{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,21]],"date-time":"2025-09-21T16:59:50Z","timestamp":1758473990785,"version":"3.40.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030526825"},{"type":"electronic","value":"9783030526832"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-52683-2_9","type":"book-chapter","created":{"date-parts":[[2020,7,6]],"date-time":"2020-07-06T23:19:19Z","timestamp":1594077559000},"page":"171-191","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["It Never Rains but It Pours: Analyzing and Detecting Fake Removal Information Advertisement Sites"],"prefix":"10.1007","author":[{"given":"Takashi","family":"Koide","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daiki","family":"Chiba","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mitsuaki","family":"Akiyama","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Katsunari","family":"Yoshioka","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tsutomu","family":"Matsumoto","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,7,7]]},"reference":[{"key":"9_CR1","unstructured":"Caballero, J., Grier, C., Kreibich, C., Paxson, V.: Measuring pay-per-install: the commoditization of malware distribution. In: USENIX Security Symposium (2011)"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Cova, M., Leita, C., Thonnard, O., Keromytis, A.D., Dacier, M.: An analysis of rogue AV campaigns. In: Recent Advances in Intrusion Detection, RAID 2010 (2010)","DOI":"10.1007\/978-3-642-15512-3_23"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Dittrich, D., Kenneally, E.: The Menlo report: ethical principles guiding information and communication technology research. Technical report, U.S. Department of Homeland Security (2012)","DOI":"10.2139\/ssrn.2445102"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Grier, C., et al.: Manufacturing compromise: the emergence of exploit-as-a-service. In: The ACM Conference on Computer and Communications Security, CCS 2012, pp. 821\u2013832 (2012)","DOI":"10.1145\/2382196.2382283"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Invernizzi, L., Comparetti, P.M.: Evilseed: A guided approach to finding malicious web pages. In: IEEE Symposium on Security and Privacy, SP 2012 (2012)","DOI":"10.1109\/SP.2012.33"},{"key":"9_CR6","unstructured":"John, J.P., Yu, F., Xie, Y., Krishnamurthy, A., Abadi, M.: deSEO: Combating search-result poisoning. In: 20th USENIX Security Symposium (2011)"},{"key":"9_CR7","doi-asserted-by":"crossref","unstructured":"Kharraz, A., Robertson, W.K., Kirda, E.: Surveylance: automatically detecting online survey scams. In: IEEE Symposium on Security and Privacy, SP 2018 (2018)","DOI":"10.1109\/SP.2018.00044"},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Kwon, Y., Saltaformaggio, B., Kim, I.L., Lee, K.H., Zhang, X., Xu, D.: Self destructing exploit executions via input perturbation. In: 24th Annual Network and Distributed System Security Symposium, NDSS (2017)","DOI":"10.14722\/ndss.2017.23476"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Li, Z., Zhang, K., Xie, Y., Yu, F., Wang, X.: Knowing your enemy: understanding and detecting malicious web advertising. In: The ACM Conference on Computer and Communications Security, CCS 2012, pp. 674\u2013686 (2012)","DOI":"10.1145\/2382196.2382267"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Lu, L., Perdisci, R., Lee, W.: SURF: detecting and measuring search poisoning. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 467\u2013476 (2011)","DOI":"10.1145\/2046707.2046762"},{"key":"9_CR11","unstructured":"Malwarebytes Corporation: 2020 State of Malware Report (2020). \nhttps:\/\/resources.malwarebytes.com\/files\/2020\/02\/2020_State-of-Malware-Report.pdf"},{"key":"9_CR12","unstructured":"MarketWatch Inc: Global Antivirus Software Market Report 2019 and Future Opportunity Assessment 2024 (2019). \nhttps:\/\/www.marketwatch.com\/press-release\/global-antivirus-software-market-report-2019-and-future-opportunity-assessment-2024-2019-09-30"},{"key":"9_CR13","doi-asserted-by":"crossref","unstructured":"Mekky, H., Torres, R., Zhang, Z., Saha, S., Nucci, A.: Detecting malicious HTTP redirections using trees of user browsing activity. In: 2014 IEEE Conference on Computer Communications, INFOCOM 2014, pp. 1159\u20131167 (2014)","DOI":"10.1109\/INFOCOM.2014.6848047"},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Miramirkhani, N., Starov, O., Nikiforakis, N.: Dial one for scam: a large-scale analysis of technical support scams. In: 24th Annual Network and Distributed System Security Symposium, NDSS (2017)","DOI":"10.14722\/ndss.2017.23163"},{"key":"9_CR15","unstructured":"Nelms, T., Perdisci, R., Antonakakis, M., Ahamad, M.: Towards measuring and mitigating social engineering software download attacks. In: 25th USENIX Security