Understanding Regional Filter Lists: Efficacy and Impact - Prof. Dr. Norbert Pohlmann

Understanding Regional Filter Lists: Efficacy and Impact

B. Acharya, C. Böttger, N. Demir, T. Holz, J. Hörnemann, M. Große-Kampmann, Norbert Pohlmann (Institut für Internet-Sicherheit), T. Urban:
„Understanding Regional Filter Lists: Efficacy and Impact“,
Proceedings of The 25th Privacy Enhancing Technologies Symposium (PETS)
Washington, DC, USA, 2025

Abstract

Filter lists are used by various users, tools, and researchers to identify tracking technologies on the Web. These lists are created and maintained by dedicated communities. Aside from popular blocking lists (e.g., EasyList), the communities create region-specific blocklists that account for trackers and ads that are only common in these regions. The lists aim to keep the size of a general blocklist minimal while protecting users against region-specific trackers. In this paper, we perform a large-scale Web measurement study to understand how different region-specific filter lists (e.g., a blocklist specifically designed for French users) protect users when visiting websites. We define three privacy scenarios to understand when and how users benefit from these regional lists and what effect they have in practice. The results show that although the lists differ significantly, the number of rules they contain is unrelated to the number of blocked requests. We find that the lists’ overall efficacy varies notably. Filter lists also do not meet the expectation that they increase user protection in the regions for which they were designed. Finally, we show that the majority of the rules on the lists were not used in our experiment and that only a fraction of the rules would provide comparable protection for users.

Keywords
user tracking, tracking protection, filter lists, web privacy, adblocker

1 Introduction

Ads are central to today’s Web ecosystem, primarily serving as a revenue source for online businesses, content creators, services, and other entities. For many websites, especially those that offer free content, advertising is the primary means of monetization. This model leads to considerable security and privacy problems. One of the most significant issues is the pervasive tracking that underpins targeted advertising: To maximize the effectiveness of advertising, advertisers and third-party networks often use tracking
technologies such as cookies [25 , 28 , 54 , 55 ] and fingerprinting [22 , 33, 40].
Such security and privacy concerns lead to use of ad blocking and tracking blocking techniques. Such blockers use filter lists to identify and block requests to known ad servers and remove website advertising elements based on predefined rules. A filter list is a collection of rules and patterns designed to detect and block unwanted website content, such as advertising, tracking scripts, and other intrusive elements. When a user visits a website, the ad blocker compares the page’s content with the filter list and dynamically blocks elements that match the specified patterns. Popular lists such as EasyList [19 ] are maintained by a community of volunteers who continually update them to keep up with evolving advertising techniques and new tracking methods. Ad blocker users can subscribe to these lists to ensure their browsing experience remains free from unwanted interruptions and privacy intrusions. Regional filter lists are specialized rules tailored to block ads and tracking scripts specific to certain geographic regions, languages, or cultural norms [ 20]. These lists address the unique advertising practices, ad networks, and tracking mechanisms prevalent worldwide that global filter lists may not comprehensively cover. Popular blockers like AdBlock [2 ] or uBlock [44 ] recommend using regional filter lists if you browse non-English websites. For instance, a regional filter list for Japan would contain rules for blocking advertising from Japanese advertising networks and content in Japan. Ad-blocking software can potentially provide more effective and localized ad blocking by including regional filter lists, ensuring that users in different regions enjoy a cleaner and more relevant browsing experience. These lists are often maintained by local communities or experts who know the regional advertising landscape.
In this paper, we analyze the effects associated with regional filter lists in different scenarios. To this end, we conduct a largescale measurement study to understand how these lists affect users’ browsing experience and privacy. More specifically, we analyze nine country-specific filter lists provided by the EasyList community and study three privacy scenarios to understand when and how users benefit from regional lists. Using our measurement framework, we visited over 1.8 million pages, collected over 207 million HTTP requests, and stored over 579 GB of data for analysis. We found that most of the used region-specific filter lists only block a minimal number of requests and that lists designed for other regions may outperform specialized lists even in a local setting. Furthermore, we find that lists do not meet the expectation that they perform well when users visit websites that belong to the region the list
was designed for, questioning the need for localized blocklists. Our results show that most rules (93%) in the filter lists are not used.

In summary, we make the following contributions:

Large-scale measurement to understand the impact of localized filter lists: We collect regional filter lists (n = 9) that intersect with measurement locations worldwide. We provide a real-world measurement framework that allows researchers to analyze the impact of regional filter lists on security and privacy.
Impact of Regional Filter Lists of Privacy: Our findings show that regional filter lists do not significantly enhance privacy in targeted regions and are often more effective in other regions. Combined with a standard filter list like EasyList, they provide benefits, suggesting that regional lists alone are insufficient.
Effectiveness of Filter List Rules: Our analysis reveals that only 7% of the rules in filter lists are effective in identifying tracking requests, highlighting the potential for significant optimization. To aid this, we propose a master list for maintainers.

2 Background & Terminology

First, we want to introduce important terminology used throughout the paper and describe the fundamentals of filter lists.

Terminology. We use the term site to refer to the registrable segment of a specified domain, commonly known as “extended/effective Top Level Domain plus one” (eTLD+1) [ 8, 15 , 37 , 53 ]. The top-level domain (TLD) is the portion of a domain name after the last dot (e.g., example.edu, the TLD is edu). However, this structure does not always apply because many registrars allow organizations to register domains directly under the TLD (e.g., example.ac.uk). The Public Suffix List [ 1 ] is a compilation of all suffixes under which organizations can directly register domain names, also known as extended/effective TLDs (eTLDs). The term eTLD+1 refers to an eTLD combined with the next part of the domain name. For instance, in the URL https://www.example.edu/, the eTLD+1 is example.edu (the www. part is not part of the eTLD+1), while in https://foobar.co.uk/, the eTLD+1 is foobar.co.uk. The term page (or webpage) refers to a distinct URL or, more precisely, the document (e.g., HTML or JavaScript) located at that URL.

Filter Lists. Filter lists are a standard tool to block the loading of advertisements or trackers on the Web. Over time, different lists emerged that aim to block various types of content (e.g., regionspecific ads or ads that contain adult content). Tracking-protection tools (e.g., ad blockers) typically use these lists to identify trackers or other privacy-invasive objects. These tools are commonly implemented as browser extensions or, in some cases, directly embedded into the browser. Filter lists are text-based files that contain a set of rules. Usually, each line in a filter list contains a single rule, and commonly used lists often contain tens of thousands of rules [ 19]. The syntax of the rules is very similar to standard regular expressions. These expressions are matched against a given URL and return a binary result that indicates whether the URL belongs to a tracker.

…

kostenlos downloaden