{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,6]],"date-time":"2025-05-06T05:09:10Z","timestamp":1746508150880,"version":"3.40.3"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030372309"},{"type":"electronic","value":"9783030372316"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37231-6_1","type":"book-chapter","created":{"date-parts":[[2019,12,10]],"date-time":"2019-12-10T01:02:43Z","timestamp":1575939763000},"page":"3-25","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["TL;DR Hazard: A Comprehensive Study of Levelsquatting Scams"],"prefix":"10.1007","author":[{"given":"Kun","family":"Du","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hao","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhou","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haixin","family":"Duan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shuang","family":"Hao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baojun","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuxiao","family":"Ye","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mingxuan","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaodong","family":"Su","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guang","family":"Liu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhifeng","family":"Geng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zaifeng","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jinjin","family":"Liang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,12,11]]},"reference":[{"key":"1_CR1","unstructured":"What Is TLDR? (2017). \nhttps:\/\/www.lifewire.com\/what-is-tldr-2483633"},{"key":"1_CR2","unstructured":"How scammers use sub-domains (2016). \nhttp:\/\/easykey.uk\/computer-safety\/how-scammers-use-sub-domains"},{"key":"1_CR3","doi-asserted-by":"crossref","unstructured":"Yang, H., et al.: How to learn klingon without a dictionary: detection and measurement of black keywords used by the underground economy. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE (2017)","DOI":"10.1109\/SP.2017.11"},{"key":"1_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1007\/978-3-642-33338-5_10","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"S Marchal","year":"2012","unstructured":"Marchal, S., Fran\u00e7ois, J., State, R., Engel, T.: Proactive discovery of phishing related domain names. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 190\u2013209. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-33338-5_10"},{"key":"1_CR5","unstructured":"DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION (1987). \nhttps:\/\/tools.ietf.org\/html\/rfc1035"},{"key":"1_CR6","unstructured":"Wang, Y.-M., et al.: Strider typo-patrol: discovery and analysis of systematic typo-squatting. In: SRUTI, vol. 6, No. 31-36 p. 2 (2006)"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., et al.: Bitsquatting: exploiting bit-flips for fun, or profit?. In: Proceedings of The 22nd International Conference on World Wide Web. ACM (2013)","DOI":"10.1145\/2488388.2488474"},{"key":"1_CR8","unstructured":"Wiener, S.: Grass-mud horses to victory: the phonological constraints of subversive puns. In: Proceedings of the 23rd North American Conference on Chinese Linguistics, vol. 1 (2011)"},{"key":"1_CR9","unstructured":"Holgers, T., Watson, D.E., Gribble, S.D.: Cutting through the confusion: a measurement study of homograph attacks. In: USENIX Annual Technical Conference, General Track (2006)"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Kintis, P., et al.: Hiding in plain sight: a longitudinal study of combosquatting abuse. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM (2017)","DOI":"10.1145\/3133956.3134002"},{"key":"1_CR11","unstructured":"Phishing with \u2018punycode\u2019 - when foreign letters spell English words (2017). \nhttps:\/\/nakedsecurity.sophos.com\/2017\/04\/19\/phishing-with-punycode-when-foreign-letters-spell-english-words\/"},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"Liu, B., et al.: A reexamination of internationalized domain names: the good, the bad and the ugly. In: 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (2018)","DOI":"10.1109\/DSN.2018.00072"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Maurer, M.