Network Protocols and Algorithms

Traces related to our identity are left every day while we browse the Internet. Being the user’s information a very valued asset for most of the companies, user activities on Internet are permanently monitored, and the information obtained from this process is used by big advertising companies. Accurate user profiles are built based on web searches, tags, tweets and even clicks issued by users. Collecting and processing this huge amount of personal data represents a serious risk for the user’s privacy but most of people are not aware of such risk.

We describe in this paper a way to measure the effectiveness of a query obfuscation method. Since privacy level of user profiles is only estimated theoretically in some previous work, we firstly create a privacy risk measuring tool in a Firefox add-on which we named PrivMeter. Besides warning the user about his privacy levels, this tool is especially useful to evaluate the obfuscation mechanism offered by another very well-known add-on called TrackMeNot. We find that, for identification attacks, TrackMeNot importantly improved the user’s privacy. However, against more sophisticated attacks, such as classification attacks, the obfuscation mechanism was not successful enough.