{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,13]],"date-time":"2025-12-13T06:54:33Z","timestamp":1765608873709,"version":"3.48.0"},"publisher-location":"Cham","reference-count":86,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032137135","type":"print"},{"value":"9783032137142","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,12,14]],"date-time":"2025-12-14T00:00:00Z","timestamp":1765670400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,12,14]],"date-time":"2025-12-14T00:00:00Z","timestamp":1765670400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-13714-2_22","type":"book-chapter","created":{"date-parts":[[2025,12,13]],"date-time":"2025-12-13T06:43:34Z","timestamp":1765608214000},"page":"357-375","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Systematic Literature Review of\u00a0Vulnerabilities and\u00a0Defenses in\u00a0VPNs, Tor, and\u00a0Web Browsers"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-8740-2419","authenticated-orcid":false,"given":"Neha","family":"Agarwal","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8462-1906","authenticated-orcid":false,"given":"Ethan","family":"Mackin","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9781-2694","authenticated-orcid":false,"given":"Faiza","family":"Tazi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0004-9524-8427","authenticated-orcid":false,"given":"Mayank","family":"Grover","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0006-5941-8294","authenticated-orcid":false,"given":"Rutuja","family":"More","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1299-7867","authenticated-orcid":false,"given":"Sanchari","family":"Das","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,12,14]]},"reference":[{"key":"22_CR1","unstructured":"Berners-Lee, T.: Longer bio (1990). https:\/\/www.w3.org\/People\/Berners-Lee\/Longer.html. Accessed 25 July 2025"},{"issue":"10","key":"22_CR2","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/2.318591","volume":"27","author":"RJ Vetter","year":"1994","unstructured":"Vetter, R.J., Spell, C., Ward, C.: Mosaic and the world wide web. Computer 27(10), 49\u201357 (1994)","journal-title":"Computer"},{"key":"22_CR3","unstructured":"Galitz, W.O.: The Essential Guide to User Interface Design: An Introduction to GUI Design Principles and Techniques. Wiley (2007)"},{"key":"22_CR4","doi-asserted-by":"crossref","unstructured":"Rid, T., Hecker, M.: War 2.0: Irregular Warfare in the Information Age. Bloomsbury Publishing USA (2009)","DOI":"10.5040\/9798216033455"},{"key":"22_CR5","doi-asserted-by":"crossref","unstructured":"Venkitachalam, G., Chiueh, T.: High performance common gateway interface invocation. In: Proceedings 1999 IEEE Workshop on Internet Applications (Cat. No. PR00197), pp. 4\u201311. IEEE (1999)","DOI":"10.1109\/WIAPP.1999.788011"},{"key":"22_CR6","doi-asserted-by":"crossref","unstructured":"Kishnani, U., Das, S.: Securing the web: Analysis of http security headers in popular global websites. In: International Conference on Information Systems Security, pp. 87\u2013106. Springer (2024)","DOI":"10.1007\/978-3-031-80020-7_5"},{"key":"22_CR7","doi-asserted-by":"crossref","unstructured":"Das, S., Kim, D., Abbott, J., Camp, L.J.: User-centered phishing detection through personalized edge computing. In: Companion Publication of the 2024 Conference on Computer-Supported Cooperative Work and Social Computing, pp. 283\u2013287 (2024)","DOI":"10.1145\/3678884.3681864"},{"key":"22_CR8","doi-asserted-by":"crossref","unstructured":"Kishnani, U., Das, S.: Dual-technique privacy & security analysis for e-commerce websites through automated and manual implementation. In: Proceedings of the 2025 Hawaii International Conference on System Sciences (HICSS) (2024)","DOI":"10.24251\/HICSS.2025.554"},{"key":"22_CR9","unstructured":"Wheeler, M., Saka, S., Das, S.: User perception and actions through risk analysis concerning cookies. In: 3rd International Conference on Frontiers in Computing and Systems (COMSYS-2022) (2022)"},{"issue":"6","key":"22_CR10","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1109\/MIC.2014.106","volume":"18","author":"RL Barnes","year":"2014","unstructured":"Barnes, R.L., Thomson, M.: Browser-to-browser security assurances for WebRTC. IEEE Internet Comput. 