-E., Herzner, D.: Using visual website similarity for phishing detection and reporting. In: CHI 2012 Extended Abstracts on Human Factors in Computing Systems. ACM (2012)","DOI":"10.1145\/2212776.2223683"},{"key":"1_CR14","doi-asserted-by":"crossref","unstructured":"Levchenko, K., Pitsillidis, A., Chachra, N., et al.: Click trajectories: end-to-end analysis of the spam value chain. In: 2011 IEEE Symposium on Security and Privacy, pp. 431\u2013446. IEEE (2011)","DOI":"10.1109\/SP.2011.24"},{"key":"1_CR15","unstructured":"Du, K., et al.: The ever-changing labyrinth: a large-scale analysis of wildcard DNS powered Blackhat SEO. In: 25th USENIX Security Symposium (USENIX Security 16) (2016)"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Levchenko, K., et al.: Click trajectories: end-to-end analysis of the spam value chain. In: 2011 IEEE Symposium on Security and Privacy. IEEE (2011)","DOI":"10.1109\/SP.2011.24"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Wang, D.Y., Savage, S., Voelker, G.M.: Cloak and dagger: dynamics of web search cloaking. In: Proceedings of the 18th ACM Conference on Computer and Communications Security. ACM (2011)","DOI":"10.1145\/2046707.2046763"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Zhang, Q., Wang, D.Y., Voelker, G.M.: DSpin: detecting automatically spun content on the web. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23004"},{"key":"1_CR19","doi-asserted-by":"publisher","first-page":"370","DOI":"10.1007\/978-3-319-66402-6_22","volume-title":"Computer Security \u2013 ESORICS 2017","author":"Igino Corona","year":"2017","unstructured":"Foley, S.N., Gollmann, D., Snekkenes, E. (eds.): DeltaPhish: detecting phishing webpages in compromised websites. ESORICS 2017. LNCS, vol. 10492, pp. 370\u2013388. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-66402-6_22"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"Liao, X., et al.: Seeking nonsense, looking for trouble: efficient promotional-infection detection through semantic inconsistency search. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE (2016)","DOI":"10.1109\/SP.2016.48"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Hao, S., et al.: PREDATOR: proactive recognition and elimination of domain abuse at time-of-registration. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM (2016)","DOI":"10.1145\/2976749.2978317"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Li, Z., et al.: Knowing your enemy: understanding and detecting malicious web advertising. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security. ACM (2012)","DOI":"10.1145\/2382196.2382267"},{"key":"1_CR23","unstructured":"new gTLD Statistics by Top-Level Domains (2016). \nhttps:\/\/ntldstats.com\/tld"},{"issue":"1","key":"1_CR24","first-page":"72","volume":"3","author":"T Nagunwa","year":"2014","unstructured":"Nagunwa, T.: Behind identity theft and fraud in cyberspace: the current landscape of phishing vectors. Int. J. Cyber-Secur. Digital Forensics (IJCSDF) 3(1), 72\u201383 (2014)","journal-title":"Int. J. Cyber-Secur. Digital Forensics (IJCSDF)"},{"key":"1_CR25","unstructured":"TLS Certificates from the Top Million Sites (2016). \nhttps:\/\/adamcaudill.com\/2016\/09\/23\/tls-certificates-top-million-sites\/"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Kim, Y.: Convolutional neural networks for sentence classification. arXiv preprint \narXiv:1408.5882\n\n (2014)","DOI":"10.3115\/v1\/D14-1181"},{"key":"1_CR27","doi-asserted-by":"crossref","unstructured":"Kalchbrenner, N., Grefenstette, E., Blunsom, P.: A convolutional neural network for modelling sentences. arXiv preprint \narXiv:1404.2188\n\n (2014)","DOI":"10.3115\/v1\/P14-1062"},{"key":"1_CR28","unstructured":"Liu, P., Qiu, X., Huang, X.: Recurrent neural network for text classification with multi-task learning. arXiv preprint \narXiv:1605.05101\n\n (2016)"},{"key":"1_CR29","doi-asserted-by":"crossref","unstructured":"Luo, M., et al.: Hindsight: understanding the evolution of UI vulnerabilities in mobile browsers. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM (2017)","DOI":"10.1145\/3133956.3133987"},{"key":"1_CR30","doi-asserted-by":"crossref","unstructured":"Chen, G., et al.: Combating typo-squatting for safer browsing. In: 2009 International Conference on Advanced Information Networking and Applications Workshops. IEEE (2009)","DOI":"10.1109\/WAINA.2009.98"},{"issue":"13","key":"1_CR31","doi-asserted-by":"publisher","first-page":"3001","DOI":"10.1016\/j.comnet.2011.06.005","volume":"55","author":"A Banerjee","year":"2011","unstructured":"Banerjee, A., Rahman, M.S., Faloutsos, M.: SUT: quantifying and mitigating url typosquatting. Comput. Netw. 55(13), 3001\u20133014 (2011)","journal-title":"Comput. Netw."