Title: Reproducible and Longitudinal Measurements of Web Security and Tracking
Advisors: Yoshi Kohno and Franzi Roesner
Supervisory Committee: Yoshi Kohno (co-Chair), Franzi Roesner (co-Chair), David Mcdonald (GSR, HCDE), and Arvind Krishnamurthy
Abstract: Threats to the security and privacy of the web are threats to people, infrastructure, commerce, and privacy. Measuring the web lets us understand what threats exist, how dangerous they are, who they threaten, and what can be done to mitigate them. Unfortunately, the web changes constantly, and with it, so do those threats. Our science needs to reflect this change to keep us one step ahead of it. This means our measurements of web security and tracking are constantly shifting in their techniques and findings.
Rapidly changing measurements of a rapidly changing web have made it difficult to pursue the scientific goal of reproducible measurements. Changes leave us wondering why our reproductions failed. We may not know if it was because of mistakes, because the measured property is naturally variable, or because the web has changed. Longitudinal studies are also rare, perhaps because we can't predict the future well enough to know what will be relevant in ten or twenty years, to start measuring it now.
In this dissertation, I propose to develop and evaluate a set of techniques and tools to more easily reproduce web security and tracking measurements. These techniques will use web archives as a data source. Archives such as the Wayback Machine, a publicly available archive which preserves a large fraction of the web back to its earliest days, can provide us the ability to browse, crawl, and measure the web as it appeared in the past.