Tracking and Tricking a Profiler - Measuring and Influencing Bluekai’s Interest Profiling

Martin Degeling, Jan Nierhoff

Workshop on Privacy in the Electronic Society (WPES 2018) in conjunction with CCS 2018


Abstract

In this paper we describe and evaluate a system to analyze online profiling as a black box by simulating web browsing sessions based on links listed on Alexa’s toplists and posted to Reddit. The study utilizes Oracle’s Bluekai Registry to gain insights into profiles created through online tracking. We report on the extent of Bluekai’s tracking network and taxonomy, analyze how profiles are shown to users, and observe how they develop in sessions of up to 3000 website visits. Our findings show that only a fraction of websites influence the interests assigned to a session’s profile, that the profiles themselves are very noisy, and that identical browsing behavior results in different profiles. We also evaluate two simple obfuscation schemes that effectively alter interest profiles by selectively adding 5% targeted obfuscation traffic.

[pdf (researchgate)]

Tags: online, profiling