},{"key":"1_CR32","unstructured":"Linari, A. et al.: Typo-Squatting: The Curse\u201dof Popularity (2009)"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"Agten, P., et al.: Seven months\u2019 worth of mistakes: a longitudinal study of typosquatting abuse. In: NDSS (2015)","DOI":"10.14722\/ndss.2015.23058"},{"key":"1_CR34","unstructured":"Shuang, H., Feamster, N., Pandrangi, R.: Monitoring the initial DNS behavior of malicious domains. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference. ACM (2011)"},{"issue":"7","key":"1_CR35","doi-asserted-by":"publisher","first-page":"806","DOI":"10.1016\/j.cose.2012.05.005","volume":"31","author":"SE Coull","year":"2012","unstructured":"Coull, S.E., et al.: Understanding domain registration abuses. Comput. secur. 31(7), 806\u2013815 (2012)","journal-title":"Comput. secur."},{"key":"1_CR36","unstructured":"Anderson, D.S., et al.: Spamscatter: characterizing internet scam hosting infrastructure. Diss. University of California, San Diego (2007)"},{"key":"1_CR37","unstructured":"Antonakakis, M., et al.: Building a dynamic reputation system for DNS. In: USENIX security symposium (2010)"},{"key":"1_CR38","unstructured":"Antonakakis, M., et al.: From throw-away traffic to bots: detecting the rise of DGA-based malware. In: Presented as part of the 21st USENIX Security Symposium (USENIX Security 12) (2012)"},{"key":"1_CR39","unstructured":"Bilge, L., et al.: EXPOSURE: finding malicious domains using passive DNS analysis. In: NDSS (2011)"},{"key":"1_CR40","unstructured":"Antonakakis, M., et al.: Detecting Malware Domains at the Upper DNS Hierarchy. In: USENIX Security Symposium, vol. 11 (2011)"},{"key":"1_CR41","doi-asserted-by":"crossref","unstructured":"Lever, C., et al.: Domain-Z: 28 registrations later measuring the exploitation of residual trust in domains. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE (2016)","DOI":"10.1109\/SP.2016.47"},{"key":"1_CR42","doi-asserted-by":"crossref","unstructured":"Garera, S., et al.: A framework for detection and measurement of phishing attacks. In: Proceedings of the 2007 ACM Workshop on Recurring Malcode. ACM (2007)","DOI":"10.1145\/1314389.1314391"},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"Medvet, E., Kirda, E., Kruegel, C.: Visual-similarity-based phishing detection. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks. ACM (2008)","DOI":"10.1145\/1460877.1460905"},{"key":"1_CR44","doi-asserted-by":"crossref","unstructured":"Liu, D., et al.: Don\u2019t let one rotten apple spoil the whole barrel: towards automated detection of shadowed domains. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM (2017)","DOI":"10.1145\/3133956.3134049"},{"key":"1_CR45","unstructured":"Leontiadis, N., Moore, T., Christin, N.: Measuring and analyzing search-redirection attacks in the illicit online prescription drug trade. In: USENIX Security Symposium, vol. 11 (2011)"},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Christin, N.: Traveling the silk road: a measurement analysis of a large anonymous online marketplace. In: Proceedings of the 22nd International Conference on World Wide Web. ACM (2013)","DOI":"10.1145\/2488388.2488408"},{"issue":"5","key":"1_CR47","first-page":"774","volume":"109","author":"MJ Barratt","year":"2014","unstructured":"Barratt, M.J., Ferris, J.A., Winstock, A.R.: Use of Silk Road, the online drug marketplace, in the United Kingdom. Australia and the United States. Addiction 109(5), 774\u2013783 (2014)","journal-title":"Australia and the United States. Addiction"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37231-6_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,23]],"date-time":"2019-12-23T18:03:23Z","timestamp":1577124203000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37231-6_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372309","9783030372316"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37231-6_1","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"11 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}