18(6), 11\u201317 (2014)","journal-title":"IEEE Internet Comput."},{"key":"22_CR11","doi-asserted-by":"crossref","unstructured":"Taivalsaari, A., Mikkonen, T., Ingalls, D., Palacz, K.: Web browser as an application platform. In: 2008 34th Euromicro Conference Software Engineering and Advanced Applications, pp. 293\u2013302. IEEE (2008)","DOI":"10.1109\/SEAA.2008.17"},{"issue":"4","key":"22_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2501654.2501663","volume":"45","author":"J Chang","year":"2013","unstructured":"Chang, J., Venkatasubramanian, K.K., West, A.G., Lee, I.: Analyzing and defending against web-based malware. ACM Comput. Surv. (CSUR) 45(4), 1\u201335 (2013)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"6","key":"22_CR13","doi-asserted-by":"publisher","first-page":"801","DOI":"10.1007\/s10207-019-00442-1","volume":"18","author":"E Toreini","year":"2019","unstructured":"Toreini, E., Shahandashti, S.F., Mehrnezhad, M., Hao, F.: Domtegrity: ensuring web page integrity against malicious browser extensions. Int. J. Inf. Secur. 18(6), 801\u2013814 (2019)","journal-title":"Int. J. Inf. Secur."},{"key":"22_CR14","doi-asserted-by":"crossref","unstructured":"Chen, S., Chen, H., Caballero, M.: Residue objects: a challenge to web browser security. In: Proceedings of the 5th European Conference on Computer Systems, pp. 279\u2013292 (2010)","DOI":"10.1145\/1755913.1755942"},{"issue":"2","key":"22_CR15","doi-asserted-by":"publisher","first-page":"329","DOI":"10.3390\/jcp2020018","volume":"2","author":"F Tazi","year":"2022","unstructured":"Tazi, F., Shrestha, S., De La Cruz, J., Das, S.: SoK: an evaluation of the secure end user experience on the dark net through systematic literature review. J. Cybersecur. Priv. 2(2), 329\u2013357 (2022)","journal-title":"J. Cybersecur. Priv."},{"key":"22_CR16","unstructured":"Pavlicek, A., Sudzina, F.: Internet security and privacy in VPN. In: International Conference on Digital Information Management, vol. 9, pp. 133\u2013139 (2018)"},{"issue":"6","key":"22_CR17","doi-asserted-by":"publisher","first-page":"517","DOI":"10.1016\/j.comcom.2003.08.016","volume":"27","author":"WT Strayer","year":"2004","unstructured":"Strayer, W.T.: Privacy issues in virtual private networks. Comput. Commun. 27(6), 517\u2013521 (2004)","journal-title":"Comput. Commun."},{"key":"22_CR18","unstructured":"Gallagher, K., Patil, S., Memon, N.: New me: understanding expert and non-expert perceptions and usage of the tor anonymity network. In: Thirteenth Symposium on Usable Privacy and Security ($$\\{$$SOUPS$$\\}$$ 2017), pp. 385\u2013398 (2017)"},{"key":"22_CR19","unstructured":"Inc. The Tor\u00a0Project"},{"key":"22_CR20","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/j.forsciint.2019.03.030","volume":"299","author":"AK Jadoon","year":"2019","unstructured":"Jadoon, A.K., Iqbal, W., Amjad, M.F., Afzal, H., Bangash, Y.A.: Forensic analysis of tor browser: a case study for privacy and anonymity on the web. Forensic Sci. Int. 299, 59\u201373 (2019)","journal-title":"Forensic Sci. Int."},{"key":"22_CR21","doi-asserted-by":"crossref","unstructured":"Feng, T., Zhao, M.-T.: An enhancing security research of tor anonymous communication to against DDoS attacks. In: ITM Web of Conferences, vol. 12, p. 04018. EDP Sciences (2017)","DOI":"10.1051\/itmconf\/20171204018"},{"key":"22_CR22","doi-asserted-by":"publisher","DOI":"10.1016\/j.apenergy.2020.114726","volume":"264","author":"S Mishra","year":"2020","unstructured":"Mishra, S., Anderson, K., Miller, B., Boyer, K., Warren, A.: Microgrid resilience: a holistic approach for assessing threats, identifying vulnerabilities, and designing corresponding mitigation strategies. Appl. Energy 264, 114726 (2020)","journal-title":"Appl. Energy"},{"key":"22_CR23","doi-asserted-by":"crossref","unstructured":"Podapati, V.H., Nigam, D., Das, S.: SoK: a systematic