{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T10:45:59Z","timestamp":1773830759436,"version":"3.50.1"},"publisher-location":"Cham","reference-count":96,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031800191","type":"print"},{"value":"9783031800207","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,12,15]],"date-time":"2024-12-15T00:00:00Z","timestamp":1734220800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,15]],"date-time":"2024-12-15T00:00:00Z","timestamp":1734220800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-80020-7_5","type":"book-chapter","created":{"date-parts":[[2024,12,14]],"date-time":"2024-12-14T07:30:25Z","timestamp":1734161425000},"page":"87-106","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Securing the\u00a0Web: Analysis of\u00a0HTTP Security Headers in\u00a0Popular Global Websites"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6389-5508","authenticated-orcid":false,"given":"Urvashi","family":"Kishnani","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1299-7867","authenticated-orcid":false,"given":"Sanchari","family":"Das","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,12,15]]},"reference":[{"key":"5_CR1","unstructured":"Aaron Gee-Clough: Mirror, mirror, on the wall, who\u2019s the fairest (website) of them all? (2023). https:\/\/www.domaintools.com\/resources\/blog\/mirror-mirror-on-the-wall-whos-the-fairest-website-of-them-all\/. Accessed 15 Mar 2023"},{"key":"5_CR2","first-page":"191","volume":"104","author":"A Act","year":"1996","unstructured":"Act, A.: Health insurance portability and accountability act of 1996. Public Law 104, 191 (1996)","journal-title":"Public Law"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Al-Sanea, M.S., Al-Daraiseh, A.A.: Security evaluation of Saudi Arabia\u2019s websites using open source tools. In: 2015 First International Conference on Anti-Cybercrime (ICACC), Riyadh, Saudi Arabia, pp.\u00a01\u20135. IEEE (2015)","DOI":"10.1109\/Anti-Cybercrime.2015.7351928"},{"issue":"2","key":"5_CR4","first-page":"128","volume":"4","author":"M Aldwairi","year":"2012","unstructured":"Aldwairi, M., Alsalman, R.: MALURLS: a lightweight malicious website classification based on URL features. J. Emerg. Technol. Web Intell. 4(2), 128\u2013133 (2012)","journal-title":"J. Emerg. Technol. Web Intell."},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Baker, D.B.: Privacy and security in public health: maintaining the delicate balance between personal privacy and population safety. In: 2006 22nd Annual Computer Security Applications Conference (ACSAC 2006), pp. 3\u201322. IEEE (2006)","DOI":"10.1109\/ACSAC.2006.41"},{"key":"5_CR6","unstructured":"Bianchi, T.: Most popular websites worldwide as of November 2022, by total visits (2023). https:\/\/www.statista.com\/statistics\/1201880\/most-visited-websites-worldwide\/"},{"key":"5_CR7","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2019.113001","volume":"142","author":"R Bruni","year":"2020","unstructured":"Bruni, R., Bianchi, G.: Website categorization: a formal approach and robustness analysis in the case of e-commerce detection. Expert Syst. Appl. 142, 113001 (2020)","journal-title":"Expert Syst. Appl."},{"issue":"1","key":"5_CR8","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1109\/MSP.2009.12","volume":"7","author":"F Callegati","year":"2009","unstructured":"Callegati, F., Cerroni, W., Ramilli, M.: Man-in-the-middle attack to the HTTPS protocol. IEEE Secur. Priv. 7(1), 78\u201381 (2009)","journal-title":"IEEE Secur. Priv."},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Calzavara, S., Focardi, R., Nemec, M., Rabitti, A., Squarcina, M.: Postcards from the post-HTTP world: amplification of HTTPS vulnerabilities in the web ecosystem. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 281\u2013298. IEEE (2019)","DOI":"10.1109\/SP.2019.00053"},{"key":"5_CR10","unstructured":"Calzavara, S., Roth, S., Rabitti, A., Backes, M., Stock, B.: A tale of two headers: a formal analysis of inconsistent Click-Jacking protection on the web. In: 29th USENIX Security Symposium (USENIX Security 2020), pp. 683\u2013697 (2020)"},{"issue":"1","key":"5_CR11","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1145\/507533.507536","volume":"3","author":"KS Candan","year":"2001","unstructured":"Candan, K.S., Liu, H., Suvarna, R.: Resource description framework: metadata and its applications. ACM SIGKDD Explor. Newsl. 3(1), 6\u201319 (2001)","journal-title":"ACM SIGKDD Explor. Newsl."},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Cernica, I., Popescu, N., et\u00a0al.: Security evaluation of wordpress backup plugins. In: 2019 22nd International Conference on Control Systems and Computer Science (CSCS), New York, NY, USA, pp. 312\u2013316. IEEE (2019)","DOI":"10.1109\/CSCS.2019.00056"},{"key":"5_CR13","doi-asserted-by":"publisher","unstructured":"Chang, L., Hsiao, H.C., Jeng, W., Kim, T.H.J., Lin, W.H.: Security implications of redirection trail in popular websites worldwide. In: Proceedings of the 26th International Conference on World Wide Web, Republic and Canton of Geneva, Switzerland, pp. 1491\u20131500. International World Wide Web Conferences Steering Committee (2017). https:\/\/doi.org\/10.1145\/3038912.3052698","DOI":"10.1145\/3038912.3052698"},{"key":"5_CR14","unstructured":"Chen, J., et al.: We still don\u2019t have secure cross-domain requests: an empirical study of CORS. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 1079\u20131093 (2018)"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Chen, P., Nikiforakis, N., Huygens, C., Desmet, L.: A dangerous mix: large-scale analysis of mixed-content websites. In: Information Security: 16th International Conference, ISC 2013, Dallas, Texas, 13\u201315 November 2013, Proceedings, pp. 354\u2013363. Springer (2015)","DOI":"10.1007\/978-3-319-27659-5_25"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Cheng, K., Gao, M., Guo, R.: Analysis and research on HTTPS hijacking attacks. In: 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, Piscataway, NJ, USA, vol. 2, pp. 223\u2013226. IEEE (2010)","DOI":"10.1109\/NSWCTC.2010.187"},{"issue":"1","key":"5_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2220352.2220353","volume":"12","author":"I Dacosta","year":"2012","unstructured":"Dacosta, I., Chakradeo, S., Ahamad, M., Traynor, P.: One-time cookies: preventing session hijacking attacks with stateless authentication tokens. ACM Trans. Internet Technol. (TOIT) 12(1), 1\u201324 (2012)","journal-title":"ACM Trans. Internet Technol. (TOIT)"},{"key":"5_CR18","unstructured":"Heredia, D.: Website categorization with Python and Google NLP API (2023). https:\/\/www.danielherediamejias.com\/website-categorization-python\/. Accessed 15 Mar 2023"},{"key":"5_CR19","unstructured":"Das, S.: A risk-reduction-based incentivization model for human-centered multi-factor authentication. Indiana University (2020)"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Das, S.: Design of secure, privacy-focused, and accessible e-payment applications for older adults. arXiv preprint arXiv:2410.08555 (2024)","DOI":"10.2139\/ssrn.4983458"},{"key":"5_CR21","doi-asserted-by":"crossref","unstructured":"Das, S., Abbott, J., Gopavaram, S., Blythe, J., Camp, L.J.: User-centered risk communication for safer browsing. In: Financial Cryptography and Data Security: FC 2020 International Workshops, AsiaUSEC, CoDeFi, VOTING, and WTSC, Kota Kinabalu, Malaysia, 14 February 2020, Revised Selected Papers 24, pp. 18\u201335. Springer (2020)","DOI":"10.1007\/978-3-030-54455-3_2"},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"Das, S., Dev, J., Camp, L.J.: Privacy preserving policy framework: user-aware and user-driven. In: TPRC47: The 47th Research Conference on Communication, Information and Internet Policy (2019)","DOI":"10.2139\/ssrn.3445942"},{"key":"5_CR23","unstructured":"Das, S., Kim, A., Jelen, B., Streiff, J., Camp, L.J., Huber, L.: Towards implementing inclusive authentication technologies for older adults. Who are you (2019)"},{"key":"5_CR24","unstructured":"Das, S., Kim, A., Tingle, Z., Nippert-Eng, C.: All about phishing exploring user research through a systematic literature review. In: Proceedings of the Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019) (2019)"},{"issue":"1","key":"5_CR25","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1108\/ICS-12-2020-0204","volume":"30","author":"S Das","year":"2022","unstructured":"Das, S., Nippert-Eng, C., Camp, L.J.: Evaluating user susceptibility to phishing attacks. Inf. Comput. Secur. 30(1), 1\u201318 (2022)","journal-title":"Inf. Comput. Secur."},{"key":"5_CR26","doi-asserted-by":"crossref","unstructured":"Das, S., Salman, A.: A review of security threats from e-waste. In: Development in E-Waste Management: Sustainability and Circular Economy Aspects, p.\u00a0165 (2023)","DOI":"10.1201\/9781003301899-13"},{"key":"5_CR27","doi-asserted-by":"crossref","unstructured":"Debnath, B., Das, A., Das, S., Das, A.: Studies on security threats in waste mobile phone recycling supply chain in India. In: 2020 IEEE Calcutta Conference (CALCON), pp. 431\u2013434. IEEE (2020)","DOI":"10.1109\/CALCON49167.2020.9106531"},{"key":"5_CR28","unstructured":"Debnath, B., Das, S., Das, A.: Study exploring security threats in waste phones a life cycle based approach. In: 2019 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation. IEEE (2019)"},{"key":"5_CR29","unstructured":"Dev, J., Das, S., Camp, L.J.: Privacy practices, preferences, and compunctions: WhatsApp users in India. In: HAISA, pp. 135\u2013146 (2018)"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"Dewald, A., Holz, T., Freiling, F.C.: ADSandbox: sandboxing JavaScript to fight malicious websites. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 1859\u20131864 (2010)","DOI":"10.1145\/1774088.1774482"},{"key":"5_CR31","doi-asserted-by":"crossref","unstructured":"Doln\u00e1k, I., Litvik, J.: Introduction to HTTP security headers and implementation of HTTP strict transport security (HSTS) header for HTTPS enforcing. In: 2017 15th International Conference on Emerging eLearning Technologies and Applications (ICETA), Piscataway, NJ, USA, pp.\u00a01\u20134. IEEE (2017)","DOI":"10.1109\/ICETA.2017.8102478"},{"key":"5_CR32","unstructured":"Felt, A.P., Barnes, R., King, A., Palmer, C., Bentzel, C., Tabriz, P.: Measuring HTTPS adoption on the web. Technical report, Google (2017)"},{"key":"5_CR33","unstructured":"Felt, A.P., et al.: Rethinking connection security indicators. In: Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Berkeley, CA, USA, pp. 1\u201314. USENIX Association (2016)"},{"key":"5_CR34","unstructured":"Fernandes, A.N., Markert, P., Das, S.: Where you\u2019re logged in: analyzing the usability of device activity pages (work-in-progress). In: Annual Computer Security Applications Conference, ser. ACSAC, vol.\u00a022 (2023)"},{"issue":"5","key":"5_CR35","doi-asserted-by":"publisher","first-page":"440","DOI":"10.1109\/TDSC.2013.45","volume":"11","author":"J Fonseca","year":"2013","unstructured":"Fonseca, J., Vieira, M., Madeira, H.: Evaluation of web security mechanisms using vulnerability & attack injection. IEEE Trans. Dependable Secure Comput. 11(5), 440\u2013453 (2013)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"5_CR36","unstructured":"The OWASP Foundation: Web security testing framework (2022). https:\/\/owasp.org\/www-project-web-security-testing-guide\/latest\/3-The_OWASP_Testing_Framework\/0-The_Web_Security_Testing_Framework. Accessed 28 May 2024"},{"key":"5_CR37","doi-asserted-by":"crossref","unstructured":"Gadient, P., Nierstrasz, O., Ghafari, M.: Security header fields in HTTP clients. In: 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS), New York, NY, USA, pp. 93\u2013101. IEEE (2021)","DOI":"10.1109\/QRS54544.2021.00020"},{"key":"5_CR38","unstructured":"Google: Google NLP (2023). https:\/\/cloud.google.com\/natural-language. Accessed 15 Mar 2023"},{"key":"5_CR39","unstructured":"Gopavaram, S., Dev, J., Grobler, M., Kim, D., Das, S., Camp, L.J.: Cross-national study on phishing resilience. In: Proceedings of the Workshop on Usable Security and Privacy (USEC) (2021)"},{"key":"5_CR40","unstructured":"Gopavaram, S.R., Dev, J., Das, S., Camp, J.: IoTMarketplace: informing purchase decisions with risk communication. Technical report, Working Paper (2019). ftp:\/\/svn.soic.indiana.edu\/pub\/techreports\/TR742.pdf"},{"key":"5_CR41","doi-asserted-by":"crossref","unstructured":"Hadan, H., Serrano, N., Das, S., Camp, L.J.: Making IoT worthy of human trust. In: TPRC47: The 47th Research Conference on Communication, Information and Internet Policy (2019)","DOI":"10.2139\/ssrn.3426871"},{"issue":"7","key":"5_CR42","first-page":"1305","volume":"65","author":"MJ Harvey","year":"2014","unstructured":"Harvey, M.J., Harvey, M.G.: Privacy and security issues for mobile health platforms. J. Am. Soc. Inf. Sci. 65(7), 1305\u20131318 (2014)","journal-title":"J. Am. Soc. Inf. Sci."},{"key":"5_CR43","unstructured":"Huang, L.S., Moshchuk, A., Wang, H.J., Schecter, S., Jackson, C.: Clickjacking: attacks and defenses. In: USENIX Security Symposium, Berkeley, CA, USA, pp. 413\u2013428. USENIX Association (2012)"},{"key":"5_CR44","doi-asserted-by":"crossref","unstructured":"Ibrishimova, M.D., Li, K.F.: A machine learning approach to fake news detection using knowledge verification and natural language processing. In: Advances in Intelligent Networking and Collaborative Systems: The 11th International Conference on Intelligent Networking and Collaborative Systems (INCoS-2019), pp. 223\u2013234. Springer (2020)","DOI":"10.1007\/978-3-030-29035-1_22"},{"key":"5_CR45","first-page":"1135","volume":"2","author":"D Jaar","year":"2008","unstructured":"Jaar, D., Zeller, P.E.: Canadian privacy law: the personal information protection and electronic documents act (PIPEDA). Int\u2019l. In-House Counsel J. 2, 1135 (2008)","journal-title":"Int\u2019l. In-House Counsel J."},{"key":"5_CR46","doi-asserted-by":"crossref","unstructured":"Jammalamadaka, R.C., Van Der\u00a0Horst, T.W., Mehrotra, S., Seamons, K.E., Venkasubramanian, N.: Delegate: a proxy based architecture for secure website access from an untrusted machine. In: 2006 22nd Annual Computer Security Applications Conference (ACSAC 2006), pp. 57\u201366. IEEE (2006)","DOI":"10.1109\/ACSAC.2006.23"},{"issue":"4","key":"5_CR47","doi-asserted-by":"publisher","first-page":"595","DOI":"10.4304\/jsw.6.4.595-603","volume":"6","author":"L Jiang","year":"2011","unstructured":"Jiang, L., Chen, H., Deng, F., Zhong, Q.: A security evaluation method based on threat classification for web service. J. Softw. 6(4), 595\u2013603 (2011)","journal-title":"J. Softw."},{"key":"5_CR48","doi-asserted-by":"crossref","unstructured":"Johns, M., Engelmann, B., Posegga, J.: XSSDS: server-side detection of cross-site scripting attacks. In: 2008 Annual Computer Security Applications Conference (ACSAC), pp. 335\u2013344. IEEE (2008)","DOI":"10.1109\/ACSAC.2008.36"},{"key":"5_CR49","doi-asserted-by":"crossref","unstructured":"Kishnani, U., Noah, N., Das, S., Dewri, R.: Privacy and security evaluation of mobile payment applications through user-generated reviews. In: Proceedings of the 21st Workshop on Privacy in the Electronic Society, pp. 159\u2013173 (2022)","DOI":"10.1145\/3559613.3563196"},{"key":"5_CR50","doi-asserted-by":"crossref","unstructured":"Kishnani, U., Noah, N., Das, S., Dewri, R.: Assessing security, privacy, user interaction, and accessibility features in popular e-payment applications. In: Proceedings of the 2023 European Symposium on Usable Security, pp. 143\u2013157 (2023)","DOI":"10.1145\/3617072.3617102"},{"issue":"2","key":"5_CR51","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1093\/idpl\/ipx004","volume":"7","author":"H Ko","year":"2017","unstructured":"Ko, H., Leitner, J., Kim, E., Jeong, J.: Structure and enforcement of data privacy law in South Korea. Int. Data Priv. Law 7(2), 100\u2013114 (2017)","journal-title":"Int. Data Priv. Law"},{"key":"5_CR52","doi-asserted-by":"crossref","unstructured":"Kumar, A., Ghosal, T., Bhattacharjee, S., Ekbal, A.: Towards automated meta-review generation via an NLP\/ML pipeline in different stages of the scholarly peer review process. Int. J. Digit. Libr. 1\u201312 (2023)","DOI":"10.1007\/s00799-023-00359-0"},{"key":"5_CR53","doi-asserted-by":"crossref","unstructured":"Lavrenovs, A., Mel\u00f3n, F.J.R.: HTTP security headers analysis of top one million websites. In: 2018 10th International Conference on Cyber Conflict (CyCon), New York, NY, USA, pp. 345\u2013370. IEEE (2018)","DOI":"10.23919\/CYCON.2018.8405025"},{"key":"5_CR54","unstructured":"Leonard Richardson: Beautiful soup (2021). https:\/\/pypi.org\/project\/beautifulsoup4\/. Accessed 15 Mar 2023"},{"key":"5_CR55","doi-asserted-by":"crossref","unstructured":"Lichlyter, K., Kishnani, U., Hollenbach, K., Das, S.: Understanding professional needs to create privacy-preserving and secure emergent digital artworks. In: 9th Workshop on Inclusive Privacy and Security (WIPS) in Association with USENIX Symposium on Usable Privacy and Security (SOUPS) (2024)","DOI":"10.2139\/ssrn.4887854"},{"key":"5_CR56","doi-asserted-by":"crossref","unstructured":"Lukasik, M., Zens, R.: Content explorer: recommending novel entities for a document writer. In: Proceedings of the 2018 Conference on Empirical Methods in Natural Language Processing, pp. 3371\u20133380 (2018)","DOI":"10.18653\/v1\/D18-1374"},{"key":"5_CR57","unstructured":"Majestic: Majestic (2023). https:\/\/majestic.com\/. Accessed 15 Mar 2023"},{"key":"5_CR58","doi-asserted-by":"crossref","unstructured":"Meiser, G., Laperdrix, P., Stock, B.: Careful who you trust: studying the pitfalls of cross-origin communication. In: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security, pp. 110\u2013122 (2021)","DOI":"10.1145\/3433210.3437510"},{"key":"5_CR59","doi-asserted-by":"crossref","unstructured":"Mendoza, A., Chinprutthiwong, P., Gu, G.: Uncovering HTTP header inconsistencies and the impact on desktop\/mobile websites. In: Proceedings of the 2018 World Wide Web Conference, Republic and Canton of Geneva, CHE, pp. 247\u2013256. International World Wide Web Conferences Steering Committee (2018)","DOI":"10.1145\/3178876.3186091"},{"key":"5_CR60","doi-asserted-by":"crossref","unstructured":"Momenzadeh, B., Gopavaram, S., Das, S., Camp, L.J.: Bayesian evaluation of user app choices in the presence of risk communication on Android devices. In: International Symposium on Human Aspects of Information Security and Assurance, pp. 211\u2013223. Springer (2020)","DOI":"10.1007\/978-3-030-57404-8_16"},{"key":"5_CR61","unstructured":"Mozilla: Assessing security risk (2023). https:\/\/infosec.mozilla.org\/guidelines\/ assessing_security_risk. Accessed 15 Mar 2023"},{"key":"5_CR62","unstructured":"Mozilla: Mozilla observatory (2023). https:\/\/observatory.mozilla.org\/"},{"key":"5_CR63","unstructured":"Mozilla: Mozilla web security guidelines (2023). https:\/\/infosec.mozilla.org\/guidelines\/ web_security. Accessed 15 Mar 2023"},{"key":"5_CR64","doi-asserted-by":"crossref","unstructured":"Neupane, S., et al.: On the data privacy, security, and risk postures of IoT mobile companion apps. In: IFIP Annual Conference on Data and Applications Security and Privacy, pp. 162\u2013182. Springer (2022)","DOI":"10.1007\/978-3-031-10684-2_10"},{"key":"5_CR65","unstructured":"Nidhal Baccouri: Deep translator (2023). https:\/\/pypi.org\/project\/deep-translator\/. Accessed 15 Mar 2023"},{"key":"5_CR66","doi-asserted-by":"crossref","unstructured":"Noah, N., Kishnani, U., Das, S., Dewri, R.: Privacy and security evaluation of mobile payment applications through user-generated reviews. In: Workshop on Privacy in the Electronic Society (WPES 2022) (2022)","DOI":"10.1145\/3559613.3563196"},{"key":"5_CR67","doi-asserted-by":"crossref","unstructured":"Noah, N., Tayachew, A., Ryan, S., Das, S.: PhisherCop: developing an NLP-based automated tool for phishing detection. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol.\u00a066, pp. 2093\u20132097. SAGE Publications, Los Angeles (2022)","DOI":"10.1177\/1071181322661060"},{"key":"5_CR68","doi-asserted-by":"crossref","unstructured":"Noman, A.S.M., Das, S., Patil, S.: Techies against Facebook: understanding negative sentiment toward Facebook via user generated content. In: Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, pp. 1\u201315 (2019)","DOI":"10.1145\/3290605.3300698"},{"issue":"4","key":"5_CR69","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1109\/4236.865085","volume":"4","author":"JS Park","year":"2000","unstructured":"Park, J.S., Sandhu, R.: Secure cookies on the web. IEEE Internet Comput. 4(4), 36\u201344 (2000)","journal-title":"IEEE Internet Comput."},{"key":"5_CR70","unstructured":"Pochat, V.L., Van\u00a0Goethem, T., Tajalizadehkhoob, S., Korczy\u0144ski, M., Joosen, W.: Tranco: a research-oriented top sites ranking hardened against manipulation. In: Proceedings of the 2019 Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, pp. 1\u201315. Internet Society (2019)"},{"issue":"1","key":"5_CR71","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1093\/ijlit\/eaaa003","volume":"28","author":"M Deva Prasad","year":"2020","unstructured":"Deva Prasad, M., Suchithra Menon, C.: The personal data protection bill, 2018: India\u2019s regulatory journey towards a comprehensive data protection law. Int. J. Law Inf. Technol. 28(1), 1\u201319 (2020)","journal-title":"Int. J. Law Inf. Technol."},{"key":"5_CR72","unstructured":"Quancast (2023). https:\/\/www.quantcast.com\/. Accessed 15 Mar 2023"},{"key":"5_CR73","doi-asserted-by":"crossref","unstructured":"Rajalakshmi, R., Aravindan, C.: Naive bayes approach for website classification. In: Information Technology and Mobile Communication: International Conference, AIM 2011, Nagpur, Maharashtra, India, 21\u201322 April 2011, Proceedings, pp. 323\u2013326. Springer, Heidelberg (2011)","DOI":"10.1007\/978-3-642-20573-6_55"},{"key":"5_CR74","doi-asserted-by":"crossref","unstructured":"de los Santos, S., Torrano, C., Rubio, Y., Brezo, F.: Implementation state of HSTS and HPKP in both browsers and servers. In: Cryptology and Network Security: 15th International Conference, CANS 2016, Milan, Italy, 14\u201316 November 2016, Proceedings 15, pp. 192\u2013207. Springer, Cham (2016)","DOI":"10.1007\/978-3-319-48965-0_12"},{"key":"5_CR75","unstructured":"Selvi, J.: Bypassing HTTP strict transport security. In: Black Hat Europe, vol.