adF: A Novel System for Measuring Web Fingerprinting through Ads

This paper introduces adF, a novel system for analyzing the vulnerability of different devices, Operating Systems (OSes), and browsers to web fingerprinting. adF performs its measurements from code inserted in ads. We have used our system in several ad campaigns that delivered 5.40 million ad impressions. The collected data allow us to assess the vulnerability of current desktop and mobile devices to web fingerprinting. Based on our results, we estimate that 66% of desktop devices and 40% of mobile devices can be uniquely fingerprinted with our web fingerprinting system. However, the resilience to web fingerprinting varies significantly across browsers and device types, with Chrome on desktops being the most vulnerable configuration. To counter web fingerprinting, we propose ShieldF, a simple solution which blocks the reporting by browsers of those attributes that we found in the analysis of our dataset that present the most significant discrimination power. Our experiments reveal that ShieldF outperforms all anti-fingerprinting solutions proposed by major browsers (Chrome, Safari and Firefox) offering an increase in the resilience offered to web fingerprinting up to 62% for some device configurations. ShieldF is available as an add-on for any chromium-based browser. Moreover, it is readily adoptable by browser and mobile app developers. Its widespread use would lead to a significant improvement in the protection offered by browsers and mobile apps to web fingerprinting.