{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,5]],"date-time":"2025-07-05T23:42:41Z","timestamp":1751758961240,"version":"3.40.3"},"publisher-location":"Cham","reference-count":56,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031230196"},{"type":"electronic","value":"9783031230202"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-23020-2_11","type":"book-chapter","created":{"date-parts":[[2022,12,6]],"date-time":"2022-12-06T07:03:04Z","timestamp":1670310184000},"page":"193-213","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A First Look at\u00a0Android Apps\u2019 Third-Party Resources Loading"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2431-3039","authenticated-orcid":false,"given":"Hina","family":"Qayyum","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0722-1917","authenticated-orcid":false,"given":"Muhammad","family":"Salman","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3559-5123","authenticated-orcid":false,"given":"I. Wayan Budi","family":"Sentana","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7331-9563","authenticated-orcid":false,"given":"Duc Linh Giang","family":"Nguyen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2113-3390","authenticated-orcid":false,"given":"Muhammad","family":"Ikram","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3010-791X","authenticated-orcid":false,"given":"Gareth","family":"Tyson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2714-0276","authenticated-orcid":false,"given":"Mohamed Ali","family":"Kaafar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,12,7]]},"reference":[{"key":"11_CR1","unstructured":"Android.tapjoy \u2014 symantec (2019). https:\/\/www.symantec.com\/security-center\/writeup\/2014-052619-4702-99"},{"key":"11_CR2","unstructured":"AntiVirus 2019 (2019). https:\/\/play.google.com\/store\/apps\/details?id=com.androhelm.antivirus.free2"},{"key":"11_CR3","unstructured":"Apktool - a tool for reverse engineering 3rd party, closed, binary android apps (2019). https:\/\/ibotpeaches.github.io\/Apktool\/"},{"key":"11_CR4","unstructured":"BBC News (2019). https:\/\/play.google.com\/store\/apps\/details?id=bbc.mobile.news.ww"},{"key":"11_CR5","unstructured":"Borussia Dortmund (2019). https:\/\/play.google.com\/store\/apps\/details?id=de.bvb.android"},{"key":"11_CR6","unstructured":"Egypt news moment by moment (2019). https:\/\/play.google.com\/store\/apps\/details?id=com.egy.new"},{"key":"11_CR7","unstructured":"Evite: Free Online & Text Invitations (2019). https:\/\/play.google.com\/store\/apps\/details?id=com.evite"},{"key":"11_CR8","unstructured":"Github-hosted malware targets accountants with ransomware (2019). https:\/\/www.bleepingcomputer.com\/news\/security\/github-hosted-malware-targets-accountants-with-ransomware\/"},{"key":"11_CR9","unstructured":"Google play unofficial python 3 API library (2019). https:\/\/github.com\/alessandrodd\/googleplay_api"},{"key":"11_CR10","unstructured":"mitmproxy - an interactive HTTPS proxy (2019). https:\/\/mitmproxy.org"},{"key":"11_CR11","unstructured":"monkeyrunner \u2014 Android Developers (2019). https:\/\/developer.android.com\/studio\/test\/monkeyrunner\/"},{"key":"11_CR12","unstructured":"Package tracker (2019). https:\/\/play.google.com\/store\/apps\/details?id=de.orrs.deliveries"},{"key":"11_CR13","unstructured":"RoboForm Password Manager (2019). https:\/\/play.google.com\/store\/apps\/details?id=com.siber.roboform"},{"key":"11_CR14","unstructured":"Bashir, M.A., Arshad, S., Robertson, W., Wilson, C.: Tracing information flows between ad exchanges using retargeted ads. In: USENIX Security (2016)"},{"key":"11_CR15","unstructured":"Canto, J., Dacier, M., Kirda, E., Leita, C.: Large scale malware collection: lessons learned. In: SRDS (2008)"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Chen, J., et al.: Forwarding-loop attacks in content delivery networks. In: NDSS (2016)","DOI":"10.14722\/ndss.2016.23442"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious javascript code. In: Web Conference (WWW) (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Das, A., Acar, G., Borisov, N., Pradeep, A.: The web\u2019s sixth sense: a study of scripts accessing smartphone sensors. In: SIGSAC (2018)","DOI":"10.1145\/3243734.3243860"},{"key":"11_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1007\/978-3-642-02918-9_6","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"M Egele","year":"2009","unstructured":"Egele, M., Wurzinger, P., Kruegel, C., Kirda, E.: Defending browsers against drive-by downloads: mitigating heap-spraying code injection attacks. