Skip to content
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Cookies That Give You Away: The Surveillance Implications of Web Tracking

This is the public code release for our WWW 2015 paper. You should also check out the paper, the presentation, and the data.

Data Collection

The measurements were taken on three Amazon EC2 instances using OpenWPM v0.1, which is included in this repo.

  • - Run a specific crawl, settings should be changed here for each configuration. Only a single configuration from the paper is included here.
  • / / - Run after the crawl, on the same instance. This will do DNS lookups for each unique hostname seen during the crawl and run a traceroute to each.
  • - Create Alexa profiles by randomly subsampling the respective top alexa sites from alexa_top_500_{IE,JP,US}.txt.
  • - Create union_of_sites.txt, a list of sites to feed into synchronized crawls for ID detection.
  • profiles - Contains the 25 AOL profiles used in the paper, as well as three Alexa models as pickled Python objects.
  • automation - OpenWPM v0.1

Data Analysis

  • / / - Will extract ID cookies using two SQLite databases created through a synchronized crawl, as described in Section 4.5 of the paper.
  • - Builds cookie linking graph based on parameters set in generate_samples(), as described in section 4.6 of the paper.
  • / - Adds several columns to the crawl databases, including the geocheck described in Section 4.4 of the paper.
  • / - Parses HTTP Request/Response headers to pull out cookies. Integrated into the more recent releases of OpenWPM.
    • NOTE: is included in the python standard library, but its parsing rules are nowhere near what is used in practice. The version here is heavily modified. I recommend using, which is based on RFC 6265.
  • - parses and prints statistics on identity leakers given in identity_leaks.txt



Code release for: Cookies that give you away: The surveillance implications of web tracking



No releases published


No packages published
You can’t perform that action at this time.