Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B...

31
Who is Fiddling with Prices? Building and Deploying a Watchdog Service for E-commerce $heriff_V2 Costas Iordanou Claudio Soriente Michael Sirivianos Nikolaos Laoutaris

Transcript of Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B...

Page 1: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Who is Fiddling with Prices? Building and Deploying a Watchdog

Service for E-commerce

$heriff_V2 Costas Iordanou Claudio Soriente

Michael Sirivianos Nikolaos Laoutaris

Page 2: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Walkingintoabrickandmortarstoreeveryoneseesthesameprice,beitforfreshvegetableorapairofjeans

2

Page 3: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

UserA

UserB

Naviga=ngintoane-commercestorewhatUserAsees…isnotwhatUserBgets.

Evenmoreinteres=ngly,youhavenoeasywayofknowingthatothersseedifferentprices.Thereasonis… 3

Page 4: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Ane-commercestoreislikeStarTrek’sholodeck

eachonecanhaveadifferentworldpaintedaroundhim(+hecannotseeintoneighboringworlds) 4

Page 5: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

EnterthePrice$heriff

Afirstsmallsteptowardslookingbehindandthroughthematrix

Afirst-of-its-kindtransparencysoMwarethatallowsonetoseethepricesasseenbyothers

5

Page 6: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

WhatdoesSheriffdo?

HowdoesSheriffdoit?

Technicalchallenges

Findings

6

Page 7: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

$heriffDemo

7

Page 8: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

8

Page 9: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

WhatdoesSheriffdo?

HowdoesSheriffdoit?

Technicalchallenges

Findings

9

Page 10: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Howdoes$heriffdoit?

Browseradd-on Measurementservers

Coordinatorserver

Databaseserver

Proxyclients

Peerproxybrowsers

Peerbrowserssignals

Components

Frond-endBack-end

Networkofproxies

10

Page 11: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Howdoes$heriffdoit?

Browseradd-on Measurementservers

Coordinatorserver

Databaseserver

Proxyclients

Peerproxybrowsers

1.Requestmeasurementserver

2.Sentrequest

Peerbrowserssignals

3.1RemotePagerequest

4.Storedata

5.Showresults

Servingrequests

11

Page 12: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Whyis$heriffinteres=ng?Hadtosolvesomedifficulttechnicalchallenges:

• BuildaP2Pproxynetwork• Preventuserprofilepollu=on(BrowserandServerside)• Protectuserprivacy• Performuniversalpriceextrac=on• Automatecurrencydetec=on

Gatheredlotsofinteres=ngmeasurements:• Morethan2000e-commercesites,• Includingthetop400accordingtoAlexa• Morethan6000products• Morethan1500realusersin55countries• Morethan0.7millionmeasurementpoints

12

Page 13: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

WhatdoesSheriffdo?

HowdoesSheriffdoit?

Technicalchallenges

Findings

13

Page 14: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Measurementservers

Proxyclients

Peerproxybrowsers

3.1RemotePagerequest

3.2RemotePagerequest

Whyhybridnetworkofproxies?Infrastructureproxyclients+Diversepredefinedgeo-loca=ons+Easytosetupandcontrol+Norealusersinvolved

- Nopricevaria=onbasedonpersonaldatacanbeobserved

Peerproxybrowsers+Diverserealuserprofiles+Pricevaria=onsbasedonpersonaldata

-Unpredictableavailabilityandgeo-loca=on-Browsersideprofilepollu=on-Serversideprofilepollu=on

14

Page 15: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

User1,France

France User1

User2,Germany

Germany User2

User3,Italy

Italy User3

User4,USA

USA User4

Peerproxybrowsers

Unpredictableavailabilityandgeo-loca=on

Coordinatorserver

User5,Italy

,User5

Customcommunica=onprotocoloverWebRTCdatachannel

X

Howwesolvedit…

.

.

.UserN,CountryN

CountryN UserN

User6,France

,User6

15

Page 16: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Browser-sideprofilepollu=on

Incomingremotepagerequest

to“e-shop.com/product_A”Measurementservers Peerproxy

browser

Howwesolvedit…

Problem(alteredstate) ChromeAPIsoluOon

Browsinghistory chrome.historyàremovetheentry

Browsercachedmemory chrome.browsingDataàcleancache

Cookies-responseheader chrome.webRequestàremovecookie

Dynamiccookies-JavaScript chrome.cookiesàdeleteinsertedcookies

BrowserextensionAPIs:hips://developer.chrome.com/extensions/api_index

Whendoesithappen?

every=mewesendaremoterequest

16

Iftheuserhasnevervisitedthedomain,wedeletethefollowing

Page 17: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Server-sideprofilepollu=onHowdoesithappen?