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 88\u2013106. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-02918-9_6"},{"key":"11_CR20","unstructured":"IBM X-Force Exchange: Statcounter session hijack (2005). https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/20506"},{"key":"11_CR21","unstructured":"Falahrastegar, M., Haddadi, H., Uhlig, S., Mortier, R.: Anatomy of the third-party web tracking ecosystem. In: Traffic Measurements Analysis Workshop (TMA) (2014)"},{"key":"11_CR22","unstructured":"Gatlan, S.: Github service abused by attackers to host phishing kits (2019). https:\/\/www.bleepingcomputer.com\/news\/security\/github-service-abused-by-attackers-to-host-phishing-kits\/"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Gomer, R., Rodrigues, E.M., Milic-Fraying, N., Schrafel, M.: Network analysis of third party tracking: user exposure to tracking cookies through search. In: WI-IAT (2013)","DOI":"10.1109\/WI-IAT.2013.77"},{"key":"11_CR24","unstructured":"Google: Headless chromium (2018). https:\/\/chromium.googlesource.com\/ chromium\/src\/+\/lkgr\/headless\/README.md"},{"key":"11_CR25","doi-asserted-by":"crossref","unstructured":"Grace, M.C., Zhou, W., Jiang, X., Sadeghi, A.R.: Unsafe exposure analysis of mobile in-app advertisements. In: WISEC (2012)","DOI":"10.1145\/2185448.2185464"},{"key":"11_CR26","unstructured":"GreenBerg, A.: Hack brief: malware hits 225,000 (jailbroken, mostly Chinese) iphones (2015). https:\/\/www.wired.com\/2015\/08\/hack-brief-malware-hits-225000-jailbroken-mostly-chinese-iphones\/"},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"Holzinger, P., Triller, S., Bartel, A., Bodden, E.: An in-depth study of more than ten years of java exploitation. In: CCS (2016)","DOI":"10.1145\/2976749.2978361"},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Ibosiola, D., Castro, I., Stringhini, G., Uhlig, S., Tyson, G.: Who watches the watchmen: exploring complaints on the web. In: Web Conference (WWW) (2019)","DOI":"10.1145\/3308558.3313438"},{"key":"11_CR29","doi-asserted-by":"crossref","unstructured":"Ikram, M., Asghar, H.J., K\u00e2afar, M.A., Mahanti, A., Krishnamurthy, B.: Towards seamless tracking-free web: improved detection of trackers via one-class learning. PoPETs (2017)","DOI":"10.1515\/popets-2017-0006"},{"key":"11_CR30","doi-asserted-by":"crossref","unstructured":"Ikram, M., Masood, R., Tyson, G., Kaafar, M.A., Loizon, N., Ensafi, R.: The chain of implicit trust: an analysis of the web third-party resources loading. In: WWW (2019)","DOI":"10.1145\/3308558.3313521"},{"key":"11_CR31","doi-asserted-by":"crossref","unstructured":"Ikram, M., Vallina-Rodriguez, N., Seneviratne, S., Kaafar, M.A., Paxson, V.: An analysis of the privacy and security risks of android VPN permission-enabled apps. In: IMC (2016)","DOI":"10.1145\/2987443.2987471"},{"key":"11_CR32","unstructured":"VirusTotal Inc.: Virustotal public API (2019). https:\/\/www.virustotal.com\/en\/documentation\/public-api\/"},{"key":"11_CR33","unstructured":"Janosik, J.: Russia hit by new wave of ransomware spam (2019). https:\/\/www.welivesecurity.com\/2019\/01\/28\/russia-hit-new-wave-ransomware-spam\/"},{"key":"11_CR34","unstructured":"Knockel, J., Senft, A., Deibert, R.: WUP! there it is privacy and security issues in QQ browser (2016). https:\/\/citizenlab.ca\/2016\/03\/privacy-security-issues-qq-browser\/"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Kumar, D., Ma, Z., Mirian, A., Mason, J., Halderman, J.A., Bailey, M.: Security challenges in an increasingly tangled web. In: WWW (2017)","DOI":"10.1145\/3038912.3052686"},{"key":"11_CR36","unstructured":"Kurkowski, J.: Accurately separate the TLD from the registered domain and subdomains of a URL, using the public suffix list (2018). https:\/\/github.com\/john-kurkowski\/tldextract"},{"key":"11_CR37","doi-asserted-by":"crossref","unstructured":"Lauinger, T., Chaabane, A., Arshad, S., Robertson, W., Wilson, C., Kirda, E.: Thou shalt not depend on me: analysing the use of outdated javascript libraries on the web. In: NDSS. The Internet Society (2017)","DOI":"10.14722\/ndss.2017.23414"},{"key":"11_CR38","unstructured":"Lerner, A., Simpson, A.K., Kohno, T., Roesner, F.: Internet jonesa and the raiders of the lost trackers: an archaeological study of web tracking from 1996 to 2016. In: 25th USENIX Security (2016)"},{"key":"11_CR39","doi-asserted-by":"crossref","unstructured":"Li, Z., Zhang, K., Xie, Y., Yu, F., Wang, X.: Knowing your enemy: understanding and detecting malicious web advertising. In: CCS (2012)","DOI":"10.1145\/2382196.2382267"},{"key":"11_CR40","unstructured":"MalwareDontNeedCoffee: A doubleclick https open redirect used in some malvertising chain (2015). https:\/\/malware.dontneedcoffee.com\/2015\/10\/a-doubleclick-https-open-redirect-used.html"},{"key":"11_CR41","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., et al.: You are what you include: large-scale evaluation of remote javascript inclusions. In: CCS (2012)","DOI":"10.1145\/2382196.2382274"},{"key":"11_CR42","unstructured":"Pellegrino, G., Rossow, C., Ryba, F.J., Schmidt, T.C., W\u00e4hlisch, M.: Cashing out the great cannon? on browser-based DDoS attacks and economics. In: USENIX Sec (2015)"},{"key":"11_CR43","unstructured":"Popa, B.: 85 infected android apps stealing social network passwords found on play store (2017). https:\/\/news.softpedia.com\/news\/85-infected-android-apps-stealing-social-network-passwords-found-on-play-store-518984.shtml"},{"key":"11_CR44","doi-asserted-by":"crossref","unstructured":"Rastogi, V., Shao, R., Chen, Y., Pan, X., Zou, S., Riley, R.: Are these ads safe: detecting hidden attacks through the mobile app-web interfaces. In: NDSS (2016)","DOI":"10.14722\/ndss.2016.23234"},{"key":"11_CR45","unstructured":"Reis, C., Gribble, S.D., Kohno, T., Weaver, N.C.: Detecting in-flight page changes with web tripwires. In: NSDI (2008)"},{"key":"11_CR46","unstructured":"Sequa, J.: Large angler malvertising campaign hits top publishers (2016). https:\/\/blog.malwarebytes.com\/threat-analysis\/2016\/03\/large-angler-malvertising-campaign-hits-top-publishers\/"},{"key":"11_CR47","doi-asserted-by":"crossref","unstructured":"Starov, O., Dahse, J., Ahmad, S.S., Holz, T., Nikiforakis, N.: No honor among thieves: a large-scale analysis of malicious web shells. In: WWW (2016)","DOI":"10.1145\/2872427.2882992"},{"key":"11_CR48","unstructured":"Tang, Z., et al.: iOS, your OS, everybody\u2019s OS: vetting and analyzing network services of iOS applications. In: 29th USENIX Security Symposium (USENIX Security 2020), pp. 2415\u20132432 (2020)"},{"key":"11_CR49","unstructured":"Unuchek, R.: Leaking ads securelist (2018). https:\/\/securelist.com\/leaking-ads\/85239\/"},{"key":"11_CR50","unstructured":"Vance, A.: Times web ads show security breach (2009). https:\/\/www.nytimes.com\/2009\/09\/15\/technology\/internet\/15adco.html"},{"key":"11_CR51","doi-asserted-by":"crossref","unstructured":"Vanrykel, E., Acar, G., Herrmann, M., Diaz, C.: Leaky birds: exploiting mobile application traffic for surveillance. In: ICFCDS (2016)","DOI":"10.1007\/978-3-662-54970-4_22"},{"key":"11_CR52","doi-asserted-by":"crossref","unstructured":"Vigna, G., Valeur, F., Balzarotti, D., Robertson, W., Kruegel, C., Kirda, E.: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries. JCS 17(3) (2009)","DOI":"10.3233\/JCS-2009-0321"},{"key":"11_CR53","unstructured":"Virus, Q.R.: How to remove nintendonx@qq.com virus completely (2017). https:\/\/quickremovevirus.com\/how-to-remove-nintendonxqq-com-virus-completely7"},{"key":"11_CR54","doi-asserted-by":"crossref","unstructured":"Wang, H., et al.: An explorative study of the mobile app ecosystem from app developers\u2019 perspective. In: WWW (2017)","DOI":"10.1145\/3038912.3052712"},{"key":"11_CR55","unstructured":"Wang, X.S., Balasubramanian, A., Krishnamurthy, A., Wetherall, D.: Demystify page load performance with wprof. In: USENIX NSDI (2013)"},{"key":"11_CR56","unstructured":"Whittaker, C., Ryner, B., Nazif, M.: Large-scale automatic classification of phishing pages. In: NDSS (2010)"}],"container-title":["Lecture Notes in Computer Science","Network and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-23020-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,6]],"date-time":"2022-12-06T07:09:33Z","timestamp":1670310573000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-23020-2_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031230196","9783031230202"],"references-count":56,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-23020-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"7 December 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NSS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Network and System Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denarau Island","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Fiji","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nss2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/nsclab.org\/nss2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easy chair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"83","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}