Abstract
Browser extension fingerprinting poses a dual privacy threat to users, as it can be used for both tracking (e.g., as part of browser fingerprinting systems) and directly inferring sensitive user data (e.g., religion, medical issues). In this work, we conduct a novel study that expands the view held by all prior extension-fingerprinting studies, which were limited to detecting whether an extension is installed or not, and show that extensions can exhibit diverse behaviors and features when personalized by users. We introduce the concept of multi-fingerprinting, which aims to harness extensions that exhibit diverse behaviors due to such personalization. Accordingly, we develop Hecate, a system that employs multiple techniques, including static analysis and fuzzing, for generating diverse extension configurations and capturing the corresponding be-havioral signatures. We conduct an extensive experimental evaluation of Hecate, and find that it triggers diverse behaviors by uncovering and fuzzing configuration options in extensions installed by millions of users. Additionally, we analyze the real-world impact of multi-fingerprinting through a pilot user study, in which 25% of the users can be uniquely identified through multi-fingerprinting. Our study demonstrates the impact of extension personalization on the fingerprintability of extensions, while also highlighting the significant real-world privacy risk posed by multi-fingerprinting.