=1stpartycookies

Peerproxybrowser

1stpartyserver

Measurementserver

a.com/productX

b.com/productY

c.com/productZ

17

3rdparty13rdparty2

3rdparty33rdpartyN

=3rdpartycookies

Page 18: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Server-sideprofilepollu=onWhendoesithappen?

=1stpartycookies

Peerproxybrowser

1stpartyserver

Measurementserver

a.com/productX

b.com/productY

c.com/productZ

18

incaseswhentheuseralreadyvisitedadomain

3rdparty13rdparty2

3rdparty33rdpartyN

=3rdpartycookies

a.com

Page 19: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Server-sideprofilepollu=onWhendoesithappen?

Remotepagerequeststoe-storedomainsa,bandcpollutetheuserprofileatthe1stand3rdpartydomainserversrespec=vely.

=1stpartycookies

Peerproxybrowser

1stpartyserver

Measurementserver

a.com/productX

b.com/productY

c.com/productZ

19

incaseswhentheuseralreadyvisitedadomain

3rdparty13rdparty2

3rdparty33rdpartyN

=3rdpartycookies

b.com

c.com

Page 20: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Howwesolvedit…using“doppelgänger”profiles

Doppelgänger“aniden.calcopyofsomeone”,aghostinthegermanfolklore.

20

Server-sideprofilepollu=on

Page 21: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Howdowecreateadoppelgänger?

21

Server-sideprofilepollu=on

EncryptedDomainvectors

a.com:10b.com:9c.com:6…

sd4a5l6kj9dlkjsau9w7p4e6r7u0wMn4bvm4bmlvb…

a.com:8b.com:7c.com:5…

Peerproxybrowsers AggregatorServer

Encryptedk-Means

CoordinatorServer

Distances

NewCentroids

Page 22: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Howdowecreateadoppelgänger?

22

Server-sideprofilepollu=on

EncryptedDomainvectors

a.com:10b.com:9c.com:6…

sd4a5l6kj9dlkjsau9w7p4e6r7u0wMn4bvm4bmlvb…

a.com:8b.com:7c.com:5…

Encryptedk-Means

Use

Peerproxybrowsers AggregatorServer CoordinatorServer

Crawling

domain:a.comuserID:985631domain:b.comuserID:654852domain:c.comuserID:851236

DoppelgangersServer

Store

CoordinatorServer

Page 23: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Howdowecreateadoppelgänger?

23

Server-sideprofilepollu=on

EncryptedDomainvectors

a.com:10b.com:9c.com:6…

sd4a5l6kj9dlkjsau9w7p4e6r7u0wMn4bvm4bmlvb…

a.com:8b.com:7c.com:5…

Encryptedk-Mean

Use

Peerproxybrowsers AggregatorServer CoordinatorServer

Crawling

domain:a.comuserID:985631domain:b.comuserID:654852domain:c.comuserID:851236

DoppelgangersServer

Store

CoordinatorServer

Byreplacingtheoriginalcookiesofauserwiththoseofadoppelganger…

remotepagerequestswillpollutethe

doppelgangerprofile.

Page 24: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

WhatdoesSheriffdo?

HowdoesSheriffdoit?

Technicalchallenges

Findings

24

Page 25: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Pricevaria=ons

Threetypesofresults:

Differentgeo-loca=on

Samegeo-loca=on

Temporalmonitoring

25

Page 26: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

FindingsSummary

1.  Pricevaria=onacrosscountries•  76domainsoutof1994•  pricevaria=onupto600%

2.  Pricevaria=onwithinthesamecountry•  7outof76domains(3repeatable)•  pricevaria=onupto7%

3.  Nopricediscrimina=onbasedonpersonaldatadetectedyet

26

Page 27: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

PricesvarydependingonthecountrySystema=ccrawlingdataset

27

30%

Page 28: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Pricesalsovarywithinthesamecountry

28

Page 29: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

Inthepaper

SandboxingDoppelgangerPrivacypreservingk-meansExtendedresultsImplementa=ondetails

