{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,20]],"date-time":"2025-06-20T04:06:45Z","timestamp":1750392405663,"version":"3.41.0"},"publisher-location":"Cham","reference-count":47,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031957635","type":"print"},{"value":"9783031957642","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-95764-2_4","type":"book-chapter","created":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T06:45:37Z","timestamp":1750315537000},"page":"74-103","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Wolf in\u00a0Sheep\u2019s Clothing: Understanding and\u00a0Detecting Mobile Cloaking in\u00a0Blackhat SEO"],"prefix":"10.1007","author":[{"given":"Yan","family":"Li","sequence":"first","affiliation":[]},{"given":"Zhenrui","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Zhiyu","family":"Lang","sequence":"additional","affiliation":[]},{"given":"Xiang","family":"Li","sequence":"additional","affiliation":[]},{"given":"Jia","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Donghong","family":"Sun","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,6,20]]},"reference":[{"key":"4_CR1","unstructured":"backlinko: Mobile SEO: The definitive guide, August 2024. https:\/\/backlinko.com\/mobile-seo-guide"},{"key":"4_CR2","unstructured":"Google Search Central: Spam policies for google web search | google search central | documentation | google for developers (2024). https:\/\/developers.google.com\/search\/docs\/essentials\/spam-policies#keyword-stuffing"},{"key":"4_CR3","unstructured":"Google Search Central: Understand Javascript SEO basics | google search central | documentation | google for developers (2024). https:\/\/developers.google.com\/search\/docs\/crawling-indexing\/javascript\/javascript-seo-basics"},{"key":"4_CR4","unstructured":"Baidu URL Check (2024). https:\/\/bsb.baidu.com\/"},{"key":"4_CR5","unstructured":"Tencent URL Check (2024). https:\/\/urlsec.qq.com\/check.html"},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Chung, Y., Toyoda, M., Kitsuregawa, M.: A study of link farm distribution and evolution using a time series of web snapshots. In: ACM International Conference Proceeding Series, ACM International Conference Proceeding Series, January 2009","DOI":"10.1145\/1531914.1531917"},{"issue":"1","key":"4_CR7","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1177\/001316446002000104","volume":"20","author":"J Cohen","year":"1960","unstructured":"Cohen, J.: A coefficient of agreement for nominal scales. Educ. Psychol. Measur. 20(1), 37\u201346 (1960)","journal-title":"Educ. Psychol. Measur."},{"key":"4_CR8","doi-asserted-by":"publisher","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious Javascript code. In: Proceedings of the 19th International Conference on World Wide Web, April 2010. https:\/\/doi.org\/10.1145\/1772690.1772720","DOI":"10.1145\/1772690.1772720"},{"key":"4_CR9","unstructured":"datareportal: Digital 2023: Global overview report - datareportal - global digital insights (2023). https:\/\/datareportal.com\/reports\/digital-2023-global-overview-report"},{"key":"4_CR10","unstructured":"Du, K., Yang, H., Li, Z., Duan, H., Zhang, K.: The ever-changing labyrinth: a large-scale analysis of wildcard DNS powered blackhat SEO. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 245\u2013262 (2016)"},{"key":"4_CR11","unstructured":"EDGE of the webradio: Hitwise report: 58% of all searches are mobile | edge of the web (2016). https:\/\/edgeofthewebradio.com\/news\/hitwise-report-58-searches-mobile\/"},{"key":"4_CR12","doi-asserted-by":"publisher","unstructured":"Ford, S., Cova, M., Kruegel, C., Vigna, G.: Analyzing and detecting malicious flash advertisements. In: 2009 Annual Computer Security Applications Conference, December 2009. https:\/\/doi.org\/10.1109\/acsac.2009.41","DOI":"10.1109\/acsac.2009.41"},{"key":"4_CR13","unstructured":"Google: Mobile-first indexing best practices | google search central | documentation | google for developers (2024). https:\/\/developers.google.com\/search\/docs\/crawling-indexing\/mobile\/mobile-sites-mobile-first-indexing"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Invernizzi, L., Thomas, K., Kapravelos, A., Comanescu, O., Picod, J.M., Bursztein, E.: Cloak of visibility: detecting when machines browse a different web. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 743\u2013758. IEEE (2016)","DOI":"10.1109\/SP.2016.50"},{"key":"4_CR15","doi-asserted-by":"crossref","unstructured":"Kim, T., Park, N., Hong, J., Kim, S.W.: Phishing URL detection: a network-based approach robust to evasion. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 1769\u20131782 (2022)","DOI":"10.1145\/3548606.3560615"},{"key":"4_CR16","unstructured":"Leontiadis, N., Moore, T., Christin, N.: Measuring and analyzing Search-Redirection attacks in the illicit online prescription drug trade. In: 20th USENIX Security Symposium (USENIX Security 11) (2011)"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Leontiadis, N., Moore, T., Christin, N.: A nearly four-year longitudinal study of search-engine poisoning. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 930\u2013941 (2014)","DOI":"10.1145\/2660267.2660332"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Liao, X., Liu, C., McCoy, D., Shi, E., Hao, S., Beyah, R.: Characterizing long-tail SEO spam on cloud web hosting services. In: Proceedings of the 25th International Conference on World Wide Web, pp. 321\u2013332 (2016)","DOI":"10.1145\/2872427.2883008"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Liao, X., et\u00a0al.: Seeking nonsense, looking for trouble: efficient promotional-infection detection through semantic inconsistency search. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 707\u2013723. IEEE (2016)","DOI":"10.1109\/SP.2016.48"},{"issue":"4","key":"4_CR20","doi-asserted-by":"publisher","first-page":"7493","DOI":"10.1016\/j.eswa.2008.09.056","volume":"36","author":"JL Lin","year":"2009","unstructured":"Lin, J.L.: Detection of cloaked web spam by using tag-based methods. Expert Syst. Appl. 36(4), 7493\u20137499 (2009)","journal-title":"Expert Syst. Appl."},{"key":"4_CR21","doi-asserted-by":"publisher","unstructured":"Lu, L., Perdisci, R., Lee, W.: SURF: detecting and measuring search poisoning. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, October 2011. https:\/\/doi.org\/10.1145\/2046707.2046762","DOI":"10.1145\/2046707.2046762"},{"key":"4_CR22","unstructured":"Niu, Y., Chen, H., Hsu, F., Wang, Y.M., Ma, M.: A quantitative study of forum spamming using context-based analysis. In: NDSS. Citeseer (2007)"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Oest, A., Safaei, Y., Doup\u00e9, A., Ahn, G.J., Wardman, B., Tyers, K.: PhishFarm: a scalable framework for measuring the effectiveness of evasion techniques against browser phishing blacklists. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1344\u20131361. IEEE (2019)","DOI":"10.1109\/SP.2019.00049"},{"key":"4_CR24","unstructured":"Oxylabs: Oxylabs - high quality proxy service to gather data at scale (2024). https:\/\/oxylabs.io\/"},{"key":"4_CR25","unstructured":"Pochat, V.L., Van\u00a0Goethem, T., Tajalizadehkhoob, S., Korczy\u0144ski, M., Joosen, W.: Tranco: a research-oriented top sites ranking hardened against manipulation. arXiv preprint arXiv:1806.01156 (2018)"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Rublee, E., Rabaud, V., Konolige, K., Bradski, G.: ORB: an efficient alternative to sift or surf. In: 2011 International Conference on Computer Vision, pp. 2564\u20132571. IEEE (2011)","DOI":"10.1109\/ICCV.2011.6126544"},{"key":"4_CR27","unstructured":"Sadowski, C., Levin, G.: SimHash: hash-based similarity detection (2007)"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Stringhini, G., Kruegel, C., Vigna, G.: Shady paths: leveraging surfing crowds to detect malicious web pages. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 133\u2013144 (2013)","DOI":"10.1145\/2508859.2516682"},{"key":"4_CR29","doi-asserted-by":"crossref","unstructured":"Van\u00a0Goethem, T., Miramirkhani, N., Joosen, W., Nikiforakis, N.: Purchased fame: exploring the ecosystem of private blog networks. In: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, pp. 366\u2013378 (2019)","DOI":"10.1145\/3321705.3329830"},{"key":"4_CR30","unstructured":"Virustotal: Virustotal - home (2024). https:\/\/www.virustotal.com\/gui\/home\/url"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Virvilis, N., Tsalis, N., Mylonas, A., Gritzalis, D.: Mobile devices: a Phisher\u2019s paradise. In: 2014 11th International Conference on Security and Cryptography (SECRYPT), pp.\u00a01\u20139. IEEE (2014)","DOI":"10.5220\/0005045000790087"},{"key":"4_CR32","unstructured":"W3C: Har_vocabularyspecification_draft003.pdf (2017). https:\/\/www.w3.org\/community\/bigdata-tools\/files\/2017\/10\/HAR_VocabularySpecification_Draft003.pdf"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Wang, D.Y., et al.: Search+ seizure: the effectiveness of interventions on SEO campaigns. In: Proceedings of the 2014 Conference on Internet Measurement Conference, pp. 359\u2013372 (2014)","DOI":"10.1145\/2663716.2663738"},{"key":"4_CR34","doi-asserted-by":"crossref","unstructured":"Wang, D.Y., Savage, S., Voelker, G.M.: Cloak and dagger: dynamics of web search cloaking. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 477\u2013490 (2011)","DOI":"10.1145\/2046707.2046763"},{"key":"4_CR35","unstructured":"Wang, D.Y., Savage, S., Voelker, G.M.: Juice: a longitudinal study of an SEO Botnet. In: NDSS (2013)"},{"key":"4_CR36","unstructured":"Wang, Y.M., Ma, M.: Detecting stealth web pages that use click-through cloaking. Microsoft Research Technical Report, MSR-TR (2006)"},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"Wang, Y.M., Ma, M., Niu, Y., Chen, H.: Spam double-funnel: connecting web spammers with advertisers. In: Proceedings of the 16th International Conference on World Wide Web, pp. 291\u2013300 (2007)","DOI":"10.1145\/1242572.1242612"},{"key":"4_CR38","unstructured":"Wiki: Color histogram - Wikipedia (2024). https:\/\/en.wikipedia.org\/wiki\/Color_histogram"},{"key":"4_CR39","unstructured":"Wu, B., Davison, B.D.: Cloaking and redirection: a preliminary study. In: AIRWeb, vol. 5, pp. 7\u201316 (2005)"},{"key":"4_CR40","doi-asserted-by":"crossref","unstructured":"Wu, B., Davison, B.D.: Detecting semantic cloaking on the web. In: Proceedings of the 15th International Conference on World Wide Web, pp. 819\u2013828 (2006)","DOI":"10.1145\/1135777.1135901"},{"key":"4_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"263","DOI":"10.1007\/978-3-030-88418-5_13","volume-title":"Computer Security \u2013 ESORICS 2021","author":"H Yang","year":"2021","unstructured":"Yang, H., et al.: Mingling of clear and muddy water: understanding and detecting semantic confusion in Blackhat SEO. In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021. LNCS, vol. 12972, pp. 263\u2013284. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-88418-5_13"},{"key":"4_CR42","doi-asserted-by":"crossref","unstructured":"Yang, H., et al.: How to learn Klingon without a dictionary: detection and measurement of black keywords used by the underground economy. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 751\u2013769. IEEE (2017)","DOI":"10.1109\/SP.2017.11"},{"key":"4_CR43","unstructured":"Yang, R., et al.: Scalable detection of promotional website defacements in black hat SEO campaigns. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 3703\u20133720 (2021)"},{"key":"4_CR44","unstructured":"Zauner, C.: Implementation and benchmarking of perceptual image hash functions (2010)"},{"key":"4_CR45","doi-asserted-by":"crossref","unstructured":"Zhang, P., et\u00a0al.: CrawlPhish: large-scale analysis of client-side cloaking techniques in phishing. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 1109\u20131124. IEEE (2021)","DOI":"10.1109\/SP40001.2021.00021"},{"key":"4_CR46","doi-asserted-by":"crossref","unstructured":"Zhang, P., et\u00a0al.: I\u2019m SPARTACUS, no, I\u2019m SPARTACUS: proactively protecting users from phishing by intentionally triggering cloaking behavior. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 3165\u20133179 (2022)","DOI":"10.1145\/3548606.3559334"},{"key":"4_CR47","doi-asserted-by":"crossref","unstructured":"Zhao, R.: The chameleon on the web: an empirical study of the insidious proactive web defacements. In: Proceedings of the ACM Web Conference 2023, pp. 2241\u20132251 (2023)","DOI":"10.1145\/3543507.3583377"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-95764-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T06:45:49Z","timestamp":1750315549000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-95764-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031957635","9783031957642"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-95764-2_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"20 June 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACNS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Cryptography and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Munich","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 June 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 June 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acns2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/acns2025.fordaysec.de\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}