Header Enrichment or ISP Enrichment: Emerging Privacy Threats in Mobile Networks
Title | Header Enrichment or ISP Enrichment: Emerging Privacy Threats in Mobile Networks |
Publication Type | Conference Paper |
Year of Publication | 2015 |
Authors | Vallina-Rodriguez, N., Sundaresan S., Kreibich C., & Paxson V. |
Other Numbers | 3773 |
Abstract | HTTP header enrichment allows mobile operators to annotate HTTP connections via the use of a wide range of request headers. Operators employ proxies to introduce suchheaders for operational purposes, andas recently widelypublicizedalso to assist advertising programs in identifying the subscriber responsible for the originating traffic,with significant consequences for the users privacy. In thispaper, we use data collected by the Netalyzr network troubleshooting service over 16 months to identify and characterize HTTP header enrichment in modern mobile networks.We present a timeline of HTTP header usage for 299 mobileservice providers from 112 countries, observing three maincategories: (1) unique user and device identifiers (e.g., IMEIand IMSI), (2) headers related to advertising programs, and(3) headers associated with network operations. |
Acknowledgment | This work was partially supported by funding provided to ICSI through National Science Foundation grants CNS : 1213157 (User-Centric Network Measurement); CNS : 1237265 ("Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives"); and CNS : 1111672 ("Measuring and Modeling the Dynamics of IPv4 Address Exhaustion"). Additional funding was provided by the DHS Directorate of Science and Technology under grant N66001-12-C-0128. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the National Science Foundation or the DHS. |
URL | https://www.icsi.berkeley.edu/pubs/networking/headerenrichment15.pdf |
Bibliographic Notes | Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMiddlebox 2015), London |
Abbreviated Authors | N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, and V. Paxson |
ICSI Research Group | Networking and Security |
ICSI Publication Type | Article in conference proceedings |