review of context-and behavior-aware adaptive authentication in mobile environments. In: Proceedings of the Nineteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019) (2025)","DOI":"10.2139\/ssrn.5333334"},{"key":"22_CR24","doi-asserted-by":"crossref","unstructured":"Majumdar, R., Das, S.: SoK: an evaluation of quantum authentication through systematic literature review. In: Proceedings of the Workshop on Usable Security and Privacy (USEC) (2021)","DOI":"10.2139\/ssrn.3859056"},{"key":"22_CR25","doi-asserted-by":"crossref","unstructured":"Grover, M., Das, S.: SoK: a systematic review of privacy and security in healthcare robotics. In: International Conference on Social Robotics + AI (ICSR+AI) 2025 (2025)","DOI":"10.2139\/ssrn.5356100"},{"issue":"2","key":"22_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3650116","volume":"5","author":"F Tazi","year":"2024","unstructured":"Tazi, F., Nandakumar, A., Dykstra, J., Rajivan, P., Das, S.: SoK: analyzing privacy and security of healthcare data from the user perspective. ACM Trans. Comput. Healthc. 5(2), 1\u201331 (2024)","journal-title":"ACM Trans. Comput. Healthc."},{"key":"22_CR27","unstructured":"Zezulak, A., Tazi, F., Das, S.: SoK: evaluating privacy and security concerns of using web services for the disabled population. In: 7th Workshop on Technology and Consumer Protection (ConPro\u201923) (2023)"},{"key":"22_CR28","unstructured":"Das, S., et al.: SoK: a proposal for incorporating accessible gamified cybersecurity awareness training informed by a systematic literature review. In: Proceedings of the Workshop on Usable Security and Privacy (USEC) (2022)"},{"key":"22_CR29","doi-asserted-by":"crossref","unstructured":"D\u00fczg\u00fcn, R., Noah, N., Mayer, P., Das, S., Volkamer, M.: SoK: a systematic literature review of knowledge-based authentication on augmented reality head-mounted displays. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, pp. 1\u201312 (2022)","DOI":"10.1145\/3538969.3539011"},{"key":"22_CR30","doi-asserted-by":"crossref","unstructured":"Tazi, F., Dykstra, J., Rajivan, P., Das, S.: SoK: evaluating privacy and security vulnerabilities of patients\u2019 data in healthcare. In: International Workshop on Socio-Technical Aspects in Security, pp. 153\u2013181. Springer (2022)","DOI":"10.1007\/978-3-031-10183-0_8"},{"key":"22_CR31","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/978-3-030-93956-4_7","volume-title":"Emerging Information Security and Applications","author":"S Shrestha","year":"2022","unstructured":"Shrestha, S., Irby, E., Thapa, R., Das, S.: SoK: a systematic literature review of bluetooth security threats and mitigation measures. In: Meng, W., Katsikas, S.K. (eds.) EISA 2021. CCIS, vol. 1403, pp. 108\u2013127. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-93956-4_7"},{"key":"22_CR32","doi-asserted-by":"crossref","unstructured":"Huang, Y., et al.: Systemization of knowledge (SoK): goals, coverage, and evaluation in cybersecurity and privacy games. In: Proceedings of the 2025 CHI Conference on Human Factors in Computing Systems, pp. 1\u201327 (2025)","DOI":"10.1145\/3706598.3713798"},{"key":"22_CR33","doi-asserted-by":"publisher","DOI":"10.3389\/frai.2022.976838","volume":"5","author":"S Shrestha","year":"2022","unstructured":"Shrestha, S., Das, S.: Exploring gender biases in ML and AI academic research through systematic literature review. Front. Artif. Intell. 5, 976838 (2022)","journal-title":"Front. Artif. Intell."