Despite the many solutions proposed by industry and the research community to address spyware, this problem continues to grow. Many of today's anti-spyware approaches are inspired by techniques used against related security problems, such as worms, DoS attacks, computer viruses, and spam. Although these techniques have been retrofitted to address spyware, they remain ineffective because they rely on the compromised host to detect and remove spyware. Once a host is compromised, attackers often find simple ways to escape spyware detection and removal.

This paper presents SpySaver - a novel anti-spyware approach that reduces the incentive to deploy spyware. Our approach does not prevent spyware installations, nor does it recover from them. Instead, SpySaver decreases the value of the information spyware collects by creating counterfeit information. Our goal is to generate enough counterfeit information to devalue the information gathered by spyware to the point that we eliminate the incentive to collect it in the first place. In this paper, we present our approach and an initial design of a tool that produces realistic counterfeit information about the browsing patterns of Web users.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	CEXX.ORG. Adware, Spyware, and other unwanted "malware" - and how to remove them, February 2005. http://www.cexx.org/adware.htm.
	2	L. D. Cheveallier. Spyware and Network Security. SANS Institute White Paper, August 2001.
	3	D. L. Cook, R. Baratto, and A. D. Keromytis. Remotely Keyed CryptoGraphics - Secure Remote Display Access Using (Mostly) Untrusted Hardware. Technical Report CUCS-050-04, Columbia University, December 2004.
	4	Richard S. Cox , Steven D. Gribble , Henry M. Levy , Jacob Gorm Hansen, A Safety-Oriented Platform for Web Applications, Proceedings of the 2006 IEEE Symposium on Security and Privacy, p.350-364, May 21-24, 2006  [doi>10.1109/SP.2006.4]
	5	Cynthia Dwork , Moni Naor, Pricing via Processing or Combatting Junk Mail, Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, p.139-147, August 16-20, 1992
	6	Earthlink. Earthlink Spy Audit, June 2004. http://www.earthlink.net/spyaudit/press/.
	7	B. Edelman. WhenU Violates Own Privacy Policy, July 2004. http://www.benedelman.org/spyware/whenu-privacy/.
	8	B. Edelman. State Spyware Legislation, February 2005. http://www.benedelman.org/spyware/legislation/.
	9	B. Edelman. The Spyware - Click-Fraud Connection - and Yahoo's Role Revisited, April 2006. http://www.benedelman.org/news/040406-1.html.
	10	Federal Trade Commission. Monitoring Software on Your PC: Spyware, Adware, and Other Software, April 2004. http://www.ftc.gov/bcp/workshops/spyware/transcript.pdf.
	11	Google. Contextual Advertising FAQ, February 2005. https://adwords.google.com/select/ct_faq.html.
	12	Google. Google Privacy Center: Privacy Policy, February 2005. http://www.google.com/privacy.html.
	13	House of Representatives. SPY Act, February 2005. http://thomas.loc.gov/cgi-bin/query/z?c109:H.R.29:.
	14	Thede Loder , Marshall Van Alstyne , Rick Wash, An economic answer to unsolicited communication, Proceedings of the 5th ACM conference on Electronic commerce, May 17-20, 2004, New York, NY, USA  [doi>10.1145/988772.988780]
	15	M. McCardle. How Spyware fits into Defense in Depth. SANS Institute White Paper, January 2003.
	16	C. Metz. Is Google Invading Your Privacy?, February 2003. http://www.pcmag.com/article2/0,4149,904096,00.asp.
	17	S. Olsen. Software replaces banner ads on top sites. C|Net News.Com article, August 2001.
	18	PCPitstop. Eight-Seven Percent of WhenU Users are Unware They Are Using It, March 2004. http://www.pcpitstop.com/spycheck/whenu.asp.
	19	Stefan Saroiu , Steven D. Gribble , Henry M. Levy, Measurement and analysis of spywave in a university environment, Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation, p.11-11, March 29-31, 2004, San Francisco, California
	20	D. Saurino. Adware and Spyware: A Growing Privacy and Security Problem. SANS Institute White Paper, August 2004.
	21	J. Schartz. "Acquitted man says virus put pornography on computer". New York Times article, August 2003.
	22	M. Shaw and S. D. Gribble. Reverse Firewalls in Denali. In Work in Progress Presented at the 5th Symposium on Operating Systems Design and Implementation (OSDI), Boston, MA, December 2002.
	23	SpywareInfo. Is the Google Toolbar Spyware?, December 2002. http://www.spywareinfo.com/newsletter/archives/december-2002/12102002.php.
	24	S. Tuecke, V. Welch, D. Engert, L. Pearlman, and M. Thompson. RFC3820: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile, June 2004.
	25	Yi-Min Wang , Roussi Roussev , Chad Verbowski , Aaron Johnson , Ming-Wei Wu , Yennun Huang , Sy-Yen Kuo, Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for Spyware Management, Proceedings of the 18th USENIX conference on System administration, November 14-19, 2004, Atlanta, GA
	26	WhenU.com. How WhenU Works, February 2005. http://www.whenu.com/how_whenu_works.html.
	27	Wired. How Click Fraud Could Swallow the Internet, January 2006. http://www.wired.com/wired/archive/14.01/fraud.html.
	28	Zone Labs. Zone Labs: Zone Labs, Internet security products, online safety, software, protection., February 2005. http://www.zonelabs.com.