX Association.
 A. Soltani, S. Canty, Q. Mayo, L. Thomas, and C. J. Hoofnagle. Flash cookies and privacy. In AAAI Spring Symposium: Intelligent Information Privacy Management, 2010.
 E. Steel. A Web Pioneer Profiles Users by Name. http://www.wsj.com/articles/SB10001424052702304410504575560243259416072, 2010.
 S. Sunam. Google Plus post on December 8, 2012, (accessed February 23, 2015). https://plus.google.com/+SumitSuman01/posts/2jLJ5B4yPYF.
 The Wall Street Journal. What They Know. http://www.wsj.com/public/page/what-they-know-digital-privacy.html.
 Trend Micro Site Safety Center. http://global.sitesafety.trendmicro.com/.
 B. Ur, P. G. Leon, L. F. Cranor, R. Shay, and Y. Wang. Smart, useful, scary, creepy: Perceptions of online behavioral advertising. In Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS ’12, pages 4:1-4:15, New York, NY, USA, 2012. ACM.
Published Online: 2015-09-08
Published in Print: 2016-01-01
Citation Information: Proceedings on Privacy Enhancing Technologies. Volume 2016, Issue 1, Pages 20–33, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2015-0028, September 2015
© 2015. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 3.0 License. (CC BY-NC-ND 3.0)