Publication Details
Title: Header Enrichment or ISP Enrichment: Emerging Privacy Threats in Mobile Networks
Author: N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, and V. Paxson
Bibliographic Information: Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMiddlebox 2015), London
Date: August 2015
Research Area: Networking and Security
Type: Article in conference proceedings
PDF: https://www.icsi.berkeley.edu/pubs/networking/headerenrichment15.pdf
Overview:
HTTP header enrichment allows mobile operators to annotate HTTP connections via the use of a wide range of request headers. Operators employ proxies to introduce such headers for operational purposes, and—as recently widely publicized—also to assist advertising programs in identifying the subscriber responsible for the originating traffic, with significant consequences for the user’s privacy. In this paper, we use data collected by the Netalyzr network troubleshooting service over 16 months to identify and characterize HTTP header enrichment in modern mobile networks. We present a timeline of HTTP header usage for 299 mobile service providers from 112 countries, observing three main categories: (1) unique user and device identifiers (e.g., IMEI and IMSI), (2) headers related to advertising programs, and (3) headers associated with network operations.
Acknowledgements:
This work was partially supported by funding provided to ICSI through National Science Foundation grants CNS : 1213157 (“User-Centric Network Measurement”); CNS : 1237265 ("Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives"); and CNS : 1111672 ("Measuring and Modeling the Dynamics of IPv4 Address Exhaustion"). Additional funding was provided by the DHS Directorate of Science and Technology under grant N66001-12-C-0128. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the National Science Foundation or the DHS.
Bibliographic Reference:
N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, and V. Paxson. Header Enrichment or ISP Enrichment: Emerging Privacy Threats in Mobile Networks. Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMiddlebox 2015), London, August 2015
Author: N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, and V. Paxson
Bibliographic Information: Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMiddlebox 2015), London
Date: August 2015
Research Area: Networking and Security
Type: Article in conference proceedings
PDF: https://www.icsi.berkeley.edu/pubs/networking/headerenrichment15.pdf
Overview:
HTTP header enrichment allows mobile operators to annotate HTTP connections via the use of a wide range of request headers. Operators employ proxies to introduce such headers for operational purposes, and—as recently widely publicized—also to assist advertising programs in identifying the subscriber responsible for the originating traffic, with significant consequences for the user’s privacy. In this paper, we use data collected by the Netalyzr network troubleshooting service over 16 months to identify and characterize HTTP header enrichment in modern mobile networks. We present a timeline of HTTP header usage for 299 mobile service providers from 112 countries, observing three main categories: (1) unique user and device identifiers (e.g., IMEI and IMSI), (2) headers related to advertising programs, and (3) headers associated with network operations.
Acknowledgements:
This work was partially supported by funding provided to ICSI through National Science Foundation grants CNS : 1213157 (“User-Centric Network Measurement”); CNS : 1237265 ("Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives"); and CNS : 1111672 ("Measuring and Modeling the Dynamics of IPv4 Address Exhaustion"). Additional funding was provided by the DHS Directorate of Science and Technology under grant N66001-12-C-0128. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the National Science Foundation or the DHS.
Bibliographic Reference:
N. Vallina-Rodriguez, S. Sundaresan, C. Kreibich, and V. Paxson. Header Enrichment or ISP Enrichment: Emerging Privacy Threats in Mobile Networks. Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMiddlebox 2015), London, August 2015