ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2020, Vol. 57 ›› Issue (11): 2294-2311.doi: 10.7544/issn1000-1239.2020.20200459

所属专题: 2020密码学与数据隐私保护研究专题

• 信息安全 • 上一篇    下一篇

基于双向循环神经网络的安卓浏览器指纹识别方法

刘奇旭1,2,刘心宇1,2,罗成3,王君楠1,2,陈浪平1,2,刘嘉熹1,2   

  1. 1(中国科学院信息工程研究所 北京 100093);2(中国科学院大学网络空间安全学院 北京 100049);3(中国信息通信研究院 北京 100191) (liuqixu@iie.ac.cn)
  • 出版日期: 2020-11-01
  • 基金资助: 
    中国科学院青年创新促进会(2019163);国家自然科学基金项目(61902396);中国科学院战略性先导科技专项项目(XDC02040100);中国科学院网络测评技术重点实验室和网络安全防护技术北京市重点实验室项目

Android Browser Fingerprinting Identification Method Based on Bidirectional Recurrent Neural Network

Liu Qixu1,2, Liu Xinyu1,2, Luo Cheng3, Wang Junnan1,2, Chen Langping1,2, Liu Jiaxi1,2   

  1. 1(Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093);2(School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049);3(China Academy of Information and Communications Technology, Beijing 100191)
  • Online: 2020-11-01
  • Supported by: 
    This work was supported by the Youth Innovation Promotion Association of Chinese Academy of Sciences (2019163), the National Natural Science Foundation of China (61902396), the Strategic Priority Research Program of Chinese Academy of Sciences (XDC02040100), and the Project of the Key Laboratory of Network Assessment Technology at Chinese Academy of Sciences and Beijing Key Laboratory of Network Security and Protection Technology.

摘要: 2010年浏览器指纹的概念被提出用于识别用户身份,目前这项技术已趋于成熟并被广泛应用在一些流行的商业网站进行广告投放.然而传统的指纹技术在追踪用户方面问题颇多,无论系统升级、浏览器更新还是篡改程序伪造导致的指纹特征值改变,都会使浏览器指纹发生变化.在对浏览器指纹属性进行研究的基础上,采集了安卓用户的浏览器指纹,提出了一种用于身份识别的监督学习框架RNNBF.RNNBF的鲁棒性分别体现在数据和模型方面,在数据方面构建基于指纹的数据增强技术生成增强数据集,在模型方面采用注意力机制令模型专注于具有不变性的指纹特征.在模型评估方面,RNNBF模型与单层LSTM模型和随机森林模型分别进行比较,当以F1-Score作为评估标准时,RNNBF模型的识别效果优于后两者,证明了RNNBF模型在动态链接指纹上具有卓越的性能.

关键词: 浏览器指纹, 安卓, 数据增强, 循环神经网络, 渐进式Web应用

Abstract: Browser fingerprinting is a user identification method which has gradually matured since its concept was proposed in 2010 and is widely used in a lot of popular business websites to serve ads accurately. However, traditional fingerprinting has lots of problems in tracing users because it changes subtly no matter if the fingerprint feature value is changed due to system upgrade, browser update or tampering caused by fingerprint blocker. On the basis of research on the attributes of browser fingerprint, a great number of fingerprints from the volunteers who used Android devices are collected and supervised learning framework RNNBF for user identification is proposed. The robustness of RNNBF is reflected in the data and the model respectively. In the data aspect, the fingerprint-based data enhancement technology is used to generate the enhanced data set. In the model aspect, the attention mechanism is used to make our model focus more on the invariant fingerprint features. In terms of model evaluation, the RNNBF model is compared with the single-layer LSTM model and the random forest model. When F1-Score is used as the evaluation standard, the recognition effect of the RNNBF model is better than the latter two, which proves the excellent performance of RNNBF in dynamically linking fingerprints.

Key words: browser fingerprinting, Android, data augmentation, recurrent neural network, progressive Web Apps

中图分类号: