Pere Barlet

GuardXP: From Data Privacy to Improved Cybersecurity

Author image
Pere Barlet

6 min read

tools privacy community projects fund
0
Article lead image

GuardXP is a collaborative project between UPC and CSUC supported by the RIPE NCC Community Projects Fund 2024. It aims to develop a privacy-enhancing tool to combat web tracking and data exploitation. Unlike traditional blacklist-based solutions, GuardXP uses code analysis to detect and block tracking scripts without compromising website functionality.

The problem: Web tracking and data brokers

As more personal and business data is transmitted over the Internet and stored online, data privacy becomes a more critical concern for individuals, organisations, and governments alike. Effective data privacy measures are essential to prevent financial fraud, identity theft, and reputational harm, and are crucial for maintaining the security and integrity of digital systems.

While many cybersecurity initiatives have focused on enhancing security systems to protect and defend against major cybersecurity threats, such as phishing, ransomware and supply chain attacks, data privacy remains a critical aspect of cybersecurity that is often overlooked.

Every time we browse the web, shop online, or interact on social media platforms, we are unconsciously leaving behind a trail of sensitive personal data, including our interests, behaviours, and even our geographical locations. This information does not simply vanish. Instead, it is systematically harvested, aggregated, and traded by data brokers in largely opaque data marketplaces. Worse yet, such data is increasingly exploited by malicious actors for targeted phishing, fraud, identity theft, and other forms of cybercrime.

Introducing GuardXP

GuardXP is a collaborative project between Universitat Politècnica de Catalunya (UPC) and the Consorci de Serveis Universitaris de Catalunya (CSUC), supported by the RIPE NCC Community Projects Fund 2024. The project aims to develop an innovative tool that enhances user privacy while browsing the Internet.

GuardXP actively monitors web connections and automatically removes tracking code from online resources, without affecting website functionality. It prevents data brokers from tracking user activity and reduces the risk of information leakage. The solution is available in three formats: a browser extension, a mobile application for individual users, and a web proxy for organisations. GuardXP is an open source project and it has been specifically designed to ensure that no personal data is collected or shared, making it safe for use by both individuals and organisations.

Limitations of existing tools

To safeguard their online privacy, many users rely on ad blockers, privacy-focused browsers (e.g., Brave), VPNs, or anonymous networks like Tor.

Among them, the most popular and effective approach against web tracking is the use of browser add-ons or extensions, such as uBlock Origin, AdBlock Plus or Privacy Badger. It is estimated that currently between 30% and 40% of Internet users are using some form of ad blocking system. However, these solutions predominantly depend on blacklists that compile known ad and tracking domains and, consequently, are inherently limited in several key aspects:

  1. They are hard to maintain: Blacklists require continuous updates to remain effective.
  2. They miss new trackers: Blacklists cannot detect zero-day tracking scripts or domains.
  3. They are easy to evade: Trackers can circumvent blacklists by frequently rotating domain names.
  4. They break website functionality: Blocking entire resources can disrupt legitimate site features. Consequently, some trackers are whitelisted to preserve usability, which compromises privacy.

GuardXP technology

GuardXP is built on two research-backed technologies developed at UPC BarcelonaTech and published at IEEE INFOCOM: TrackSign and ASTrack. Instead of relying on blacklists, both proposals are based on analyzing the actual code of a website. Key advantages of this approach include:

  • Automated detection: Tracking scripts are identified algorithmically based on code patterns, without manual intervention.
  • Domain-agnostic functionality: Tracking detection is independent of hosting domains.
  • Granular blocking: Only tracking-specific portions of the code are removed, better preserving legitimate web site functionality.

This is achieved through the construction of Abstract Syntax Trees (ASTs), which represent the structure of JavaScript resources. Each subtree is evaluated based on two metrics:

  • Popularity: How often a given code pattern appears across websites
  • Dirtiness: How often it is found near already known tracking scripts or domains
GuardXP Abstract Syntax Tree (AST)

The intuition behind this solution is based on two observations: (1) there is a limited number of ways to obtain tracking information (e.g., the JavaScript API is bounded); and (2) new web tracking methods will become popular at some point. By focusing on AST analysis, GuardXP is able to identify tracking methods with higher precision and to neutralise them effectively by blocking only the parts of the code that are devoted to tracking, while keeping the rest of (legitimate) code intact.

More details about our methodology can be found in our recent papers [1] and [2]. In our experimental evaluation with more than 100,000 websites, the system detected over 12,000 new tracking scripts hosted on more than 300,000 unique URLs, none of which were listed in existing blacklists. Furthermore, the solution demonstrated a 30% improvement in preserving website functionality compared to leading ad blockers.

Project status

NetSamurai Plugin

In the first 6 months of the project we developed NetSamurai, a browser add-on for Firefox and a mobile application for Android, that implements the GuardXP technology. True to its name, it slices out tracking elements with precision, instead of blocking full resources. NetSamurai is open source and can be downloaded for free from the Firefox and Google Play Stores. NetSamurai does not collect any information about the user and does not share any information with us or with any other party.

NetSamurai was officially presented at the Mobile World Congress (MWC) and the 4YFN (Four Years From Now) innovation event in Barcelona in March 2025.

The next phase of the project will focus on the development of a web proxy version of NetSamurai, designed for enterprise and institutional environments. In parallel, we will undertake an in-depth analysis of the most prominent data brokers and tracking practices currently active on the web.

For further details or to try our tools, please visit https://ikusa.tech/guardxp

GuardXP team at 4YFN / MWC 2025 in Barcelona (March 2025)

References

  1. Ismael Castell-Uroz, Josep Solé-Pareta, and Pere Barlet-Ros. TrackSign: Guided Web Tracking Discovery. IEEE INFOCOM, Vancouver, Canada, March 2021.
  2. Ismael Castell-Uroz, Kensuke Fukuda, and Pere Barlet-Ros. ASTrack: Automatic Detection and Removal of Web Tracking Code with Minimal Functionality Loss. IEEE INFOCOM, New York, USA, May 2023.
tools privacy community projects fund
0

About the author

Author image
Pere Barlet Based in Barcelona, Spain

I am a Full Professor with UPC BarcelonaTech and Scientific Director at the Barcelona Neural Networking Center (BNN). Between 2013-2018, I was co-founder and chairman at Talaia Networks, an AI-based cybersecurity startup. For this activity I received research valorization awards from both the Catalan Government and UPC, including the Fiber Entrepreneurs award to the best entrepreneur of the Barcelona School of Informatics (FIB). My recent research activity has focused on the development of novel AI-based methods for network management, optimization, monitoring and cybersecurity. These methods have been integrated in several open-source and commercial products, such as Network Polygraph, Auvik Traffic Insights, Intel CoMo and SMARTxAC. My group and I are also considered pioneers in the application of Graph Neural Networks (GNN) in the area of computer networks.

Comments 0