PRAW - A privacy model for the Web

Bracha Shapira, Yuval Elovici, Adlay Meshiach, Tsvi Kuflik

Research output: Contribution to journalArticlepeer-review

32 Scopus citations

Abstract

Web navigation enables easy access to vast amounts of information and services. However, it also poses a major risk to users' privacy. Various eavesdroppers constantly attempt to violate users' privacy by tracking their navigation activities and inferring their interests and needs (profiles). Users who wish to keep their intentions secret forego useful services to avoid exposure. The computer security community has concentrated on improving users' privacy by concealing their identity on the Web. However, users may want or need to identify themselves over the Net to receive certain services but still retain their interests, needs, and intentions in private. PRAW - a PRivAcy model for the Web suggested in this paper - is aimed at hiding users' navigation tracks to prevent eavesdroppers from inferring their profiles but still allowing them to be identified. PRAW is based on continuous generation of fake transactions in various fields of interests to confuse eavesdroppers' automated programs, thus providing them false data. A privacy measure is defined that reflects the difference between users' actual profile and the profile that eavesdroppers might infer. A prototype system was developed to examine PRAW's feasibility and conduct experiments to test its effectiveness. Encouraging results and their analysis are presented, as well as possible attacks and known limitations.

Original languageEnglish
Pages (from-to)159-172
Number of pages14
JournalJournal of the American Society for Information Science and Technology
Volume56
Issue number2
DOIs
StatePublished - 15 Jan 2005

Fingerprint

Dive into the research topics of 'PRAW - A privacy model for the Web'. Together they form a unique fingerprint.

Cite this