\u00a054, pp.\u00a01\u20134. Black Hat, Amsterdam (2014)"},{"issue":"4","key":"5_CR76","first-page":"311","volume":"11","author":"S Shabudin","year":"2020","unstructured":"Shabudin, S., Sani, N.S., Ariffin, K.A.Z., Aliff, M.: Feature selection for phishing website classification. Int. J. Adv. Comput. Sci. Appl. 11(4), 311\u2013317 (2020)","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"issue":"2","key":"5_CR77","first-page":"4","volume":"8","author":"B Shah","year":"2017","unstructured":"Shah, B.: Cisco umbrella: a cloud-based secure internet gateway (SIG) on and off network. Int. J. Adv. Res. Comput. Sci. 8(2), 4\u20137 (2017)","journal-title":"Int. J. Adv. Res. Comput. Sci."},{"key":"5_CR78","doi-asserted-by":"crossref","unstructured":"Shalkarbayuli, A., Kairbekov, A., Amangeldi, Y.: Comparison of traditional machine learning methods and Google services in identifying tonality on Russian texts. In: Journal of Physics: Conference Series, vol.\u00a01117, p. 012002. IOP Publishing (2018)","DOI":"10.1088\/1742-6596\/1117\/1\/012002"},{"key":"5_CR79","doi-asserted-by":"crossref","unstructured":"Shi, H.Z., Chen, B., Yu, L.: Analysis of web security comprehensive evaluation tools. In: 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing, Wuhan, China, vol.\u00a01, pp. 285\u2013289. IEEE (2010)","DOI":"10.1109\/NSWCTC.2010.72"},{"key":"5_CR80","unstructured":"Skipfish (2023). https:\/\/www.kali.org\/tools\/skipfish\/. Accessed 15 Mar 2023"},{"issue":"12","key":"5_CR81","doi-asserted-by":"crossref","first-page":"1163","DOI":"10.1007\/s00607-013-0369-2","volume":"96","author":"B Stock","year":"2014","unstructured":"Stock, B., Mueller, M., Johns, M., Steffens, M.: The state of the art in client-side web security: standards, technologies, and shortcomings. Computing 96(12), 1163\u20131190 (2014)","journal-title":"Computing"},{"key":"5_CR82","doi-asserted-by":"crossref","unstructured":"Surani, A., et al.: Security and privacy of digital mental health: an analysis of web services and mobile applications. In: IFIP Annual Conference on Data and Applications Security and Privacy, pp. 319\u2013338. Springer (2023)","DOI":"10.1007\/978-3-031-37586-6_19"},{"key":"5_CR83","doi-asserted-by":"crossref","unstructured":"Surani, A., et al.: Security and privacy of digital mental health: an analysis of web services and mobile apps. In: Conference on Data and Applications Security and Privacy (2023)","DOI":"10.2139\/ssrn.4469981"},{"key":"5_CR84","unstructured":"Surani, A., Das, S.: Understanding privacy and security postures of healthcare chatbots. In: ACM CHI Conference on Human Factors in Computing Systems 2022 (2022)"},{"key":"5_CR85","doi-asserted-by":"crossref","unstructured":"Szydlowski, M., Kruegel, C., Kirda, E.: Secure input for web applications. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp. 375\u2013384. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.28"},{"issue":"CSCW1","key":"5_CR86","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3579547","volume":"7","author":"AC Tally","year":"2023","unstructured":"Tally, A.C., Abbott, J., Bochner, A., Das, S., Nippert-Eng, C.: What mid-career professionals think, know, and feel about phishing: opportunities for university it departments to better empower employees in their anti-phishing decisions. Proc. ACM Hum.-Comput. Interact. 7(CSCW1), 1\u201327 (2023)","journal-title":"Proc. ACM Hum.-Comput. Interact."