29

Page 30: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

1.  $heriffisafirst-of-its-kindtransparencysoMware

2.  Wecommunicatethechallengesinvolvedinthedevelopmentofsuchsystem

3.  Ourarchitectureandimplementa=onchoicescanhelpothersbuildsimilarservices

Maintakeaways

30

Page 31: Building and Deploying a Watchdog Service for E-commerce · 2017. 10. 27. · User A User B Navigang into an e-commerce store what User A sees … is not what User B gets. Even more

$heriff_V2

email:[email protected]:hip://www.=d.es/research/researchers/costas-iordanou

hip://sheriff-v2.dynu.net

Availablefor:

31


User guide commerce english appcrazee palmity

User guide commerce english appcrazee palmity

ⁿ.2015.02 .SACNA.CO.ZA South African Clinical ... (2).pdfⁿ.2015.02 NEWSLETTER brainwaves.SACNA.CO.ZA South African Clinical Neuropsychological Association SACNA ONLINE Navigang

ⁿ.2015.02 .SACNA.CO.ZA South African Clinical ... (2).pdfⁿ.2015.02 NEWSLETTER brainwaves.SACNA.CO.ZA South African Clinical Neuropsychological Association SACNA ONLINE Navigang

Enhancing User Engagement in Electronic Commerce Through ...umu.diva-portal.org/smash/get/diva2:952641/FULLTEXT01.pdf · Enhancing User Engagement in Electronic Commerce Through the

Enhancing User Engagement in Electronic Commerce Through ...umu.diva-portal.org/smash/get/diva2:952641/FULLTEXT01.pdf · Enhancing User Engagement in Electronic Commerce Through the

Social User Generated Commerce

Social User Generated Commerce

New trends in e-commerce user experience

New trends in e-commerce user experience

Salesware E-Commerce User Guide - accesso Technology Group

Salesware E-Commerce User Guide - accesso Technology Group

Atg Commerce Service Center User Guide

Atg Commerce Service Center User Guide

Cisco Commerce User Guide Co-Terming and Detaching ... · Cisco Commerce User Guide Co-Terming and Detaching Services in ... Content Authors/Publisher – Cisco Commerce Change ...

Cisco Commerce User Guide Co-Terming and Detaching ... · Cisco Commerce User Guide Co-Terming and Detaching Services in ... Content Authors/Publisher – Cisco Commerce Change ...

Predic’ve)Modeling)for) Navigang)Social)Media - …€™ve)Modeling)for) Navigang)Social)Media Dissertaon)Defense)by) ... Assignment Relaonship) Navigaon)in) ... 103 hci)interac’on)interface)

Predic’ve)Modeling)for) Navigang)Social)Media - …€™ve)Modeling)for) Navigang)Social)Media Dissertaon)Defense)by) ... Assignment Relaonship) Navigaon)in) ... 103 hci)interac’on)interface)

Navigang the Gray: Clinical Decision- Making with Families ...

Navigang the Gray: Clinical Decision- Making with Families ...

E-commerce User Interface Design - Lawrence-najjar.com

E-commerce User Interface Design - Lawrence-najjar.com

Cisco Commerce User Guide · Cisco Commerce Getting Started With Cisco Commerce User Guide Cisco Proprietary

Cisco Commerce User Guide · Cisco Commerce Getting Started With Cisco Commerce User Guide Cisco Proprietary

EPiServer Commerce User Guide · The EPiServer Commerce User Guide 13 ... File Management 33 ... (including Variations and SKUs, SEO, Associations, Assets) 83

EPiServer Commerce User Guide · The EPiServer Commerce User Guide 13 ... File Management 33 ... (including Variations and SKUs, SEO, Associations, Assets) 83

Enhance your e commerce pdx ga user group

Enhance your e commerce pdx ga user group

Social Commerce: The Case for User Reviews

Social Commerce: The Case for User Reviews

User Gratification and E-Commerce

User Gratification and E-Commerce

User Manual Weighing Indicator - Mag Commerce

User Manual Weighing Indicator - Mag Commerce

Cisco Commerce Companion User Guide Commerce Companion Guide for Distributors User Guide Cisco Proprietary

Cisco Commerce Companion User Guide Commerce Companion Guide for Distributors User Guide Cisco Proprietary

Day in the life of a mobile commerce user

Day in the life of a mobile commerce user

Navigang Minefields and Surviving Torren’al Waters on the … 1.pdf · 2020-03-11 · Navigang Minefields and Surviving Torren’al Waters on the Servant’s Journey Leading through

Navigang Minefields and Surviving Torren’al Waters on the … 1.pdf · 2020-03-11 · Navigang Minefields and Surviving Torren’al Waters on the Servant’s Journey Leading through