TY - GEN
T1 - DNS Cache-Based User Tracking
AU - Klein, Amit
AU - Pinkas, Benny
N1 - Publisher Copyright: © NDSS 2019.All rights reserved.
PY - 2019
Y1 - 2019
N2 - We describe a novel user tracking technique that is based on assigning statistically unique DNS records per user. This new tracking technique is unique in being able to distinguish between machines that have identical hardware and software, and track users even if they use “privacy mode” browsing, or use multiple browsers (on the same machine). The technique overcomes issues related to the caching of DNS answers in resolvers, and utilizes per-device caching of DNS answers at the client. We experimentally demonstrate that it covers the technologies used by a very large fraction of Internet users (in terms of browsers, operating systems, and DNS resolution platforms). Our technique can track users for up to a day (typically), and therefore works best when combined with other, narrower yet longer-lived techniques such as regular cookies - we briefly explain how to combine such techniques. We suggest mitigations to this tracking technique but note that it is not easily mitigated. There are possible workarounds, yet these are not without setup overhead, performance overhead or convenience overhead. A complete mitigation requires software modifications in both browsers and resolver software.
AB - We describe a novel user tracking technique that is based on assigning statistically unique DNS records per user. This new tracking technique is unique in being able to distinguish between machines that have identical hardware and software, and track users even if they use “privacy mode” browsing, or use multiple browsers (on the same machine). The technique overcomes issues related to the caching of DNS answers in resolvers, and utilizes per-device caching of DNS answers at the client. We experimentally demonstrate that it covers the technologies used by a very large fraction of Internet users (in terms of browsers, operating systems, and DNS resolution platforms). Our technique can track users for up to a day (typically), and therefore works best when combined with other, narrower yet longer-lived techniques such as regular cookies - we briefly explain how to combine such techniques. We suggest mitigations to this tracking technique but note that it is not easily mitigated. There are possible workarounds, yet these are not without setup overhead, performance overhead or convenience overhead. A complete mitigation requires software modifications in both browsers and resolver software.
UR - http://www.scopus.com/inward/record.url?scp=85112344381&partnerID=8YFLogxK
U2 - 10.14722/ndss.2019.23186
DO - 10.14722/ndss.2019.23186
M3 - منشور من مؤتمر
T3 - 26th Annual Network and Distributed System Security Symposium, NDSS 2019
BT - 26th Annual Network and Distributed System Security Symposium, NDSS 2019
PB - The Internet Society
T2 - 26th Annual Network and Distributed System Security Symposium, NDSS 2019
Y2 - 24 February 2019 through 27 February 2019
ER -