Browser Fingerprinting
Steven A. Bruner (4151593)
American Military University
ISSC630
1 May 2022
 
 
 
 
 
 
 
The hacking process is said to have started in the year 2013, November, this is when these attackers were able to first breach the OPM networks. This group or an attacker, was basically referred to as XI. This name was used by the data breach report of the congressional OPM. Though the XI were not capable of accessing any personnel data at that time, they were able to exfiltrate manuals as well as IT system architecture information. In actual life, the fingerprints of an individual are unique to only you. When it comes to the online world, it becomes the browser configurations that might end up pointing to a person. Though most of individuals tend to utilize similar browsers, their hardware or software configurations tend to be quite different in that they are in a position to act effectively as the IDs of the users.
The browser fingerprinting enables an individual to acquire the granular information regarding every single parameter of the said configuration. For example, it might make it possible to learn the type of default language that has been set for the browser by the user, get to identify the installed fonts among others. Like the human fingerprint, the browser of an individual is known for having a set of traits that are unique and once that might be traced back to the user as well as anything that they get end up doing on the internet. Whenever a person ends up browsing via the internet, most of the web portals get to capture some amount of the said information, like the size of the screen, the type of the browser to provide an appropriate experience (Durey, et.al, 2021, July).
Additionally, browser fingerprinting might as well be utilized for identification in addition to tracking. Websites can record all sorts of data regarding an individual through use of their fingerprint, then have it connected to other fingerprints that are same with an aim of getting a picture that is precise of the user’s browsing behavior as well as their websites activities.
The main objective of using the fingerprinting browser is to acquire the most information in relation to their identity and personality, getting to know a person’s website visitor depending on their own browser configuration. This becomes quite of great use in case it is put within the context of cybersecurity in addition to prevention of fraud, whereby, specific parameters might be immediately pointing to configurations that are suspicious. For example, the fingerprinting browser might be able to detect when the users depend on spoofing or emulators. Tool, who is supposed to advance one’s suspicions regarding their intentions on the users website.
Since the said fingerprints are quite unique, they as well operate as the user IDs. This permits the advertisers as well as the marketers to monitor the users all over the web in addition to delivering the targeted content depending on the outline activities of a person. It is also of extreme importance to understand that the browser fingerprinting happens to be a practice that is contentious, which is the reason as to why different several privacy advocacies groups have ended up developing anti-fingerprinting as well as anti-tracking tools plus techniques. The actual swirls in addition to lines configuration, known for making up an individual’s fingerprints are perceived to be unique to a person. In a similar way, a user’s browsers fingerprinting can be defined as a set of information that is gathered from a person’s laptop or a phone every time it is utilized, enabling the advertisers to automatically link back to the user (Pugliese, et.al, 2020).
The Fingerprinting browser is perceived to be a term that is umbrella definition for means if identifying a particular browser through querying. The JavaScript CSS as well as APIs features are practicing the same all-over different domains within making use of cookies. For example, being able to understand the version of the operating system that is in use, might result into zero-day attacks or lead to know. This is achievable through regular utilization of the User Agent queries. There are several organizations that are proprietary fonts such as Google Sans. When the proprietary font gets installed on the system of a user, it becomes an effective bet that the user works for the said organization or the fact that they had the font pirated. This is capable of being tested maybe in CSS or the JS.
The browser fingerprinting happens to be a permissionless as well as a stateless technique used in generating an identifier on their own server side in addition to using an available, strong to utilize the available storage on the side of the client plus have it stored. As a result of all these, it is very possible to utilize these browser fingerprinting in ensuring that the hackers and any attackers are traced.
The most popular method that the websites use in obtaining a user’s data is through use of cookies. Cookies are small text files packets that are stored by a computer, which tends to comprise of a particular data that might offer the websites data to enhance the experience of the users. The websites are known for remembering in addition to tracking the personal computers as well as devices through having the cookies loaded onto the computer of a person. Each time a person gets to visit any website, the browser automatically downloads cookies. When the same website is visited once again, the browser ends up assessing the data packets in addition to providing the user with an experience that is personally customized (Iqbal, et.al, 2021, May).
The am I unique website is a comprehensive list that is made up of 19 points of data. The attributes that are most significant constitutes of; enabled cookies, the platform that is currently in use, the kind of the browser in addition to its version as well as the computer that is in use by the user, in addition to if the tracking of cookies of the computer have been blocked.
References
Durey, A., Laperdrix, P., Rudametkin, W., & Rouvoy, R. (2021, July). FP-Redemption: Studying browser fingerprinting adoption for the sake of web security. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 237-257). Springer, Cham. https://link.springer.com/chapter/10.1007/978-3-030-80825-9_12
Iqbal, U., Englehardt, S., & Shafiq, Z. (2021, May). Fingerprinting the fingerprinters: Learning to detect browser fingerprinting behaviors. In 2021 IEEE Symposium on Security and Privacy (SP) (pp. 1143-1161). IEEE.  https://ieeexplore.ieee.org/abstract/document/9519502/
Pugliese, G., Riess, C., Gassmann, F., & Benenson, Z. (2020). Long-Term Observation on Browser Fingerprinting: Users’ Trackability and Perspective. Proc. Priv. Enhancing Technol., 2020(2), 558-577. https://sciendo.com/downloadpdf/journals/popets/2020/2/article-p558.pdf