2021 Volume 29 Pages 649-656
Privacy issues due to web tracking are a continuously evolving problem. One tracking method utilizes third-party cookies. This method analyzes user behavior and interest on the Web by sharing cookies with third-party vendors such as analytics and advertising brokers. Several regulations on third-party cookies have been considered by countries and browser vendors to address privacy issues due to such excessive web tracking. However, third-party vendors continue to track users with new technologies such as link decoration that embeds cookies in URLs and CNAME cloaking which tricks browsers into treating third-party cookies as a first-party. In this paper, we analyze cookie sharing by link decoration and CNAME cloaking and reveal their privacy issues. In addition, we reveal new security risks emerging from these technologies.