TY - GEN
T1 - ISP-enabled behavioral ad targeting without deep packet inspection
AU - Macía-Fernández, Gabriel
AU - Wang, Yong
AU - Rodríguez-Gómez, Rafael
AU - Kuzmanovic, Aleksandar
PY - 2010
Y1 - 2010
N2 - Online advertising is a rapidly growing industry currently dominated by the search engine 'giant' Google. In an attempt to tap into this huge market, Internet Service Providers (ISPs) started deploying deep packet inspection techniques to track and collect user browsing behavior. However, such techniques violate wiretap laws that explicitly prevent intercepting the contents of communication without gaining consent from consumers. In this paper, we show that it is possible for ISPs to extract user browsing patterns without inspecting contents of communication. Our contributions are threefold. First, we develop a methodology and implement a system that is capable of extracting web browsing features from stored non-content based records of online communication, which could be legally shared. When such browsing features are correlated with information collected by independently crawling the Web, it becomes possible to recover the actual web pages accessed by clients. Second, we systematically evaluate our system on the Internet and demonstrate that it can successfully recover user browsing patterns with high accuracy. Finally, our findings call for a comprehensive legislative reform that would not only enable fair competition in the online advertising business, but more importantly, protect the consumer rights in a more effective way.
AB - Online advertising is a rapidly growing industry currently dominated by the search engine 'giant' Google. In an attempt to tap into this huge market, Internet Service Providers (ISPs) started deploying deep packet inspection techniques to track and collect user browsing behavior. However, such techniques violate wiretap laws that explicitly prevent intercepting the contents of communication without gaining consent from consumers. In this paper, we show that it is possible for ISPs to extract user browsing patterns without inspecting contents of communication. Our contributions are threefold. First, we develop a methodology and implement a system that is capable of extracting web browsing features from stored non-content based records of online communication, which could be legally shared. When such browsing features are correlated with information collected by independently crawling the Web, it becomes possible to recover the actual web pages accessed by clients. Second, we systematically evaluate our system on the Internet and demonstrate that it can successfully recover user browsing patterns with high accuracy. Finally, our findings call for a comprehensive legislative reform that would not only enable fair competition in the online advertising business, but more importantly, protect the consumer rights in a more effective way.
UR - http://www.scopus.com/inward/record.url?scp=77953308042&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77953308042&partnerID=8YFLogxK
U2 - 10.1109/INFCOM.2010.5461963
DO - 10.1109/INFCOM.2010.5461963
M3 - Conference contribution
AN - SCOPUS:77953308042
SN - 9781424458363
T3 - Proceedings - IEEE INFOCOM
BT - 2010 Proceedings IEEE INFOCOM
T2 - IEEE INFOCOM 2010
Y2 - 14 March 2010 through 19 March 2010
ER -