{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,30]],"date-time":"2026-06-30T15:52:36Z","timestamp":1782834756785,"version":"3.54.5"},"publisher-location":"Cham","reference-count":61,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031171420","type":"print"},{"value":"9783031171437","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-17143-7_9","type":"book-chapter","created":{"date-parts":[[2022,9,23]],"date-time":"2022-09-23T04:04:22Z","timestamp":1663905862000},"page":"166-185","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Equivocal URLs: Understanding the\u00a0Fragmented Space of\u00a0URL Parser Implementations"],"prefix":"10.1007","author":[{"given":"Joshua","family":"Reynolds","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Adam","family":"Bates","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Michael","family":"Bailey","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2022,9,24]]},"reference":[{"key":"9_CR1","unstructured":"Alexa top 1,000,000 sites. http:\/\/s3.amazonaws.com\/alexa-static\/top-1m.csv.zip"},{"key":"9_CR2","unstructured":"parse_url. php.net (2021)"},{"key":"9_CR3","unstructured":"Uniform resource identifier (uri) schemes. IANA (2021)"},{"key":"9_CR4","unstructured":"Urlhaus. abuse.ch (2021)"},{"key":"9_CR5","unstructured":"Google safe browsing (2022). https:\/\/safebrowsing.google.com\/"},{"key":"9_CR6","unstructured":"Unicode character database: Unicodedata.txt (2022). https:\/\/www.unicode.org\/Public\/UCD\/latest\/ucd\/UnicodeData.txt"},{"key":"9_CR7","unstructured":"Url: Living standard. Web Hypertext Application Technology Working Group (2022)"},{"key":"9_CR8","unstructured":"Virus total (2022). www.virustotal.com"},{"key":"9_CR9","unstructured":"Ahmed: url-parse package return wrong hostname. Hackerone (2018)"},{"key":"9_CR10","unstructured":"Akhawe, D., Felt, A.P.: Alice in warningland: a large-scale field study of browser security warning effectiveness. In: 22nd $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2013) (2013)"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Albakry, S., Vaniea, K., Wolters, M.K.: What is this url\u2019s destination? empirical evaluation of users\u2019 url reading. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems (2020)","DOI":"10.1145\/3313831.3376168"},{"key":"9_CR12","doi-asserted-by":"publisher","first-page":"1514","DOI":"10.3390\/electronics9091514","volume":"9","author":"A Aljofey","year":"2020","unstructured":"Aljofey, A., Jiang, Q., Qu, Q., Huang, M., Niyigena, J.P.: An effective phishing detection model based on character level convolutional neural network from url. Electronics 9, 1514 (2020)","journal-title":"Electronics"},{"key":"9_CR13","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1016\/j.ijhcs.2015.05.005","volume":"82","author":"M Alsharnouby","year":"2015","unstructured":"Alsharnouby, M., Alaca, F., Chiasson, S.: Why phishing still works: user strategies for combating phishing attacks. Int. J. Hum.-Comput. Stud. 82, 69\u201382 (2015)","journal-title":"Int. J. Hum.-Comput. Stud."},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Althobaiti, K., Rummani, G., Vaniea, K.: A review of human-and computer-facing url phishing features. In: 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW). IEEE (2019)","DOI":"10.1109\/EuroSPW.2019.00027"},{"key":"9_CR15","unstructured":"Anitha, A., Gudivada, K.S., Rakshitha Lakshmi, M., Kumari, S., Usha, C.: Identifying phishing websites through url parsing (2019)"},{"key":"9_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"400","DOI":"10.1007\/978-3-642-31284-7_24","volume-title":"Applied Cryptography and Network Security","author":"E Athanasopoulos","year":"2012","unstructured":"Athanasopoulos, E., Kemerlis, V.P., Polychronakis, M., Markatos, E.P.: ARC: protecting against HTTP parameter pollution attacks using application request caches. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 400\u2013417. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31284-7_24"},{"key":"9_CR17","unstructured":"Balduzzi, M., Gimenez, C.T., Balzarotti, D., Kirda, E.: Automated discovery of parameter pollution vulnerabilities in web applications. In: NDSS (2011)"},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"Berners-Lee, T.: Rfc 1630: universal resource identifiers in www: a unifying syntax for the expression of names and addresses of objects on the network as used in the world-wide web (1994)","DOI":"10.17487\/rfc1630"},{"key":"9_CR19","doi-asserted-by":"crossref","unstructured":"Berners-Lee, T., Fielding, R., Masinter, L.: Rfc 2396: uniform resource identifiers (uri): generic syntax (1998)","DOI":"10.17487\/rfc2396"},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Berners-Lee, T., Fielding, R., Masinter, L.: Rfc 3986: uniform resource identifier (uri): generic syntax (2005)","DOI":"10.17487\/rfc3986"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Berners-Lee, T., Masinter, L., McCahill, M.: Rfc 1738: uniform resource locators (url) (1994)","DOI":"10.17487\/rfc1738"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Canova, G., Volkamer, M., Bergmann, C., Reinheimer, B.: Nophish app evaluation: lab and retention study. In: NDSS workshop on usable security (2015)","DOI":"10.14722\/usec.2015.23009"},{"key":"9_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"392","DOI":"10.1007\/978-3-642-34129-8_37","volume-title":"Information and Communications Security","author":"Y Cao","year":"2012","unstructured":"Cao, Y., Wei, Q., Wang, Q.: Parameter pollution vulnerabilities detection study based on tree edit distance. In: Chim, T.W., Yuen, T.H. (eds.) ICICS 2012. LNCS, vol. 7618, pp. 392\u2013399. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34129-8_37"},{"key":"9_CR24","unstructured":"Carettoni, L., di Paola, S.: Http parameter pollution. OWASP AppSec Europe (2009)"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Costello, A.: Rfc 3492: Punycode: a bootstring encoding of unicode for internationalized domain names in applications (idna) (2003)","DOI":"10.17487\/rfc3492"},{"key":"9_CR26","doi-asserted-by":"crossref","unstructured":"Dhamija, R., Tygar, J.D., Hearst, M.: Why phishing works. In: Proceedings of the SIGCHI conference on Human Factors in computing systems (2006)","DOI":"10.1145\/1124772.1124861"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Duerst, M., Suignard, M.: Rfc 3987: internationalized resource identifiers (iris) (2005)","DOI":"10.17487\/rfc3987"},{"key":"9_CR28","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by Internet-wide scanning. In: 22nd ACM Conference on Computer and Communications Security (2015)","DOI":"10.1145\/2810103.2813703"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Felt, A.P., et al.: Improving SSL warnings: comprehension and adherence. In: Proceedings of the 33rd annual ACM conference on human factors in computing systems, pp. 2893\u20132902 (2015)","DOI":"10.1145\/2702123.2702442"},{"key":"9_CR30","unstructured":"Felt, A.P., et al.: Rethinking connection security indicators. In: Twelfth Symposium on Usable Privacy and Security ($$\\{$$SOUPS$$\\}$$ 2016) (2016)"},{"key":"9_CR31","doi-asserted-by":"crossref","unstructured":"Felt, A.P., Reeder, R.W., Almuhimedi, H., Consolvo, S.: Experimenting at scale with google chrome\u2019s ssl warning. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (2014)","DOI":"10.1145\/2556288.2557292"},{"key":"9_CR32","doi-asserted-by":"crossref","unstructured":"Fielding, R.: Rfc 1808: relative uniform resource locators (1995)","DOI":"10.17487\/rfc1808"},{"key":"9_CR33","doi-asserted-by":"crossref","unstructured":"Hinden, R., Carpenter, B., Masinter, L.: Format for literal ipv6 addresses in url\u2019s. Technical report, RFC 2732 (1999)","DOI":"10.17487\/rfc2732"},{"key":"9_CR34","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"467","DOI":"10.1007\/978-981-10-8536-9_44","volume-title":"Cyber Security","author":"AK Jain","year":"2018","unstructured":"Jain, A.K., Gupta, B.B.: PHISH-SAFE: URL features-based phishing detection system using machine learning. In: Bokhari, M.U., Agrawal, N., Saini, D. (eds.) Cyber Security. AISC, vol. 729, pp. 467\u2013474. Springer, Singapore (2018). https:\/\/doi.org\/10.1007\/978-981-10-8536-9_44"},{"key":"9_CR35","unstructured":"Kettle, J.: Practical web cache poisoning. Port Swigger (2018)"},{"key":"9_CR36","unstructured":"Kreymer, I., Chuang, G.: Announcing the common crawl index! (2015)"},{"key":"9_CR37","doi-asserted-by":"crossref","unstructured":"Kumaraguru, P., et al.: School of phish: a real-world evaluation of anti-phishing training. In: Proceedings of the 5th Symposium on Usable Privacy and Security (2009)","DOI":"10.1145\/1572532.1572536"},{"key":"9_CR38","doi-asserted-by":"crossref","unstructured":"Kumaraguru, P., et al.: Getting users to pay attention to anti-phishing education: evaluation of retention and transfer. In: Proceedings of the Anti-Phishing Working Groups 2nd Annual eCrime Researchers Summit (2007)","DOI":"10.1145\/1299015.1299022"},{"key":"9_CR39","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1754393.1754396","volume":"10","author":"P Kumaraguru","year":"2010","unstructured":"Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L.F., Hong, J.: Teaching johnny not to fall for phish. ACM Trans. Internet Technol. (TOIT) 10, 1\u201331 (2010)","journal-title":"ACM Trans. Internet Technol. (TOIT)"},{"key":"9_CR40","doi-asserted-by":"crossref","unstructured":"Kunze, J.: Rfc 1736: functional recommendations for internet resource locators (1995)","DOI":"10.17487\/rfc1736"},{"key":"9_CR41","doi-asserted-by":"crossref","unstructured":"Le, A., Markopoulou, A., Faloutsos, M.: Phishdef: url names say it all. In: IEEE INFOCOM. IEEE (2011)","DOI":"10.1109\/INFCOM.2011.5934995"},{"key":"9_CR42","unstructured":"Leitschuh, J.: Ssrf via maliciously crafted url due to host confusion. Hackerone (2019)"},{"key":"9_CR43","unstructured":"Ma, Z., et al.: The impact of secure transport protocols on phishing efficacy. In: 12th $$\\{$$USENIX$$\\}$$ Workshop on Cyber Security Experimentation and Test ($$\\{$$CSET$$\\}$$ 2019) (2019)"},{"key":"9_CR44","doi-asserted-by":"publisher","first-page":"1717","DOI":"10.1109\/TC.2017.2703808","volume":"66","author":"S Marchal","year":"2017","unstructured":"Marchal, S., Armano, G., Gr\u00f6ndahl, T., Saari, K., Singh, N., Asokan, N.: Off-the-hook: an efficient and usable client-side phishing prevention application. IEEE Trans. Comput. 