{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T15:31:22Z","timestamp":1774539082683,"version":"3.50.1"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030725815","type":"print"},{"value":"9783030725822","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-72582-2_6","type":"book-chapter","created":{"date-parts":[[2021,3,29]],"date-time":"2021-03-29T12:02:43Z","timestamp":1617019363000},"page":"93-107","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Winding Path: Characterizing the Malicious Redirection in Squatting Domain Names"],"prefix":"10.1007","author":[{"given":"Yuwei","family":"Zeng","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xunxun","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tianning","family":"Zang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haiwei","family":"Tsang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,3,30]]},"reference":[{"key":"6_CR1","unstructured":"Alexa Top 1M Sites. https:\/\/www.alexa.com\/topsites"},{"key":"6_CR2","unstructured":"Alexa Top 1M Sites Archive. https:\/\/toplists.net.in.tum.de\/archive\/alexa\/"},{"key":"6_CR3","unstructured":"Alexa Top Category Sites. https:\/\/www.alexa.com\/topsites\/category"},{"key":"6_CR4","unstructured":"CN Top Sites. http:\/\/www.alexa.cn\/siterank\/"},{"key":"6_CR5","unstructured":"Selenium. https:\/\/www.selenium.dev\/"},{"key":"6_CR6","unstructured":"University of Oregon Route Views Archive Project. http:\/\/archive.routeviews.org\/"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Agten, P., Joosen, W., Piessens, F., Nikiforakis, N.: Seven months\u2019 worth of mistakes: a longitudinal study of typosquatting abuse. In: Proceedings of the 22nd Network and Distributed System Security Symposium (NDSS 2015). Internet Society (2015)","DOI":"10.14722\/ndss.2015.23058"},{"key":"6_CR8","unstructured":"Alrwais, S., Yuan, K., Alowaisheq, E., Li, Z., Wang, X.: Understanding the dark side of domain parking. In: 23rd $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2014), pp. 207\u2013222 (2014)"},{"key":"6_CR9","unstructured":"Asghari, H.: pyasn. https:\/\/github.com\/hadiasghari\/pyasn"},{"key":"6_CR10","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-37231-6_1","volume-title":"Security and Privacy in Communication Networks","author":"K Du","year":"2019","unstructured":"Du, K., et al.: TL;DR hazard: a comprehensive study of levelsquatting scams. In: Chen, S., Choo, K.-K.R., Fu, X., Lou, W., Mohaisen, A. (eds.) SecureComm 2019. LNICST, vol. 305, pp. 3\u201325. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-37231-6_1"},{"key":"6_CR11","unstructured":"Holgers, T., Watson, D.E., Gribble, S.D.: Cutting through the confusion: a measurement study of homograph attacks. In: USENIX Annual Technical Conference, General Track, pp. 261\u2013266 (2006)"},{"key":"6_CR12","unstructured":"Huang, L.S., Moshchuk, A., Wang, H.J., Schecter, S., Jackson, C.: Clickjacking: attacks and defenses. In: Presented as part of the 21st $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2012), pp. 413\u2013428 (2012)"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Invernizzi, L., Thomas, K., Kapravelos, A., Comanescu, O., Picod, J.M., Bursztein, E.: Cloak of visibility: detecting when machines browse a different web. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 743\u2013758. IEEE (2016)","DOI":"10.1109\/SP.2016.50"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Khan, M.T., Huo, X., Li, Z., Kanich, C.: Every second counts: quantifying the negative externalities of cybercrime via typosquatting. In: 2015 IEEE Symposium on Security and Privacy, pp. 135\u2013150. IEEE (2015)","DOI":"10.1109\/SP.2015.16"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Kintis, P., et al.: Hiding in plain sight: a longitudinal study of combosquatting abuse. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 569\u2013586 (2017)","DOI":"10.1145\/3133956.3134002"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Li, Z., Alrwais, S., Wang, X., Alowaisheq, E.: Hunting the red fox online: understanding and detection of mass redirect-script injections. In: 2014 IEEE Symposium on Security and Privacy, pp. 3\u201318. IEEE (2014)","DOI":"10.1109\/SP.2014.8"},{"key":"6_CR17","unstructured":"Mavrommatis, N.P.P., Monrose, M.: All your iframes point to us. In: USENIX Security Symposium, pp. 1\u201316. USENIX Association (2008)"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Mekky, H., Torres, R., Zhang, Z.L., Saha, S., Nucci, A.: Detecting malicious http redirections using trees of user browsing activity. In: IEEE INFOCOM 2014-IEEE Conference on Computer Communications, pp. 1159\u20131167. IEEE (2014)","DOI":"10.1109\/INFOCOM.2014.6848047"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., et al.: You are what you include: large-scale evaluation of remote javascript inclusions. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 736\u2013747 (2012)","DOI":"10.1145\/2382196.2382274"},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Van Acker, S., Meert, W., Desmet, L., Piessens, F., Joosen, W.: Bitsquatting: exploiting bit-flips for fun, or profit? In: Proceedings of the 22nd International Conference on World Wide Web, pp. 989\u2013998 (2013)","DOI":"10.1145\/2488388.2488474"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Scheitle, Q., et al.: A long way to the top: significance, structure, and stability of internet top lists. In: Proceedings of the Internet Measurement Conference 2018, pp. 478\u2013493 (2018)","DOI":"10.1145\/3278532.3278574"},{"key":"6_CR22","unstructured":"Szurdi, J., Kocso, B., Cseh, G., Spring, J., Felegyhazi, M., Kanich, C.: The long \u201ctaile\u201d of typosquatting domain names. In: 23rd $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2014), pp. 191\u2013206 (2014)"},{"key":"6_CR23","doi-asserted-by":"crossref","unstructured":"Tian, K., Jan, S.T., Hu, H., Yao, D., Wang, G.: Needle in a haystack: tracking down elite phishing domains in the wild. In: Proceedings of the Internet Measurement Conference 2018, pp. 429\u2013442 (2018)","DOI":"10.1145\/3278532.3278569"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"Vissers, T., Joosen, W., Nikiforakis, N.: Parking sensors: analyzing and detecting parked domains. In: Proceedings of the 22nd Network and Distributed System Security Symposium (NDSS 2015), pp. 53\u201353. Internet Society (2015)","DOI":"10.14722\/ndss.2015.23053"},{"key":"6_CR25","doi-asserted-by":"crossref","unstructured":"Wang, D.Y., Savage, S., Voelker, G.M.: Cloak and dagger: dynamics of web search cloaking. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 477\u2013490 (2011)","DOI":"10.1145\/2046707.2046763"},{"key":"6_CR26","unstructured":"Yang, G., Huang, J., Gu, G.: Iframes\/popups are dangerous in mobile webview: studying and mitigating differential context vulnerabilities. In: 28th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2019), pp. 977\u2013994 (2019)"},{"key":"6_CR27","doi-asserted-by":"crossref","unstructured":"Zeng, Y., Zang, T., Zhang, Y., Chen, X., Wang, Y.: A comprehensive measurement study of domain-squatting abuse. In: ICC 2019\u20132019 IEEE International Conference on Communications (ICC), pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/ICC.2019.8761388"},{"key":"6_CR28","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Evans, D.: Understanding and monitoring embedded web scripts. In: 2015 IEEE Symposium on Security and Privacy, pp. 850\u2013865. IEEE (2015)","DOI":"10.1109\/SP.2015.57"}],"container-title":["Lecture Notes in Computer Science","Passive and Active Measurement"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-72582-2_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,4]],"date-time":"2021-05-04T19:38:46Z","timestamp":1620157126000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-72582-2_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030725815","9783030725822"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-72582-2_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"30 March 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PAM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Passive and Active Network Measurement","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cottbus","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 March 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 March 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pam2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.pam2021.b-tu.de\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCrp","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"75","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"44% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.9","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}