KIT | KIT-Bibliothek | Impressum | Datenschutz

Towards Understanding First-Party Cookie Tracking in the Field

Demir, Nurullah ORCID iD icon 1; Theis, Daniel; Urban, Tobias; Pohlmann, N.; Pohlmann, Norbert
1 Institut für Informationssicherheit und Verlässlichkeit (KASTEL), Karlsruher Institut für Technologie (KIT)

Abstract:

Third-party tracking is a common and broadly used technique on the Web. Different defense mechanisms have emerged to counter these practices (e. g. browser vendors that ban all third-party cookies). However, these countermeasures only target third-party trackers and ignore the first party because the narrative is that such monitoring is mostly used to improve the utilized service (e.g. analytical services). In this paper, we present a large-scale measurement study that analyzes tracking performed by the first party but utilized by a third party to circumvent standard tracking preventing techniques. We visit the top 15,000 websites to analyze first-party cookies used to track users and a technique called “DNS CNAME cloaking”, which can be used by a third party to place first-party cookies. Using this data, we show that 76% of sites effectively utilize such tracking techniques. In a long-running analysis, we show that the usage of such cookies increased by more than 50% over 2021.


Verlagsausgabe §
DOI: 10.5445/IR/1000157951
Veröffentlicht am 20.04.2023
Originalveröffentlichung
DOI: 10.18420/sicherheit2022_01
Scopus
Zitationen: 3
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Informationssicherheit und Verlässlichkeit (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsjahr 2022
Sprache Englisch
Identifikator ISBN: 978-3-88579-717-3
ISSN: 1617-5468
KITopen-ID: 1000157951
Erschienen in GI SICHERHEIT 2022, Ed.: C. Wressnegger
Veranstaltung 11th Sicherheit (2022), Karlsruhe, Deutschland, 05.04.2022 – 08.04.2022
Verlag Gesellschaft für Informatik (GI)
Seiten 19-34
Serie Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI) ; P-323
Schlagwörter first-party tracking, cookies, privacy, CNAME cloaking, tracking method
Nachgewiesen in Scopus
Relationen in KITopen
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page