},{"key":"22_CR34","doi-asserted-by":"crossref","unstructured":"Kishnani, U., Madabhushi, S., Das, S.: Blockchain in oil and gas supply chain: a literature review from user security and privacy perspective. In: International Symposium on Human Aspects of Information Security and Assurance, pp. 296\u2013309. Springer (2023)","DOI":"10.1007\/978-3-031-38530-8_24"},{"key":"22_CR35","unstructured":"Das, S., Wang, B., Tingle, Z., Camp, L.J.: Evaluating user perception of multi-factor authentication: a systematic review. In: Proceedings of the Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019) (2019)"},{"key":"22_CR36","unstructured":"Das, S., Kim, A., Tingle, Z., Nippert-Eng, C.: All about phishing exploring user research through a systematic literature review. In: Proceedings of the Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019) (2019)"},{"key":"22_CR37","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/978-3-030-81111-2_16","volume-title":"Human Aspects of Information Security and Assurance","author":"JM Jones","year":"2021","unstructured":"Jones, J.M., Duezguen, R., Mayer, P., Volkamer, M., Das, S.: A literature review on virtual reality authentication. In: Furnell, S., Clarke, N. (eds.) HAISA 2021. IAICT, vol. 613, pp. 189\u2013198. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-81111-2_16"},{"key":"22_CR38","unstructured":"Akhawe, D., Felt, A.P.: Alice in warningland: a large-scale field study of browser security warning effectiveness. In: 22nd $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2013), pp. 257\u2013272 (2013)"},{"key":"22_CR39","doi-asserted-by":"crossref","unstructured":"Bulazel, A., Yener, B.: A survey on automated dynamic malware analysis evasion and counter-evasion: PC, mobile, and web. In: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium, pp. 1\u201321 (2017)","DOI":"10.1145\/3150376.3150378"},{"key":"22_CR40","doi-asserted-by":"crossref","unstructured":"Grier, C., Tang, S., King, S.T.: Secure web browsing with the op web browser. In: 2008 IEEE Symposium on Security and Privacy (SP 2008), pp. 402\u2013416. IEEE (2008)","DOI":"10.1109\/SP.2008.19"},{"key":"22_CR41","unstructured":"Rahimi, S., Zargham, M.: Quantitative evaluation of virtual private networks and its implications for communication security in industrial protocols. J. Adv. Comput. Res. 3(1) (2018)"},{"issue":"9","key":"22_CR42","first-page":"35","volume":"170","author":"PS Satish","year":"2017","unstructured":"Satish, P.S., Chavan, R.K.: Web browser security: different attacks detection and prevention techniques. Int. J. Comput. Appl. 170(9), 35\u201341 (2017)","journal-title":"Int. J. Comput. Appl."},{"key":"22_CR43","unstructured":"Al-Khaleel, A., Bani-Salameh, D., Al-Saleh, M.I.: On the memory artifacts of the tor browser bundle. In: The International Conference on Computing Technology and Information Management (ICCTIM), p. 41. Society of Digital Information and Wireless Communication (2014)"},{"key":"22_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"258","DOI":"10.1007\/978-3-319-31811-0_16","volume-title":"Risks and Security of Internet and Systems","author":"N Tsalis","year":"2016","unstructured":"Tsalis, N., Mylonas, A., Gritzalis, D.: An intensive analysis of security and privacy browser add-ons. In: Lambrinoudakis, C., Gabillon, A. (eds.) CRiSIS 2015. LNCS, vol. 9572, pp. 258\u2013273. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-31811-0_16"},{"issue":"6","key":"22_CR45","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3469845","volume":"28","author":"V Distler","year":"2021","unstructured":"Distler, V., et al.: A systematic literature review of empirical methods and risk representation in usable privacy and security research. ACM Trans. Comput.-Hum. Interact. (TOCHI) 28(6), 1\u201350 (2021)","journal-title":"ACM Trans. Comput.-Hum. Interact. (TOCHI)"},{"issue":"2","key":"22_CR46","doi-asserted-by":"publisher","first-page":"51","DOI":"10.3390\/technologies13020051","volume":"13","author":"TR McIntosh","year":"2025","unstructured":"McIntosh, T.R., et al.: From google Gemini to OpenAI Q*(Q-star): a survey on reshaping the generative artificial intelligence (AI) research landscape. Technologies 13(2), 51 (2025)","journal-title":"Technologies"},{"key":"22_CR47","unstructured":"Bower, M.: A typology of web 2.0 learning technologies. Educause feb 8, 2015 (2015)"},{"key":"22_CR48","unstructured":"Singh, K., Lee, W.: On the design of a web browser: lessons learned from operating systems. Web2. 0 Security & Privacy2008 (2008)"},{"issue":"1","key":"22_CR49","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1016\/j.ijcip.2012.01.001","volume":"5","author":"S Rahimi","year":"2012","unstructured":"Rahimi, S., Zargham, M.: Analysis of the security of VPN configurations in industrial control environments. Int. J. Crit. Infrastruct. Prot. 5(1), 3\u201313 (2012)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"22_CR50","unstructured":"\u0160ili\u0107, M., Krolo, J., Dela\u010d, G.: Security vulnerabilities in modern web browser architecture. In: The 33rd International Convention MIPRO, pp. 1240\u20131245. IEEE (2010)"},{"issue":"6","key":"22_CR51","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1109\/MNET.2013.6678928","volume":"27","author":"H Luo","year":"2013","unstructured":"Luo, H., Lin, Y., Zhang, H., Zukerman, M.: Preventing DDoS attacks by identifier\/locator separation. IEEE Network 27(6), 60\u201365 (2013)","journal-title":"IEEE Network"},{"key":"22_CR52","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"953","DOI":"10.1007\/978-981-15-5113-0_80","volume-title":"International Conference on Innovative Computing and Communications","author":"A Chetry","year":"2021","unstructured":"Chetry, A., Sharma, U.: Dark web activity on tor\u2014investigation challenges and retrieval of memory artifacts. In: Gupta, D., Khanna, A., Bhattacharyya, S., Hassanien, A.E., Anand, S., Jaiswal, A. (eds.) International Conference on Innovative Computing and Communications. AISC, vol. 1165, pp. 953\u2013964. Springer, Singapore (2021). https:\/\/doi.org\/10.1007\/978-981-15-5113-0_80"},{"key":"22_CR53","unstructured":"Rahimi, S.: Security vulnerabilities: discovery, prediction, effect, and mitigation. Southern Illinois University at Carbondale (2013)"},{"key":"22_CR54","doi-asserted-by":"crossref","unstructured":"Fraser, N.A., Kelly, D.J., Raines, R.A., Baldwin, R.O., Mullins, B.E.: Using client puzzles to mitigate distributed denial of service attacks in the tor anonymous routing environment. Technical report, Air Force Inst of Tech Wright-Patterson AFB OH Department of Electrical (2007)","DOI":"10.1109\/ICC.2007.203"},{"key":"22_CR55","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.5935","volume":"33","author":"R Pizzolante","year":"2020","unstructured":"Pizzolante, R., Castiglione, A., Carpentieri, B., Contaldo, R., D\u2019Angelo, G., Palmieri, F.: A machine learning-based memory forensics methodology for tor browser artifacts. Concurr. Comput. Pract. Exp. 33, e5935 (2020)","journal-title":"Concurr. Comput. Pract. Exp."},{"key":"22_CR56","unstructured":"Toorani, M., Beheshti, A.A.: Cryptanalysis of an elliptic curve-based signcryption scheme. arXiv preprint arXiv:1004.3521 (2010)"},{"key":"22_CR57","unstructured":"Pavkovi\u0107, N., Perkov, L.: Social engineering toolkit-a systematic approach to social engineering. In: 2011 Proceedings of the 34th International Convention MIPRO, pp. 1485\u20131489. IEEE (2011)"},{"issue":"4","key":"22_CR58","first-page":"281","volume":"2","author":"K Patil","year":"2016","unstructured":"Patil, K.: Request dependency integrity: validating web requests using dependencies in the browser environment. Int. J. Inf. Priv. Secur. Integrity 2(4), 281\u2013306 (2016)","journal-title":"Int. J. Inf. Priv. Secur. Integrity"},{"key":"22_CR59","unstructured":"Bartlett, G., Inamdar, A.: IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS. Cisco Press (2016)"},{"key":"22_CR60","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.cose.2015.04.009","volume":"52","author":"N Virvilis","year":"2015","unstructured":"Virvilis, N., Mylonas, A., Tsalis, N., Gritzalis, D.: Security busters: web browser security vs. rogue sites. Comput. Secur. 52, 90\u2013105 (2015)","journal-title":"Comput. Secur."},{"key":"22_CR61","doi-asserted-by":"crossref","unstructured":"Sawalmeh, H., Malayshi, M., Ahmad, S., Awad, A.: VPN remote access OSPF-based VPN security vulnerabilities and counter measurements. In: 2021 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), pp. 236\u2013241. IEEE (2021)","DOI":"10.1109\/3ICT53449.2021.9581512"},{"key":"22_CR62","unstructured":"Meek, S., Holguin, I.R., Das, S.: Can johnny really be anonymous? Evaluation of user data privacy within tor. In: Proceedings of the 6th Workshop on Technology and Consumer Protection (ConPro\u201922) Co-located with the 43th IEEE Symposium on Security and Privacy (IEEE S &P) (2022)"},{"key":"22_CR63","doi-asserted-by":"crossref","unstructured":"Egelman, S., Cranor, L.F., Hong, J.: You\u2019ve been warned: an empirical study of the effectiveness of web browser phishing warnings. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1065\u20131074 (2008)","DOI":"10.1145\/1357054.1357219"},{"issue":"1","key":"22_CR64","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1016\/S0099-1333(98)90138-0","volume":"24","author":"JM Arnold","year":"1998","unstructured":"Arnold, J.M., Jayne, E.A.: Dangling by a slender thread: the lessons and implications of teaching the world wide web to freshmen. J. Acad. Librariansh. 24(1), 43\u201352 (1998)","journal-title":"J. Acad. Librariansh."},{"issue":"6","key":"22_CR65","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MSP.2010.190","volume":"8","author":"M Prandini","year":"2010","unstructured":"Prandini, M., Ramilli, M., Cerroni, W., Callegati, F.: Splitting the https stream to attack secure web connections. IEEE Secur. Priv. 8(6), 80\u201384 (2010)","journal-title":"IEEE Secur. Priv."},{"issue":"5","key":"22_CR66","doi-asserted-by":"publisher","first-page":"2894","DOI":"10.3390\/app13052894","volume":"13","author":"K Lee","year":"2023","unstructured":"Lee, K., Lee, J., Yim, K.: Classification and analysis of malicious code detection techniques based on the apt attack. Appl. Sci. 13(5), 2894 (2023)","journal-title":"Appl. Sci."},{"key":"22_CR67","doi-asserted-by":"crossref","unstructured":"Olayinka, O.H.: Big data integration and real-time analytics for enhancing operational efficiency and market responsiveness. Int. J. Sci. Res. Arch. 4(1), 280-96 (2021)","DOI":"10.30574\/ijsra.2021.4.1.0179"},{"key":"22_CR68","unstructured":"Jakobsson, M., Ramzan, Z.: Crimeware: Understanding New Attacks and Defenses. Addison-Wesley Professional (2008)"},{"issue":"3","key":"22_CR69","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2835375","volume":"48","author":"R Heartfield","year":"2015","unstructured":"Heartfield, R., Loukas, G.: A taxonomy of attacks and a survey of defence mechanisms for semantic social engineering attacks. ACM Comput. Surv. (CSUR) 48(3), 1\u201339 (2015)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"22_CR70","doi-asserted-by":"crossref","unstructured":"Rogowski, R., Morton, M., Li, F., Monrose, F., Snow, K.Z., Polychronakis, M.: Revisiting browser security in the modern era: new data-only attacks and defenses. In: 2017 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 366\u2013381. IEEE (2017)","DOI":"10.1109\/EuroSP.2017.39"},{"key":"22_CR71","doi-asserted-by":"crossref","unstructured":"Guha, A., Fredrikson, M., Livshits, B., Swamy, N.: Verified security for browser extensions. In: 2011 IEEE Symposium on Security and Privacy, pp. 115\u2013130. IEEE (2011)","DOI":"10.1109\/SP.2011.36"},{"key":"22_CR72","doi-asserted-by":"crossref","unstructured":"Karami, S., Ilia, P., Solomos, K., Polakis, J.: Carnus: exploring the privacy threats of browser extension fingerprinting. In: In Proceedings of the 27th Network and Distributed System Security Symposium (NDSS) (2020)","DOI":"10.14722\/ndss.2020.24383"},{"key":"22_CR73","unstructured":"Hoffman, A.: Web Application Security. O\u2019Reilly Media, Inc. (2024)"},{"issue":"3","key":"22_CR74","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/s11416-007-0078-5","volume":"4","author":"MT Louw","year":"2008","unstructured":"Louw, M.T., Lim, J.S., Venkatakrishnan, V.N.: Enhancing web browser security against malware extensions. J. Comput. Virol. 4(3), 179\u2013195 (2008)","journal-title":"J. Comput. Virol."