{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T05:13:48Z","timestamp":1726031628818},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030220372"},{"type":"electronic","value":"9783030220389"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-22038-9_4","type":"book-chapter","created":{"date-parts":[[2019,6,9]],"date-time":"2019-06-09T23:02:31Z","timestamp":1560121351000},"page":"67-85","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["On the Perils of Leaking Referrers in Online Collaboration Services"],"prefix":"10.1007","author":[{"given":"Beliz","family":"Kaleli","sequence":"first","affiliation":[]},{"given":"Manuel","family":"Egele","sequence":"additional","affiliation":[]},{"given":"Gianluca","family":"Stringhini","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,6,6]]},"reference":[{"key":"4_CR1","unstructured":"Alexa top lists. https:\/\/www.alexa.com\/topsites\/category\/Top\/Computers\/Internet\/On_the_Web\/Web_Applications\/Storage . Accessed 09 Feb 2019"},{"key":"4_CR2","unstructured":"Can i use support tables for html5, css3, etc"},{"key":"4_CR3","unstructured":"caniuse.com rel-noreferrer. https:\/\/caniuse.com\/#feat=rel-noreferrer . Accessed 09 Feb 2019"},{"key":"4_CR4","unstructured":"mathiasbynens.github.io rel-noopener. https:\/\/mathiasbynens.github.io\/rel-noopener\/ . Accessed 09 Feb 2019"},{"key":"4_CR5","unstructured":"PDF.js. https:\/\/mozilla.github.io\/pdf.js\/ . Accessed 09 Feb 2019"},{"key":"4_CR6","unstructured":"Referer control. https:\/\/chrome.google.com\/webstore\/detail\/referer-control\/hnkcfpcejkafcihlgbojoidoihckciin . Accessed 09 Feb 2019"},{"key":"4_CR7","unstructured":"Scriptsafe. https:\/\/chrome.google.com\/webstore\/detail\/scriptsafe\/oiigbmnaadbkfbmpbfijlflahbdbdgdf . Accessed 09 Feb 2019"},{"key":"4_CR8","unstructured":"W3C Candidate Recommendation referrer policy. https:\/\/www.w3.org\/TR\/referrer-policy\/ . Accessed 09 Feb 2019"},{"key":"4_CR9","unstructured":"WHATWG link type. https:\/\/html.spec.whatwg.org\/multipage\/links.html#link-type-noreferrer . Accessed 09 Feb 2019"},{"key":"4_CR10","unstructured":"Referer control by keepa.com, March 2017. https:\/\/addons.mozilla.org\/en-US\/firefox\/addon\/referercontrol\/ . Accessed 09 Feb 2019"},{"key":"4_CR11","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-319-55783-0_4","volume-title":"Privacy and Identity Management. Facing up to Next Steps","author":"A Andersdotter","year":"2016","unstructured":"Andersdotter, A., Jensen-Urstad, A.: Evaluating websites and their adherence to data protection principles: tools and experiences. In: Lehmann, A., Whitehouse, D., Fischer-H\u00fcbner, S., Fritsch, L., Raab, C. (eds.) Privacy and Identity 2016. IAICT, vol. 498, pp. 39\u201351. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-55783-0_4"},{"key":"4_CR12","unstructured":"Antonellis, I., Garcia-Molina, H., Karim, J.: Tagging with queries: how and why? In: ACM International Conference on Web Search and Data Mining (WSDM), Barcelona, Spain, p. 4, February 2009"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Antoniades, D., Markatos, E.P., Dovrolis, C.: One-click hosting services: a file-sharing hideout. In: ACM SIGCOMM Internet Measurement Conference (IMC), Chicago, Illinois, USA, p. 223, ACM Press (2009)","DOI":"10.1145\/1644893.1644920"},{"key":"4_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"396","DOI":"10.1007\/978-3-319-66284-8_33","volume-title":"Computer Safety, Reliability, and Security","author":"M Argyriou","year":"2017","unstructured":"Argyriou, M., Dragoni, N., Spognardi, A.: Security flows in OAuth 2.0 framework: a case study. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10489, pp. 396\u2013406. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66284-8_33"},{"key":"4_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1007\/978-3-642-15512-3_22","volume-title":"Recent Advances in Intrusion Detection","author":"M Balduzzi","year":"2010","unstructured":"Balduzzi, M., Platzer, C., Holz, T., Kirda, E., Balzarotti, D., Kruegel, C.: Abusing social networks for automated user profiling. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 422\u2013441. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15512-3_22"},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Barth, A., Jackson, C., Mitchell, J.C.: Robust defenses for cross-site request forgery. In: ACM Conference on Computer and Communications Security (CCS), Alexandria, Virginia, USA, p. 75. ACM Press (2008)","DOI":"10.1145\/1455770.1455782"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Dolnak, I.: Implementation of referrer policy in order to control HTTP Referer header privacy. In: 2017 15th International Conference on Emerging eLearning Technologies and Applications (ICETA) (2017)","DOI":"10.1109\/ICETA.2017.8102477"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Ibosiola, D., Steer, B., Garcia-Recuero, A., Stringhini, G., Uhlig, S., Tyson, G.: Movie pirates of the Caribbean: exploring illegal streaming cyberlockers. In: International AAAI Conference on Web and Social Media (ICWSM), Stanford, CA, p. 10 (2018)","DOI":"10.1609\/icwsm.v12i1.15008"},{"key":"4_CR19","unstructured":"IETF Network Working Group. Hypertext transfer protocol - http\/1.1. https:\/\/tools.ietf.org\/html\/rfc2616#page-140"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Invernizzi, L., Thomas, K., Kapravelos, A., Comanescu, O., Picod, J.