XRay: Enhancing the Web's Transparency with Differential Correlation

Mathias Lecuyer 1 Guillaume Ducoffe 2 Francis Lan 1 Andrei Papancea 1 Theofilos Petsios 1 Riley Spahn 1 Augustin Chaintreau 1 Roxana Geambasu 1
2 COATI - Combinatorics, Optimization and Algorithms for Telecommunications
CRISAM - Inria Sophia Antipolis - Méditerranée , Laboratoire I3S - COMRED - COMmunications, Réseaux, systèmes Embarqués et Distribués
Abstract : Today's Web services - such as Google, Amazon, and Facebook - leverage user data for varied purposes, including personalizing recommendations, targeting advertisements, and adjusting prices. At present, users have little insight into how their data is being used. Hence, they cannot make informed choices about the services they choose. To increase transparency, we developed XRay, the first fine-grained, robust, and scalable personal data tracking system for the Web. XRay predicts which data in an arbitrary Web account (such as emails, searches, or viewed products) is being used to target which outputs (such as ads, recommended products, or prices). XRay's core functions are service agnostic and easy to instantiate for new services, and they can track data within and across services. To make predictions independent of the audited service, XRay relies on the following insight: by comparing outputs from different accounts with similar, but not identical, subsets of data, one can pinpoint targeting through correlation. We show both theoretically, and through experiments on Gmail, Amazon, and YouTube, that XRay achieves high precision and recall by correlating data from a surprisingly small number of extra accounts.
Document type :
Conference papers
Complete list of metadatas

Cited literature [40 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01100757
Contributor : Guillaume Ducoffe <>
Submitted on : Friday, January 9, 2015 - 4:49:02 PM
Last modification on : Thursday, February 7, 2019 - 4:00:07 PM
Long-term archiving on: Friday, September 11, 2015 - 12:55:38 AM

File

1407.2323v2.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01100757, version 1
  • ARXIV : 1407.2323

Collections

Citation

Mathias Lecuyer, Guillaume Ducoffe, Francis Lan, Andrei Papancea, Theofilos Petsios, et al.. XRay: Enhancing the Web's Transparency with Differential Correlation. USENIX Security Symposium, Aug 2014, San Diego, United States. ⟨hal-01100757⟩

Share

Metrics

Record views

461

Files downloads

358