<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: arial,helvetica,sans-serif; font-size: 12pt; color: #000000'><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Steven Englehardt will present his Generals on May 11, 2015 at 2pm in CS 301.<br>
<br>
Committee Members: Arvind Narayanan (adviser), Edward Felten, and Nick Feamster<br>
<br>
Everyone is invited to attend his talk, and those faculty wishing to remain for the oral exam following are welcome to do so. His abstract and reading list follow below.<br><br>
Abstract:<br>
Web tracking has been a longstanding issue undermining consumer privacy. The proliferation of a mixed-origin websites, where nearly every site includes third-party content from a relatively small set of providers has given these providers the ability to observe and track a large percentage of a user’s web history. Web measurement has been highly influential in online privacy debates and provided transparency into the tracking ecosystem.<br>
<br>
In this work, we briefly present the design of a platform for web measurement studies and explore a measurement of surveillance completed using the platform. We highlight the ability of a passive eavesdropper to leverage third-party cookies for mass surveillance, showing how such an adversary can reconstruct nearly 75% of a user’s browsing history in the absence of persistent network identifiers. Finally, we examine the effectiveness of browser-based privacy tools at mitigating the attack.<br>
<br>
Books:<br>
<br>
The Tangled Web: A Guide to Securing Modern Web Applications, Michal Zalewski<br>
Security Engineering, Ross Andersen: Ch. 1 - 7<br>
<br>
Papers:<br>
<br>
> Third-party web tracking: Policy and technology Jonathan Mayer, John C. Mitchell<br>
><br>
> Privacy diffusion on the web: a longitudinal perspective Balachander Krishnamurthy, Craig E. Wills<br>
><br>
> Privacy leakage vs. protection measures: the growing disconnect Balachander Krishnamurthy, Konstantin Naryshkin, Craig E. Wills<br>
><br>
> Detecting and defending against third-party tracking on the web Franziska Roesner, Tadayoshi Kohno, and David Wetherall<br>
><br>
> FPDetective: dusting the web for fingerprinters Gunes Acar, <a href="http://et.al" target="_blank">et.al</a> .<br>
><br>
> Tracking the trackers: Fast and scalable dynamic analysis of web content for privacy violations Minh Tran, et. al.<br>
><br>
> Automated Experiments on Ad Privacy Settings: A Tale of Opacity, Choice, and Discrimination Amit Datta, Michael Carl Tschantz, Anupam Datta<br>
><br>
> XRay: Enhancing the Web’s Transparency with Differential Correlation Mathias Lecuyer, et. al.<br>
><br>
> Why Johnny Can’t Browse in Peace: On the Uniqueness of Web Browsing History Patterns Lukasz Olejnik<br>
><br>
> A Contextual Approach to Privacy Online Helen Nissenbaum<br>
><br>
> What Can Behavioral Economics Teach Us About Privacy? Alessandro Acquisti, Jens Grossklags<br>
><br>
> Privacy, Economics, and Price Discrimination on the Internet Andrew Odlyzko<br>
><br>
> Protecting Consumer Privacy in an Era of Rapid Change FTC (executive summary / recommendations)<br>
</blockquote></div><br></div>
</div><br></div></body></html>