},{"key":"5_CR87","doi-asserted-by":"crossref","unstructured":"Tally, A.C., Abbott, J., Bochner, A.M., Das, S., Nippert-Eng, C.: Tips, tricks, and training: supporting anti-phishing awareness among mid-career office workers based on employees\u2019 current practices. In: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, pp. 1\u201313 (2023)","DOI":"10.1145\/3544548.3580650"},{"key":"5_CR88","doi-asserted-by":"crossref","unstructured":"Tazi, F., et al.: Accessibility evaluation of IoT Android mobile companion apps. In: Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems, pp.\u00a01\u20137 (2023)","DOI":"10.1145\/3544549.3585652"},{"issue":"2","key":"5_CR89","doi-asserted-by":"publisher","first-page":"329","DOI":"10.3390\/jcp2020018","volume":"2","author":"F Tazi","year":"2022","unstructured":"Tazi, F., Shrestha, S., De La Cruz, J., Das, S.: SoK: an evaluation of the secure end user experience on the dark net through systematic literature review. J. Cybersecurity Priv. 2(2), 329\u2013357 (2022)","journal-title":"J. Cybersecurity Priv."},{"key":"5_CR90","doi-asserted-by":"crossref","unstructured":"Unchit, P., Das, S., Kim, A., Camp, L.J.: Quantifying susceptibility to spear phishing in a high school environment using signal detection theory. In: Human Aspects of Information Security and Assurance: 14th IFIP WG 11.12 International Symposium, HAISA 2020, Mytilene, Lesbos, Greece, 8\u201310 July 2020, Proceedings 14, pp. 109\u2013120. Springer (2020)","DOI":"10.1007\/978-3-030-57404-8_9"},{"key":"5_CR91","doi-asserted-by":"crossref","unstructured":"Vallina, P., Feal, \u00c1., Gamba, J., Vallina-Rodriguez, N., Anta, A.F.: Tales from the porn: a comprehensive privacy analysis of the web porn ecosystem. In: Proceedings of the Internet Measurement Conference, pp. 245\u2013258 (2019)","DOI":"10.1145\/3355369.3355583"},{"key":"5_CR92","unstructured":"Vallina, P., Gamba, J., Feal, A., Vallina-Rodriguez, N., Fern\u00e1ndez\u00a0Anta, A., et\u00a0al.: This is my private business! privacy risks on adult websites. In: IV Jornadas Nacionales de Investigaci\u00f3n en Ciberseguridad (JNIC 2018) (2018)"},{"key":"5_CR93","unstructured":"VeNoMouS: cloudscraper (2021). https:\/\/pypi.org\/project\/cloudscraper\/. Accessed 15 Mar 2023"},{"key":"5_CR94","unstructured":"w3af (2023). http:\/\/w3af.org\/. Accessed 15 Mar 2023"},{"key":"5_CR95","doi-asserted-by":"crossref","unstructured":"Walsh, K., Tazi, F., Markert, P., Das, S.: My account is compromised-what do i do? Towards an intercultural analysis of account remediation for websites. In: Proceedings of the Sixth Workshop on Inclusive Privacy and Security (WIPS 2021): in Association with the Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021) (2021)","DOI":"10.2139\/ssrn.3875896"},{"key":"5_CR96","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1057\/palgrave.dddmp.4340563","volume":"8","author":"RF Wilson","year":"2006","unstructured":"Wilson, R.F., Pettijohn, J.B.: Search engine optimisation: a primer on keyword strategies. J. Direct Data Digit. Mark. Pract. 8, 121\u2013133 (2006)","journal-title":"J. Direct Data Digit. Mark. Pract."}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-80020-7_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,14]],"date-time":"2024-12-14T08:03:35Z","timestamp":1734163415000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-80020-7_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,15]]},"ISBN":["9783031800191","9783031800207"],"references-count":96,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-80020-7_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,12,15]]},"assertion":[{"value":"15 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Systems Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Jaipur","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iciss2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/iciss.isrdc.in","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}