{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T09:12:42Z","timestamp":1767863562268,"version":"3.49.0"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030630850","type":"print"},{"value":"9783030630867","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-63086-7_1","type":"book-chapter","created":{"date-parts":[[2020,12,11]],"date-time":"2020-12-11T08:07:25Z","timestamp":1607674045000},"page":"1-22","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Email Address Mutation for Proactive Deterrence Against Lateral Spear-Phishing Attacks"],"prefix":"10.1007","author":[{"given":"Md Mazharul","family":"Islam","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ehab","family":"Al-Shaer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muhammad Abdul Basit Ur","family":"Rahim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,12,12]]},"reference":[{"key":"1_CR1","unstructured":"Business email compromise: The \\$26 billion scam (2019). https:\/\/www.ic3.gov\/media\/2019\/190910.aspx"},{"key":"1_CR2","unstructured":"Email security gateways. (2020). https:\/\/www.expertinsights.com\/insights\/top-11-email-security-gateways\/"},{"key":"1_CR3","unstructured":"Multi-factor authentication (2020). https:\/\/en.wikipedia.org\/wiki\/Multi-factor_authentication"},{"key":"1_CR4","unstructured":"Spear-phishing email reports (2020). https:\/\/www.phishingbox.com\/"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Aggarwal, S., Kumar, V., Sudarsan, S.: Identification and detection of phishing emails using natural language processing techniques. In: Proceedings of the 7th International Conference on Security of Information and Networks. ACM (2014)","DOI":"10.1145\/2659651.2659691"},{"key":"1_CR6","doi-asserted-by":"crossref","unstructured":"Callas, J., Donnerhacke, L., Finney, H., Thayer, R.: Openpgp message format. Technical report, RFC 2440, November (1998)","DOI":"10.17487\/rfc2440"},{"key":"1_CR7","doi-asserted-by":"crossref","unstructured":"Crocker, D.: Rfc0822: standard for the format of ARPA internet text messages (1982)","DOI":"10.17487\/rfc0822"},{"key":"1_CR8","doi-asserted-by":"publisher","unstructured":"Crocker, D., Hansen, T., Kucherawy, M.: Domainkeys identified mail (dkim) signatures. RFC6376 (2011). https:\/\/doi.org\/10.17487\/RFC6376, https:\/\/tools.ietf.org\/html\/rfc6376","DOI":"10.17487\/RFC6376"},{"key":"1_CR9","unstructured":"Dalton, A., Islam, M.M., Dorr, B.J., et al.: Active defense against social engineering: The case for human language technology. In: Proceedings on Social Threats in Online Conversations: Understanding and Management, pp. 1\u20138 (2020)"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Duman, S., Kalkan, K., Egele, M., Robertson, W., Kirda, E.: Emailprofiler: spearphishing filtering with header and stylometric features of emails. In: IEEE 40th COMPSAC, vol. 1, pp. 408\u2013416. IEEE (2016)","DOI":"10.1109\/COMPSAC.2016.105"},{"key":"1_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-030-00470-5_4","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"H Gascon","year":"2018","unstructured":"Gascon, H., Ullrich, S., Stritter, B., Rieck, K.: Reading between the lines: content-agnostic detection of spear-phishing emails. In: Bailey, M., Holz, T., Stamatogiannakis, M., Ioannidis, S. (eds.) RAID 2018. LNCS, vol. 11050, pp. 69\u201391. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-00470-5_4"},{"key":"1_CR12","unstructured":"Ho, G., et al.: Detecting and characterizing lateral phishing at scale. In: 28th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 19), pp. 1273\u20131290 (2019)"},{"key":"1_CR13","unstructured":"Ho, G., Sharma, A., Javed, M., Paxson, V., Wagner, D.: Detecting credential spearphishing in enterprise settings. In: 26th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 17), pp. 469\u2013485 (2017)"},{"key":"1_CR14","unstructured":"Hu, H., Wang, G.: End-to-end measurements of email spoofing attacks. In: 27th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 18), pp. 1095\u20131112 (2018)"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Hu, X., Li, B., Zhang, Y., Zhou, C., Ma, H.: Detecting compromised email accounts from the perspective of graph topology. In: Proceedings of the 11th International Conference on Future Internet Technologies, pp. 76\u201382 (2016)","DOI":"10.1145\/2935663.2935672"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Islam, M.M., Al-Shaer, E.: