Felipe Saint-Jean
Dan Boneh
ABSTRACT
Web search is currently a source of growing concern about personal privacy. It is an essential and central part of most users' activity online and therefore one through which a significant amount of personal information may be revealed.To help users protect their privacy, we have designed and implemented Private WebSearch (PWS), a usable client-side tool that minimizes the information that users reveal to a search engine. Our tool protects users against attacks that involve active components and timing information, to which more general Web-browsing privacy tools (including the combination of FoxTor and Privoxy) are vulnerable. PWS is a Firefox plugin that functions as an HTTP proxy and as a client for the Tor anonymity network. It configures Firefox so that search queries executed from the PWS search box are routed through the HTTP proxy and Tor client, filtering potentially sensitive or identifying components of the request and response.
- Shuchi Chawla, Cynthia Dwork, Frank McSherry, Adam Smith, and Hoeteck Wee. Toward privacy in public databases. In Proceedings of the 2nd Theory of Cryptography Conference, pages 363¿-385, February 2005. Google Scholar
Digital Library
- Benny Chor, Oded Goldreich, Eyal Kushilevitz, and Madhu Sudan. Private information retrieval. In Proceedings of the 36th IEEE Symposium on Foundations of Computer Science, pages 41¿-50, October 1995. Google ScholarDigital Library
- Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium, August 2004. http://tor.eff.org/tor-design.pdf. Google ScholarDigital Library
- Eff. http://www.eff.org/Privacy/AOL/.Google Scholar
- Alexandre Evfimievski, Johannes Gehrke, and Ramakrishnan Srikant. Limiting privacy breaches in privacy preserving data mining. In Proceedings of the 22nd ACM Symposium on Principles of Database Systems, pages 211-¿222, June 2003. Google ScholarDigital Library
- Edward Felten and Michael Schneider. Timing attacks on web privacy. In Proceedings of the 7th ACM Conference on Computer and Communications Security, pages 25¿-32, November 2000. Google ScholarDigital Library
- Foxtor. http://cups.cs.cmu.edu/foxtor/.Google Scholar
- William Gasarch. A survey on private information retrieval, 2004.Google Scholar
- Google. http://www.google.com/.Google Scholar
- Collin Jackson, Andrew Bortz, Dan Boneh, and John C. Mitchell. Protecting browser state from web privacy attacks. In Proceedings of the 15th International Conference on the World Wide Web, pages 737¿-744, May 2006. Google ScholarDigital Library
- Jap. http://anon.inf.tu-dresden.de/index_en.html.Google Scholar
- Eyal Kushilevitz and Rafail Ostrovsky. Replication is NOT needed: SINGLE database, computationally-private information retrieval. In Proceedings of the 38th IEEE Symposium on Foundations of Computer Science, pages 364-¿373, October 1997. Google ScholarDigital Library
- Ashwin Machanavajjhala, Johannes Gehrke, Daniel Kifer, and Muthuramakrishnan Venkitasubramaniam. l-diversity: Privacy beyond k-anonymity. In Proceedings of the 22nd IEEE International Conference on Data Engineering, page 24, April 2006. Google ScholarDigital Library
- p0f. http://lcamtuf.coredump.cx/p0f/README.Google Scholar
- Privoxy. http://www.privoxy.org.Google Scholar
- Vibhor Rastogi, Dan Suciu, and Sungho Hong. The boundary between privacy and utility in data anonymization, 2006. http://www.citebase.org/abstract?id=oai:arXiv.org:cs/0612103. Google ScholarDigital Library
- Michael G. Reed, Paul F. Syverson, and David M. Goldschlag. Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communications, 16(4):482¿-494, May 1998. Google ScholarDigital Library
- P. Samarati and L. Sweeney. Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical Report SRI-CSL-98-04, SRI Computer Science Laboratory, Palo Alto, CA, 1998.Google Scholar
- Simile. http://simile.mit.edu/java-firefox-extension/.Google Scholar
- Tor. http://tor.eff.org.Google Scholar
- Torbutton. http://freehaven.net/~squires/torbutton/.Google Scholar
- Trackmenot. http://mrl.nyu.edu/~dhowe/TrackMeNot/.Google Scholar
- V. S. Verykios, E. Bertino, I. N. Fovino, L. P. Provenza, Y. Saygin, and Y. Theodoridis. State-of-the-art in privacy preserving data mining. ACM SIGMOD Record, 3(1):50¿-57, March 2004. Google ScholarDigital Library
Index Terms
- Private web search
Recommendations
Usability of anonymous web browsing: an examination of Tor interfaces and deployability
SOUPS '07: Proceedings of the 3rd symposium on Usable privacy and securityTor is a popular privacy tool designed to help achieve online anonymity by anonymising web traffic. Employing cognitive walkthrough as the primary method, this paper evaluates four competing methods of deploying Tor clients, and a number of software ...
Towards efficient and accurate privacy preserving web search
MW4NG '14: Proceedings of the 9th Workshop on Middleware for Next Generation Internet ComputingQuerying Web search engines is by far the most frequent activity performed by online users and consequently the one in which they are likely to reveal a significant amount of personal information. Protecting the privacy of Web requesters is thus ...
LASTor: a low-latency AS-aware tor client
Though the widely used Tor anonymity network is designed to enable low-latency anonymous communication, interactive communications on Tor incur latencies over 5 greater than on the direct Internet path, and in many cases, autonomous systems (ASs) can ...
Comments