Home // International Journal On Advances in Security, volume 17, numbers 3 and 4, 2024 // View article
Authors:
Stefan Kiltz
Nick Weiler
Till-Frederik Riechard
Robert Altschaffel
Jana Dittmann
Keywords: Security,trust and privacy metrics; IT forensics; Attribution
Abstract:
We are motivated by the Science-Tracking Fingerprint (STF) from our companion conference article 'Science-Tracker Fingerprinting with Uncertainty: Selected Common Characteristics of Publishers from Network to Application Trackers on the Example of Web, App and Email' and apply this fingerprint concept to Online Public Access Catalogs (OPAC) provided by many libraries for literature research with the aim to track the tracker. We choose an approach rooted in digital forensics and using only open source, on-premises tools for comprehensibility and repeatability purposes. The goal of this article (together with its companion article) is not primarily to detect the amount of tracking that is taking place. Studies towards that goal have, indeed, been conducted both on the Science-tracking field and on the field of tracking in general. Our goal is to try and identify the publisher based on the employed first and third party tracking. In particular, for the application area of web we enhance the concept from the companion article with an automated acquisition, investigation and analysis process, including the calculation of the STF. Further, the single list of trackers from the companion article is extended and we provide 3 different lists of known trackers in order to increase the hit-ratio for known tracker domains. For the automation we introduce a toolset consisting of 6 self-created software tools and 4 automation scripts that are put into open source. The automation enables a substantially larger investigation on both the tracking habits of publishers and allows evaluations of the stability of the Science-Tracking Fingerprint. In total we fully evaluate 60 downloads from the 4 exemplary chosen individual publishers across 3 different test-series. Further, to detect any possible influence of the changes of the domains contained in the tracker lists, we use 3 different versions of each of the 3 tracking lists and apply it to each test series. The results of our in-depth study into Science-Trackers show that some publishers change their embedded trackers over individual papers and articles (intra-publisher diversity). For the duration of the tests, no changes on the content of the tracking lists relevant to the tests occurred. Results from 4 tested publishers show no difference in the observed tracking between open access and non-open access articles. Further, we show that using the exemplary chosen OPAC instance of our university library does not prevent Science-Tracking by the publishers, potentially contrary to the user's expectations. This article proposes a comprehensible, scientific process to support the identification of the tracking party (publisher) based on the trackers employed by the tracking party.
Pages: 125 to 141
Copyright: Copyright (c) to authors, 2024. Used with permission.
Publication date: December 30, 2024
Published in: journal
ISSN: 1942-2636