},{"key":"22_CR75","unstructured":"Fernandes, A.N., Markert, P., Das, S.: Where you\u2019re logged in: analyzing the usability of device activity pages. In: Annual Computer Security Applications Conference, ser. ACSAC, vol. 22 (2023)"},{"key":"22_CR76","doi-asserted-by":"crossref","unstructured":"Al-Fannah, N.M.: One leak will sink a ship: Webrtc IP address leaks. In: 2017 International Carnahan Conference on Security Technology (ICCST), pp. 1\u20135. IEEE (2017)","DOI":"10.1109\/CCST.2017.8167801"},{"key":"22_CR77","doi-asserted-by":"crossref","unstructured":"Nibert, G., Tixeuil, S., Polv\u00e9, B., M\u2019boussi, N.J.B., Nguyen, X.S.: Preventing webrtc IP address leaks. In: International Conference on Risks and Security of Internet and Systems, pp. 365\u2013381. Springer (2024)","DOI":"10.1007\/978-3-031-89350-6_22"},{"key":"22_CR78","unstructured":"Zalewski, M.: The Tangled Web: A Guide to Securing Modern Web Applications. No Starch Press (2011)"},{"key":"22_CR79","unstructured":"Danezis, G., et al.: Privacy and data protection by design-from policy to engineering. arXiv preprint arXiv:1501.03726 (2015)"},{"key":"22_CR80","unstructured":"\u00c7al\u0131\u015fkan, E., Min\u00e1rik, T., Osula, A.M.: Technical and legal overview of the tor anonymity network. NATO Cooperative Cyber Defence Centre of Excellence (2015). Available: 4 January 2016. https:\/\/ccdcoe.org\/sites\/default\/files\/multimedia\/pdf\/TOR_Anonymity_Network.pdf"},{"key":"22_CR81","unstructured":"Meek, S., Holguin, I.R., Das, S.: Evaluation of user data privacy within tor. In: Proceedings of the 2022 IEEE Security and Privacy (IEEE S &P), Workshop on Technology and Consumer Protection (ConPro 2022), San Francisco, CA, USA (2022)"},{"key":"22_CR82","doi-asserted-by":"crossref","unstructured":"Namara, M., Wilkinson, D., Caine, K., Knijnenburg, B.P.: Emotional and practical considerations towards the adoption and abandonment of VPNs as a privacy-enhancing technology. Proc. Priv. Enhancing Technol. (2020)","DOI":"10.2478\/popets-2020-0006"},{"key":"22_CR83","doi-asserted-by":"crossref","unstructured":"Khan, M.T., DeBlasio, J., Voelker, G.M., Snoeren, A.C., Kanich, C., Vallina-Rodriguez, N.: An empirical analysis of the commercial VPN ecosystem. In: Proceedings of the Internet Measurement Conference 2018, pp. 443\u2013456 (2018)","DOI":"10.1145\/3278532.3278570"},{"key":"22_CR84","doi-asserted-by":"crossref","unstructured":"Ikram, M., Vallina-Rodriguez, N., Seneviratne, S., Kaafar, M.A., Paxson, V.: An analysis of the privacy and security risks of android VPN permission-enabled apps. In: Proceedings of the 2016 Internet Measurement Conference, pp. 349\u2013364 (2016)","DOI":"10.1145\/2987443.2987471"},{"issue":"1","key":"22_CR85","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2545883","volume":"47","author":"T Winkler","year":"2014","unstructured":"Winkler, T., Rinner, B.: Security and privacy protection in visual sensor networks: a survey. ACM Comput. Surv. (CSUR) 47(1), 1\u201342 (2014)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"2","key":"22_CR86","doi-asserted-by":"publisher","first-page":"941","DOI":"10.1109\/COMST.2024.3437248","volume":"27","author":"T Senevirathna","year":"2024","unstructured":"Senevirathna, T., La, V.H., Marcha, S., Siniarski, B., Liyanage, M., Wang, S.: A survey on XAI for 5G and beyond security: technical aspects, challenges and research directions. IEEE Commun. Surv. Tutor. 27(2), 941\u2013973 (2024)","journal-title":"IEEE Commun. Surv. Tutor."}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-13714-2_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,13]],"date-time":"2025-12-13T06:43:45Z","timestamp":1765608225000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-13714-2_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,14]]},"ISBN":["9783032137135","9783032137142"],"references-count":86,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-13714-2_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,14]]},"assertion":[{"value":"14 December 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Systems Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Indore","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 December 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iciss2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/iciss.isrdc.in\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}