| Full text | Click to download. |
| Citation | In proceedings of NDSS 2010.
|
| Authors | V. Toubiana
A. Narayanan D. Boneh H. Nissenbaum S. Barocas |
Online behavioral advertising (OBA) refers to the practice of tracking users
across web sites in order to infer user interests and preferences. These
interests and preferences are then used for selecting ads to present to the
user. There is great concern that behavioral advertising in its present form
infringes on user privacy. The resulting public debate - which includes
consumer advocacy organizations, professional associations, and government
agencies - is premised on the notion that OBA and privacy are inherently in
conflict.
In this paper we propose a practical architecture that enables targeting
without compromising user privacy. Behavioral profiling and targeting in our
system takes place in the user's browser. We discuss the effectiveness of the
sys- tem as well as potential social engineering and web-based attacks on the
architecture. One complication is billing; ad-networks must bill the correct
advertiser without knowing which ad was displayed to the user. We propose an
efficient cryptographic billing system that directly solves the prob- lem. We
implemented the core targeting system as a Firefox extension and report on its
effectiveness.