PriveShield: Enhancing User Privacy Using Automatic Isolated Profiles in Browsers

TL;DR

The paper tackles the problem of pervasive online tracking and retargeted advertising by introducing PriveShield, a lightweight browser extension that creates automatic isolated profiles to disrupt cross-site cookie syncing without altering browser internals. It automates profile creation based on browsing history, active sessions, interactions, and website categories, processing data locally to preserve user privacy. The contributions include the first automated, profile-based isolation mechanism for web browsing, a detailed taxonomy of profiles, and comprehensive evaluation showing about 91% effectiveness in preventing retargeted ads across 54 real-world scenarios, along with low performance overhead. The approach preserves advertising functionality within context (category-based targeting) while significantly reducing cross-site data sharing, offering practical privacy protection with minimal user burden and without modifying browser core code. This work has practical significance for enhancing user privacy in real-world web ecosystems and provides a foundation for future work on fingerprinting defenses.

Abstract

Online tracking is a widespread practice on the web with questionable ethics, security, and privacy concerns. While web tracking can offer personalized and curated content to Internet users, it operates as a sophisticated surveillance mechanism to gather extensive user information. This paper introduces PriveShield, a light-weight privacy mechanism that disrupts the information gathering cycle while offering more control to Internet users to maintain their privacy. PriveShield is implemented as a browser extension that offers an adjustable privacy feature to surf the web with multiple identities or accounts simultaneously without any changes to underlying browser code or services. When necessary, multiple factors are automatically analyzed on the client side to isolate cookies and other information that are the basis of online tracking. PriveShield creates isolated profiles for clients based on their browsing history, interactions with websites, and the amount of time they spend on specific websites. This allows the users to easily prevent unwanted browsing information from being shared with third parties and ad exchanges without the need for manual configuration. Our evaluation results from 54 real-world scenarios show that our extension is effective in preventing retargeted ads in 91% of those scenarios.

Figures (7)

• Figure 1: High level design of the advertising ecosystem and real-time bidding.
• Figure 2: Cookie syncing process between the user, SSP, and the DSP. 1. Ad request is made to the SSP from the client's browser. 2. The SSP is able to set cookie for the user or read an existing cookie and return the DSP sync pixel. 3. The DSP cookie sync pixel gets called from the browser. 4. The DSP redirects to the SSP cookie sync endpoint to pass along their ID for the user.
• Figure 3: How Priveshield impacts the browsing process. What happens when user opens the browser, and tries to visit destination.com.
• Figure 4: Example of a retargeted ad displayed in a publisher website. A running_shoe ad is being shown on 9gag's website. This screenshot is taken from 9gag after visiting a scenario that included multiple web pages in the "running_shoe" category.
• Figure 5: Graph of first and third-party websites after visiting a scenario that leads to a running shoe retargeted ad in a vanilla browser. Blue circle nodes are first-party websites, and the triangle nodes are the third-party trackers. Red triangles are the ones that are shared between at least two first-party websites, and are able to share information. In this scenario, the retargeted ad is shown on Nypost's website after visiting and interacting with Reebok, Adidas, and Nike's websites.