-M., Bursztein, E.: Cloak of visibility: detecting when machines browse a different web. In: 2016 IEEE Symposium on Security and Privacy (SP) (2016)","DOI":"10.1109\/SP.2016.50"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Jelveh, Z., Ross, K.: Profiting from filesharing: a measurement study of economic incentives in cyberlockers. In: IEEE International Conference on Peer-to-Peer Computing (P2P), Tarragona, Spain, pp. 57\u201362. IEEE, September 2012","DOI":"10.1109\/P2P.2012.6335811"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Krishnamurthy, B., Wills, C.E.: Cat and mouse: content delivery tradeoffs in web access. In: International Conference on World Wide Web (WWW), Edinburgh, Scotland, p. 337. ACM Press (2006)","DOI":"10.1145\/1135777.1135829"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Krishnamurthy, B., Wills, C.E.: Generating a privacy footprint on the internet. In: ACM SIGCOMM on Internet Measurement (IMC), Rio de Janeriro, Brazil, p. 65. ACM Press (2006)","DOI":"10.1145\/1177080.1177088"},{"key":"4_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/3-540-44595-1_13","volume-title":"Adaptive Hypermedia and Adaptive Web-Based Systems","author":"N Kushmerick","year":"2000","unstructured":"Kushmerick, N., McKee, J., Toolan, F.: Towards zero-input personalization: referrer-based page prediction. In: Brusilovsky, P., Stock, O., Strapparava, C. (eds.) AH 2000. LNCS, vol. 1892, pp. 133\u2013143. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44595-1_13"},{"key":"4_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/978-3-642-41284-4_19","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"T Lauinger","year":"2013","unstructured":"Lauinger, T., Onarlioglu, K., Chaabane, A., Kirda, E., Robertson, W., Kaafar, M.A.: Holiday pictures or blockbuster movies? Insights into copyright infringement in user uploads to one-click file hosters. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 369\u2013389. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-41284-4_19"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Lavrenovs, A., Melon, F.J.R.: Http security headers analysis of top one million websites. In: 2018 10th International Conference on Cyber Conflict (CyCon) (2018)","DOI":"10.23919\/CYCON.2018.8405025"},{"key":"4_CR27","unstructured":"Lazarov, M., Onaolapo, J., Stringhini, G.: Honey sheets: what happens to leaked Google spreadsheets? In: Proceedings of the 9th USENIX Conference on Cyber Security Experimentation and Test (CSET 2016), Austin, TX, p. 8 (2016)"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Li, W. Mitchell, C.J., Chen, T.: Mitigating CSRF attacks on OAuth 2.0 systems. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST) (2018)","DOI":"10.1109\/PST.2018.8514180"},{"key":"4_CR29","unstructured":"Nikiforakis, N., Balduzzi, M., Acker, S.V., Joosen, W., Balzarotti, D.: Exposing the lack of privacy in file hosting services. In: USENIX Conference on Large-Scale Exploits and Emergent Threats, p. 8, March 2011"},{"key":"4_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/978-3-642-31680-7_14","volume-title":"Privacy Enhancing Technologies","author":"N Nikiforakis","year":"2012","unstructured":"Nikiforakis, N., Van Acker, S., Piessens, F., Joosen, W.: Exploring the ecosystem of referrer-anonymizing services. In: Fischer-H\u00fcbner, S., Wright, M. (eds.) PETS 2012. LNCS, vol. 7384, pp. 259\u2013278. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31680-7_14"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Onaolapo, J., Lazarov, M., Stringhini, G.: Master of sheets: a tale of compromised cloud documents. In: Proceedings of the Workshop on Attackers and Cyber-Crime Operations (WACCO), Goteborg, Sweden (2019)","DOI":"10.1109\/EuroSPW.2019.00053"},{"key":"4_CR32","doi-asserted-by":"crossref","unstructured":"Wang, D.Y., Savage, S., Voelker, G.M.: Cloak and dagger. In: Proceedings of the 18th ACM Conference on Computer and Communications Security - CCS 2011 (2011)","DOI":"10.1145\/2046707.2046763"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Wondracek, G., Holz, T., Kirda, E., Kruegel, C.: A practical attack to de-anonymize social network users. In: IEEE Symposium on Security and Privacy, Oakland, CA, USA. IEEE (2010)","DOI":"10.1109\/SP.2010.21"},{"key":"4_CR34","doi-asserted-by":"crossref","unstructured":"Wu, B., Davison, B.D.: Detecting semantic cloaking on the web. In: Proceedings of the 15th International Conference on World Wide Web - WWW 2006 (2006)","DOI":"10.1145\/1135777.1135901"},{"key":"4_CR35","doi-asserted-by":"crossref","unstructured":"Zheng, G., Peltsverger, S.: Web Analytics Overview, 3rd edn., pp. 7674\u20137683. IGI Global, Hershey (2015). Encyclopedia of Information Science and Technology","DOI":"10.4018\/978-1-4666-5888-2.ch756"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-22038-9_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,17]],"date-time":"2023-09-17T09:24:26Z","timestamp":1694942666000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-22038-9_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030220372","9783030220389"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-22038-9_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"6 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Gothenburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Sweden","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dimva2019.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"dimca2019.hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"80","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}