Extracting user web browsing patterns from non-content network traces: The online advertising case study


Online advertising is a rapidly growing industry currently dominated by the search engine ’giant’ Google. In an attempt to tap into this huge market, Internet Service Providers (ISPs) started deploying deep packet inspection techniques to track and collect user browsing behavior. However, these providers have the fear that such techniques violate wiretap laws that explicitly prevent intercepting the contents of communication without gaining consent from consumers. In this paper, we explore how it is possible for ISPs to extract user browsing patterns without inspecting contents of communication. Our contributions are threefold. First, we develop a methodology and implement a system that is capable of extracting web browsing features from stored non-content based network traces, which could be legally shared. When such browsing features are correlated with information collected by independently crawling the Web, it becomes possible to recover the actual web pages accessed by clients. Second, we evaluate our system on the Internet and check that it can successfully recover user browsing patterns with high accuracy.

Computer Networks
Rafael A. Rodríguez-Gómez
Rafael A. Rodríguez-Gómez
Associate Professor

My research interests include network security, the early detection of new threats and adversarial machine learning attacks-defense methods in the cybersecurity field.