Online behavioral advertising (OBA) refers to the practice of tracking users across web sites in order to infer user interests and preferences. These interests and preferences are then used for selecting ads to present to the user. There is great concern that behavioral advertising in its present form infringes on user privacy. The resulting public debate -- which includes consumer advocacy organizations, professional associations, and government agencies -- is premised on the notion that OBA and privacy are inherently in conflict.
Adnostic is a practical architecture that enables targeting without compromising user privacy. Behavioral profiling and targeting in Adnostic takes place in the user's browser. The ad network remains agnostic to the user's interests.
Our technical paper discusses the effectiveness of the system as well as potential social engineering and web-based attacks on the architecture. One complication is billing; ad-networks must bill the correct advertiser without knowing which ad was displayed to the user. We describe a cryptographic billing system that directly solves the problem. We implemented the core targeting system as a Firefox extension and report on its effectiveness.
A technical paper describing Adnostic: [pdf]
Adnostic: Privacy Preserving Targeted Advertising
Vincent Toubiana, Arvind Narayanan, Dan Boneh, Helen Nissenbaum, Solon Barocas
Appeared at NDSS 2010
The Adnostic prototype is implemented as a Firefox extension. Install.
Our FAQ answers common questions and objections.
Back to Stanford Security Lab.