Introduction: One of the most common privacy vulnerabilities on the Internet is digital tracking that identifies users, which includes cookies and digital fingerprinting mechanisms. A comparative analysis of existing modern web tracking methods shows that approaches that rely on detecting and blocking web trackers are less effective than ones using value spoofing, since they do not provide passive fingerprinting methods protection, and are also easily detectable and, as a consequence, are susceptible to being used user identification. To eliminate these shortcomings, new, generally combined, methods should be developed. Purpose is to analyze the main mechanisms and varieties of digital tracking, describe the principles of their operation and develop an effective hybrid method to counteract the digital fingerprinting of the user's device. Results: It is shown that fingerprint tracking is extremely dangerous, as it cannot be effectively blocked by the browser. To solve the problem, a hybrid method of spoofing transmitted data, including both randomization and unification, is proposed. This method is chosen due to the fact that it provides protection against known digital fingerprinting methods. In addition, the method lacks the tracker detection stage, that provides instant protection. Characteristics with a wider range of possible values, that are also difficult to unify (Canvas, WebGL, Audio) are proposed to be replaced with the real ones with the addition of minor distortions. Attributes that must comply with the value adequacy property and changing of which may disrupt the website will be unified. Consequently, it is proposed to unify HTTP headers and global JavaScript browser parameters. The software implementation of the described algorithm is made in the JavaScript programming language in the ECMAScript 6 specification using the standard of the Web-Extensions API cross-browser add-on development system.
Read full abstract