Information Theory Workshop on , pages 37–41. IEEE, 2009.
 J. A. Elices and F. Pérez-González. The flow fingerprinting game. In 2013 IEEE International Workshop on Information Forensics and Security, WIFS 2013, Guangzhou, China, November 18-21, 2013 , pages 97–102, 2013.
 J. A. Elices and F. Pérez-González. A highly optimized flow-correlation attack. CoRR , abs/1310.4577, 2013.
 B. F. U. Filho, R. D. Souza, C. Pimentel, and M. Jar. Convolutional codes under a minimal trellis complexity measure. IEEE Trans. Communications , 57(1):1–5, 2009
Mojtaba Eskandari, Bruno Kessler, Maqsood Ahmad, Anderson Santana de Oliveira and Bruno Crispo
Amirtha. Safe Harbor was for EU privacy: But how safe is US data in Europe? http://www.zdnet.com/article/safe-harbor-was-for-eu-privacy-but-how-safe-is-us-data-ineurope/, 2015.
 AppFigures. A tracking platform to monitor the sales and downloads of apps. http://AppFigures.com.
 Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps
Amit Datta, Michael Carl Tschantz and Anupam Datta
. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duchesnay, “Scikit-learn: Machine learning in Python,” Journal of Machine Learning Research, vol. 12, pp. 2825-2830, 2011.
 E. Jones, T. Oliphant, P. Peterson et al., “SciPy: Open source scientific tools for Python,” 2001, http://www.scipy.org/.
 M. C. Tschantz, A. Datta, A. Datta, and J. M. Wing, “A methodology for information flow experiments,” ArXiv, Tech. Rep. arXiv:1405.2376v1, 2014.
 P. Good, Permutation, Parametric and
Networking (ToN), 9(6):733-745, 2001.
 S. Hahn and K. Loesing. Privacy-preserving Ways to Estimate the Number of Tor Users. Technical Report 2010-11-001, Tor Project, November 2010.
 A. Houmansadr and N. Borisov. SWIRL: A Scalable Watermark to Detect Correlated Network Flows. In Network and Distributed System Security Symposium (NDSS), 2011.
 A. Houmansadr, C. Brubaker, and V. Shmatikov. The Parrot is Dead: Observing Unobservable Network Communications. In IEEE Symposium on Security and Privacy (Oakland), 2013
P. F. Syverson. Hiding Routing Information. In R. Anderson, editor, Proceedings of Information Hiding: First International Workshop , pages 137–150. Springer-Verlag, LNCS 1174, May 1996.
 N. Hopper, E. Y. Vasserman, and E. Chan-Tin. How much anonymity does network latency leak? In Proceedings of CCS 2007 , October 2007.
 A. Houmansadr and N. Borisov. Swirl: A scalable watermark to detect correlated network flows. In Proceedings of the Network and Distributed Security Symposium - NDSS’11 . Internet Society, February 2011.
Georgia Fragkouli, Katerina Argyraki and Bryan Ford
effectiveness of traffic analysis against anonymity networks using flow records. In International conference on passive and active network measurement , pages 247–257. Springer, 2014.
 Ruichuan Chen, Alexey Reznichenko, Paul Francis, and Johanes Gehrke. Towards statistical queries over distributed private user data. In Presented as part of the 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI 12) , pages 169–182, San Jose, CA, 2012. USENIX.
 David Clark. The design philosophy of the DARPA Internet protocols. ACM SIGCOMM Computer
. In 2014 Network and Distributed System Security (NDSS) Symposium, 2014.
 Amir Houmansadr, Wenxuan Zhou, Matthew Caesar, and Nikita Borisov. Sweet: Serving the web by exploiting email tunnels. arXiv preprint arXiv:1211.3191, 2012.
 Wolfgang John, Maurizio Dusi, and K. C. Claffy. Estimating routing symmetry on single links by passive flow measurements. In Proceedings of the 6th International Wire- less Communications and Mobile Computing Conference, IWCMC ’10, pages 473-478, New York, NY, USA, 2010. ACM.
Natã M. Barbosa, Joon S. Park, Yaxing Yao and Yang Wang
experiment on willingness-to-sell and willingness-to-protect personal information. In WEIS 2007 .
 Jason Hong. 2017. The privacy landscape of pervasive computing. IEEE Pervasive Computing 16, 3 (2017), 40–48.
 Xiaodong Jiang, Jason I Hong, and James A Landay. 2002. Approximate information flows: Socially-based modeling of privacy in ubiquitous computing. In UbiComp 2002 . Springer, 176–193.
 Juniper 2017. Juniper - digital voice assistants. (2017). https
Nested symmetric encryption is a well-known technique for low-latency communication privacy. But just what problem does this technique aim to solve? In answer, we provide a provable-security treatment for onion authenticated-encryption (onion-AE). Extending the conventional notion for authenticated-encryption, we demand indistinguishability from random bits and time-of-exit authenticity verification. We show that the encryption technique presently used in Tor does not satisfy our definition of onion-AE security, but that a construction by Mathewson (2012), based on a strong, tweakable, wideblock PRP, does do the job. We go on to discuss three extensions of onion-AE, giving definitions to handle inbound flows, immediate detection of authenticity errors, and corrupt ORs.
Justin Brookman, Phoebe Rouge, Aaron Alva and Christina Yeung
Internet advertising and analytics technology companies are increasingly trying to find ways to link behavior across the various devices consumers own. This cross-device tracking can provide a more complete view into a consumer’s behavior and can be valuable for a range of purposes, including ad targeting, research, and conversion attribution. However, consumers may not be aware of how and how often their behavior is tracked across different devices. We designed this study to try to assess what information about cross-device tracking (including data flows and policy disclosures) is observable from the perspective of the end user. Our paper demonstrates how data that is routinely collected and shared online could be used by online third parties to track consumers across devices.