66, 1717\u20131733 (2017)","journal-title":"IEEE Trans. Comput."},{"key":"9_CR45","unstructured":"Marlinspike, M.: More tricks for defeating ssl in practice. Black Hat USA (2009)"},{"key":"9_CR46","unstructured":"Mu\u00f1oz, F.: Invalid url parsing with #. CVE-2016-8624 (2016)"},{"key":"9_CR47","doi-asserted-by":"crossref","unstructured":"Parekh, S., Parikh, D., Kotak, S., Sankhe, S.: A new method for detection of phishing websites: Url detection. In: 2018 Second International Conference on Inventive Communication and Computational Technologies (ICICCT). IEEE (2018)","DOI":"10.1109\/ICICCT.2018.8473085"},{"key":"9_CR48","unstructured":"Postel, J.: Rfc: 761 ien: 129 (1980)"},{"key":"9_CR49","doi-asserted-by":"crossref","unstructured":"Reynolds, J., et al.: Measuring identity confusion with uniform resource locators. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems (2020)","DOI":"10.1145\/3313831.3376298"},{"key":"9_CR50","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1016\/j.eswa.2018.09.029","volume":"117","author":"OK Sahingoz","year":"2019","unstructured":"Sahingoz, O.K., Buber, E., Demir, O., Diri, B.: Machine learning based phishing detection from urls. Expert Syst. Appl. 117, 345\u2013357 (2019)","journal-title":"Expert Syst. Appl."},{"key":"9_CR51","doi-asserted-by":"crossref","unstructured":"Sheng, S., et al.: Anti-phishing phil: the design and evaluation of a game that teaches people not to fall for phish. In: Proceedings of the 3rd Symposium on Usable Privacy and Security (2007)","DOI":"10.1145\/1280680.1280692"},{"key":"9_CR52","doi-asserted-by":"crossref","unstructured":"Thomas, K., Grier, C., Ma, J., Paxson, V., Song, D.: Design and evaluation of a real-time url spam filtering service. In: 2011 IEEE symposium on security and privacy. IEEE (2011)","DOI":"10.1109\/SP.2011.25"},{"key":"9_CR53","unstructured":"Thompson, C., Shelton, M., Stark, E., Walker, M., Schechter, E., Felt, A.P.: The web\u2019s identity crisis: understanding the effectiveness of website identity indicators. In: 28th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2019) (2019)"},{"key":"9_CR54","unstructured":"Thompson, M.: The harmful consequences of the robustness principle (draft) (2018)"},{"key":"9_CR55","unstructured":"Tom: Security: uxss in chrome on ios. bugs.chromium.org (2018)"},{"key":"9_CR56","unstructured":"Tsai, O.: A new era of ssrf - exploiting url parser in trending programming languages! Black Hat USA (2017)"},{"key":"9_CR57","unstructured":"Tsai, O.: Breaking parser logic! take your path normalization off and pop 0days out. Black Hat USA (2018)"},{"key":"9_CR58","doi-asserted-by":"publisher","first-page":"576","DOI":"10.1016\/j.dss.2011.03.002","volume":"51","author":"A Vishwanath","year":"2011","unstructured":"Vishwanath, A., Herath, T., Chen, R., Wang, J., Rao, H.R.: Why do people get phished? testing individual differences in phishing vulnerability within an integrated, information processing model. Decis. Supp. Syst. 51, 576\u2013586 (2011)","journal-title":"Decis. Supp. Syst."},{"key":"9_CR59","unstructured":"Wang, X., Lau, W.C., Yang, R., Shi, S.: Make redirection evil again: Url parser issues in oauth. Black Hat Asia (2019)"},{"key":"9_CR60","unstructured":"Weber, C.: (2022). https:\/\/websec.github.io\/unicode-security-guide\/"},{"key":"9_CR61","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s13673-017-0098-1","volume":"7","author":"M Zouina","year":"2017","unstructured":"Zouina, M., Outtaj, B.: A novel lightweight url phishing detection system using svm and similarity index. Human-centric Comput. Inf. Sci. 7, 1\u201313 (2017)","journal-title":"Human-centric Comput. Inf. Sci."}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-17143-7_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,23]],"date-time":"2022-09-23T04:06:29Z","timestamp":1663905989000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-17143-7_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031171420","9783031171437"],"references-count":61,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-17143-7_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"24 September 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 September 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2022.compute.dtu.dk\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"562","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"104","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}