 @article{zafar_das_2023, title={Comparative Privacy Analysis of Mobile Browsers}, url={https://doi.org/10.1145/3577923.3583638}, DOI={10.1145/3577923.3583638}, abstractNote={Online trackers are invasive as they track our digital footprints, many of which are sensitive in nature, and when aggregated over time, they can help infer intricate details about our lifestyles and habits. Although much research has been conducted to understand the effectiveness of existing countermeasures for the desktop platform, little is known about how mobile browsers have evolved to handle online trackers. With mobile devices now generating more web traffic than their desktop counterparts, we fill this research gap through a large-scale comparative analysis of mobile web browsers. We crawl 10K valid websites from the Tranco list on real mobile devices. Our data collection process covers both popular generic browsers (e.g., Chrome, Firefox, and Safari) as well as privacy-focused browsers (e.g., Brave, Duck Duck Go, and Firefox-Focus). We use dynamic analysis of runtime execution traces and static analysis of source codes to highlight the tracking behavior of invasive fingerprinters. We also find evidence of tailored content being served to different browsers. In particular, we note that Firefox Focus sees altered script code, whereas Brave and Duck Duck Go have highly similar content. To test the privacy protection of browsers, we measure the responses of each browser in blocking trackers and advertisers and note the strengths and weaknesses of privacy browsers. To establish ground truth, we use well-known block lists, including EasyList, EasyPrivacy, Disconnect and WhoTracksMe and find that Brave generally blocks the highest number of content that should be blocked as per these lists. Focus performs better against social trackers, and Duck Duck Go restricts third-party trackers that perform email-based tracking.}, journal={PROCEEDINGS OF THE THIRTEENTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY, CODASPY 2023}, author={Zafar, Ahsan and Das, Anupam}, year={2023}, pages={3–14} }
 @inproceedings{understanding the privacy implications of adblock plus's acceptable ads_2021, url={http://dx.doi.org/10.1145/3433210}, DOI={10.1145/3433210}, abstractNote={Since its inauguration in 2006 in Taipei, ASIACCS, the ACM Asia Conference on Computer and Communications Security, has become an integral part of scientific community in the field of security and privacy. It has been held in Singapore (2007), Tokyo (2008), Sydney (2009), Beijing (2010), Hong Kong (2011), Seoul (2012), Hangzhou (2013), Kyoto (2014), Singapore (2015), and Xi'an (2016).

ASIACCS 2017 takes place in Abu Dhabi and is organized by the New York University Abu Dhabi, UAE. We received 359 submissions, a new record in the conference's decade-long history. This year's Program Committee comprising 108 security researchers from 26 countries, evaluated submissions through a rigorous review procedure. For the first time in the conference's history, a Shadow Program Committee (SPC), composed of 27 security researchers from 14 countries, was introduced. The task of the SPC members was to comment on the reviews made by the PC members, in addition to reviewing the corresponding papers. On the one hand, the SPC comments greatly helped to significantly enhance the quality the many reviews. On the other hand, to provide the anonymity for SPC members, they could not directly debate with the PC members, which was largely due to technological limitations: HotCRP (or any review software for that matter) is not designed to have some accounts only seeing some information. We had a discussion of doubleblind vs. single-blind requirements. One of our main goals when designing the system was to ensure that junior reviewers in the SPC could raise criticism of senior reviewers with impunity. Despite the management effort, we believe that implementing the SPC concept was successful. We also learned useful lessons on how to improve it.

After the review process concluded, 67 full papers were accepted to be presented at the conference, representing an acceptance rate of about 18%. In addition, 4 short papers and 10 posters/demos were also included in the program.

We have a strong technical program along with 5 specialized pre-conference workshops, three tutorials and an invited talk track that is introduced this year.

The pre-conference workshops are 4th ACM ASIA Public-Key Cryptography Workshop (APKC 2017), ACM Workshop on Blockchain, Cryptocurrencies and Contracts (BCC'17), 3rd ACM Cyber-Physical System Security Workshop (CPSS 2017), 3rd International Workshop on IoT Privacy, Trust, and Security (IoTPTS 2017), 4th International Workshop on Security in Cloud Computing (SCC).

We are fortunate to have distinguished keynote and invited speakers as well as tutorial lecturers who will present insights into current and future security and privacy research trends. There are three keynotes: Ross Anderson (University of Cambridge, UK), Christof Paar (Ruhr-University Bochum, Germany), and Gregory Neal Akers (Senior Vice President, Cisco Systems). Additionally, there are six invited talks by Mustaque Ahamad (Georgia Institute of Technology, US), Srdjan Capkun (ETH, Switzerland), Ivan Martinovic (Oxford University, UK), David Naccache (ENS, France), Matthias Payer (Purdue, US) and Gene Tsudik (UC Irvine, US). Finally, the conference features three tutorial lectures given by N. Asokan and Andrew Paverd (Aalto University, Finland), Johannes Buchmann (TU Darmstadt, Germany), Ghassan Karame (NEC) and Alexandra Dmitrienko (ETH, Switzerland).}, booktitle={Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security}, year={2021}, month={May} }