Active deception framework: an extensible development environment for adaptive cyber deception. In: 2020 IEEE Cybersecurity Development (SecDev). IEEE (2020)","DOI":"10.1109\/SecDev45635.2020.00023"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Islam, M.M., Duan, Q., Al-Shaer, E.: Specification-driven moving target defense synthesis. In: Proceedings of the 6th ACM Workshop on Moving Target Defense, pp. 13\u201324 (2019)","DOI":"10.1145\/3338468.3356830"},{"key":"1_CR18","unstructured":"Khonji, M., Iraqi, Y., Andrew, J.: Mitigation of spear phishing attacks: a content-based authorship identification framework. In: 2011 International Conference for ITST, pp. 416\u2013421. IEEE (2011)"},{"key":"1_CR19","unstructured":"Kitterman, S.: Sender policy framework (spf). RFC7208 (2014). https:\/\/tools.ietf.org\/html\/rfc7208"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"Klensin, J., et al.: Simple mail transfer protocol. Technical report, rfc 2821 (2001)","DOI":"10.17487\/rfc2821"},{"key":"1_CR21","unstructured":"Kucherawy, M., Zwicky, E.: Domain-based message authentication, reporting, and conformance (dmarc). RFC7489 (2015). https:\/\/tools.ietf.org\/html\/rfc7489"},{"issue":"1\u20132","key":"1_CR22","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/s100090050010","volume":"1","author":"KG Larsen","year":"1997","unstructured":"Larsen, K.G., Pettersson, P., Yi, W.: Uppaal in a nutshell. Int. J. Softw. Tools Technol. Transf. 1(1\u20132), 134\u2013152 (1997)","journal-title":"Int. J. Softw. Tools Technol. Transf."},{"key":"1_CR23","unstructured":"M\u00fcller, J., Brinkmann, M., B\u00f6ck, H., Schinzel, S., Schwenk, J., et al.: \u201cjohnny, you are fired!\u201d-spoofing openpgp and s\/mime signatures in emails. In: 28th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 19), pp. 1011\u20131028 (2019)"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Ramsdell, B., et al.: S\/mime version 3 message specification. Technical report, RFC 2633 (1999)","DOI":"10.17487\/rfc2633"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Ruoti, S., Andersen, J., Seamons, K., et al.: \u201cwe\u2019re on the same page\u201d a usability study of secure email using pairs of novice users. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, pp. 4298\u20134308 (2016)","DOI":"10.1145\/2858036.2858400"},{"key":"1_CR26","unstructured":"Sheng, S., Broderick, L., Koranda, C.A., Hyland, J.J.: Why johnny still can\u2019t encrypt: evaluating the usability of email encryption software. In: Symposium On Usable Privacy and Security, pp. 3\u20134. ACM (2006)"},{"key":"1_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/978-3-319-20550-2_5","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"G Stringhini","year":"2015","unstructured":"Stringhini, G., Thonnard, O.: That ain\u2019t you: blocking spearphishing through behavioral modelling. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 78\u201397. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-20550-2_5"},{"key":"1_CR28","unstructured":"Thomson, I.: Who\u2019s using 2fa? sweet fa. less than 10% of gmail users enable two-factor authentication. The Register (2018)"},{"key":"1_CR29","unstructured":"Verizon: 2018 data breach investigations report (2018). https:\/\/enterprise.verizon.com\/resources\/reports\/DBIR_2018_Report_execsummary.pdf"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-63086-7_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,24]],"date-time":"2021-04-24T21:27:32Z","timestamp":1619299652000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-63086-7_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030630850","9783030630867"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-63086-7_1","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"12 December 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Washington, WA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 October 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/securecomm.eai-conferences.org\/2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Confy","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"120","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"50","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"42% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2,86","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}