Symposium, USENIX Security 16, pp. 773\u2013789 (2016)"},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., et al.: Stranger danger: exploring the ecosystem of ad-based URL shortening services. In: World Wide Web Conference, WWW (2014)","DOI":"10.1145\/2566486.2567983"},{"key":"9_CR17","unstructured":"Rafique, M.Z., van Goethem, T., Joosen, W., Huygens, C., Nikiforakis, N.: It\u2019s free for a reason: exploring the ecosystem of free live streaming services. In: 23rd Annual Network and Distributed System Security Symposium NDSS (2016)"},{"key":"9_CR18","unstructured":"Rajab, M.A., Ballard, L., Mavrommatis, P., Provos, N., Zhao, X.: The nocebo effect on the web: an analysis of fake anti-virus distribution. In: 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats LEET 2010 (2010)"},{"key":"9_CR19","doi-asserted-by":"crossref","unstructured":"Sharif, M., Urakawa, J., Christin, N., Kubota, A., Yamada, A.: Predicting impending exposure to malicious content from user behavior. In: The 2018 ACM SIGSAC Conference on Computer and Communications Security CCS 2018 (2018)","DOI":"10.1145\/3243734.3243779"},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Shen, Y., Mariconti, E., Vervier, P., Stringhini, G.: Tiresias: predicting security events through deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security CCS 2018, pp. 592\u2013605 (2018)","DOI":"10.1145\/3243734.3243811"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Srinivasan, B., et al.: Exposing search and advertisement abuse tactics and infrastructure of technical support scammers. In: Proceedings of the 2018 World Wide Web Conference on World Wide Web, WWW 2018, pp. 319\u2013328 (2018)","DOI":"10.1145\/3178876.3186098"},{"key":"9_CR22","unstructured":"Stein, E.: Hong Kong Based Malvertiser brokers traffic to fake antivirus scams (2019). \nhttps:\/\/blog.confiant.com\/hong-kong-based-malvertiser-brokers-traffic-to-fake-antivirus-scams-over-100-million-ads-300e251eff06"},{"key":"9_CR23","doi-asserted-by":"crossref","unstructured":"Stone-Gross, B., Abman, R., Kemmerer, R.A., Kruegel, C., Steigerwald, D.G.: The underground economy of fake antivirus software. In: 10th Annual Workshop on the Economics of Information Security WEIS 2011 (2011)","DOI":"10.1007\/978-1-4614-1981-5_4"},{"key":"9_CR24","unstructured":"Thomas, K., et al.: Investigating commercial pay-per-install and the distribution of unwanted software. In: 25th USENIX Security Symposium USENIX Security 16, pp. 721\u2013739 (2016)"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Vadrevu, P., Liu, J., Li, B., Rahbarinia, B., Lee, K.H., Perdisci, R.: Enabling reconstruction of attacks on users via efficient browsing snapshots. In: 24th Annual Network and Distributed System Security Symposium NDSS 2017 (2017)","DOI":"10.14722\/ndss.2017.23100"},{"key":"9_CR26","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1145\/3355369.3355600","volume":"2019","author":"P Vadrevu","year":"2019","unstructured":"Vadrevu, P., Perdisci, R.: What you see is NOT what you get: discovering and tracking social engineering attack campaigns. Proc. Internet Meas. Conf. IMC 2019, 308\u2013321 (2019)","journal-title":"Proc. Internet Meas. Conf. IMC"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Vissers, T., Joosen, W., Nikiforakis, N.: Parking sensors: analyzing and detecting parked domains. In: Network and Distributed System Security Symposium NDSS (2015)","DOI":"10.14722\/ndss.2015.23053"},{"key":"9_CR28","doi-asserted-by":"crossref","unstructured":"Zhang, J., Yang, C., Xu, Z., Gu, G.: Poisonamplier: a guided approach of discovering compromised websites through reversing search poisoning attacks. In: Research in Attacks, Intrusions, and Defenses, RAID 2012 (2012)","DOI":"10.1007\/978-3-642-33338-5_12"},{"key":"9_CR29","unstructured":"Zhang, M., Meng, W., Lee, S., Lee, B., Xing, X.: All your clicks belong to me: investigating click interception on the web. In: 28th USENIX Security Symposium, USENIX Security 2019, pp. 941\u2013957 (2019)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-52683-2_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,7]],"date-time":"2020-07-07T00:05:41Z","timestamp":1594080341000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-52683-2_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030526825","9783030526832"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-52683-2_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"7 July 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lisbon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 June 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva2020.campus.ciencias.ulisboa.pt\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Hotcrp","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"45","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}