Security and Privacy
The CNIL and Inria award the privacy protection prize 2018
Inria / Photo H. Raguet
On the occasion of the 12th edition of the international Computers, Privacy and Data Protection (CPDP) conference, Pierre Laperdrix, Walter Rudametkin and Benoit Baudry received the award for their article "Beauty and the Beast: Diverting modern web browsers to build unique browser fingerprints ". The CNIL-Inria prize rewards research undertaken with a view to creating a trustworthy digital society.
On 30 January 2019 Daniel Le Metayer, Senior Researcher at Inria and chair of the panel, and Gwendal Le Grand, Director of Technology and Innovation at the CNIL, presented the CNIL-Inria Prize at the CPDP conference in Brussels. This European prize, created by the CNIL and Inria in 2016 as part of the partnership between the two institutions, aims to encourage scientific research on privacy protection.
The Prize was awarded by a panel of six researchers renowned in the digital sciences field: Emiliano De Cristofaro, José Domingo Ferrer, Simone Fischer-Hübner, Sébastien Gambs, Seda Gürses and Yves-Alexandre de Montjoye, two representatives of the CNIL, Gwendal Le Grand, Director of Technology and Innovation, and Matthieu Grall, Head of the Technology Expertise Department, and two senior researchers at Inria: Claude Castelluccia and Daniel le Métayer.
It was also an opportunity to raise awareness among the scientific community of data protection issues and the need to develop research projects in this area, especially in light of the changes brought about by the GDPR and new requirements relating to data protection by design and accountability in particular.
The winning article is entitled Beauty and the Beast: Diverting modern web browsers to build unique browser fingerprints and was presented at the 37th IEEE Symposium on Security and Privacy in 2016.
The article proposes an in-depth analysis of the way a device tracking technique called browser fingerprinting can be used to track web users wherever they go online. This technique consists in collecting information on the user's web browser settings and operating system when they visit a website. This information can be used to create a unique digital fingerprint for the web user. The authors collected 120,000 browser fingerprints made up of 17 attributes and showed that technical innovations in HTML5 provide access to highly discriminating attributes that can be used to identify users. In addition, they showed that browser fingerprinting is as accurate on mobile devices as it is on desktops and laptops. They also explored possible changes that web technology vendors could make to reduce the effects of browser fingerprinting and assessed the impact of such measures. Certain measures would considerably reduce the effects. Others could be very effective, but would reduce the dynamics and comfort of the browsing experience.
The panel considered that these results were of great interest to the research community, the general public, decision-makers and the other actors in the ecosystem. It also has the virtue of being highly topical given the current debate on the future ePrivacy Regulation.
The Prize's winners
- Pierre Laperdrix is currently a post-doctoral researcher at PragSec lab at the State University of New York at Stony Brook, United States of America. He obtained his PhD on browser fingerprinting at Inria Rennes (DiverSE team), where he created the AmIUnique.org and Fingerprint Central websites. His research subjects include computer security and privacy as well as software engineering.
- Walter Rudametkin is a lecturer at Polytech’Lille (University of Lille 1, France). His research concerns software engineering and, in particular, he is a member of the Spirals project team at the CRIStAL research centre. His work focuses on self-adaptive systems in general and on self-optimisation and self-healing in particular.
- Benoit Baudry is currently a professor of Software Technology at the KTH Royal Institute of Technology in Stockholm, Sweden. He is involved in the Swedish WASP initiative, which encourages research on artificial intelligence and autonomous systems. He was previously a research scientist at Inria Rennes in France, where he led the DiverSE research group.
These articles could interest you:
Read the article
For more information
2017 CNIL - Inria Award
- Cybersecurity Inria publishes its white book on cybersecurity
- Forum International de la cybersécurité - ©FIC 2019 Cybersecurity FIC 2019
- Visualisation of Internet dataflows - ©LHS/Inria/Loria Cybersecurity ThreatPredict : to predict cyberattacks
- Steve Kremer - © Inria Cryptography Online voting: cryptography to the rescue