{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,1]],"date-time":"2025-10-01T15:22:40Z","timestamp":1759332160919,"version":"3.40.3"},"publisher-location":"Cham","reference-count":56,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319934105"},{"type":"electronic","value":"9783319934112"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-93411-2_13","type":"book-chapter","created":{"date-parts":[[2018,6,7]],"date-time":"2018-06-07T07:49:28Z","timestamp":1528357768000},"page":"281-302","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Knockin\u2019 on Trackers\u2019 Door: Large-Scale Automatic Analysis of Web Tracking"],"prefix":"10.1007","author":[{"given":"Iskander","family":"Sanchez-Rola","sequence":"first","affiliation":[]},{"given":"Igor","family":"Santos","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,6,8]]},"reference":[{"key":"13_CR1","unstructured":"Abine: Tracking list, October 2017. \n                      https:\/\/www.abine.com\/index.html"},{"key":"13_CR2","doi-asserted-by":"crossref","unstructured":"Acar, G., Eubank, C., Englehardt, S., Juarez, M., Narayanan, A., Diaz, C.: The web never forgets: persistent tracking mechanisms in the wild. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS) (2014)","DOI":"10.1145\/2660267.2660347"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Acar, G., Juarez, M., Nikiforakis, N., Diaz, C., G\u00fcrses, S., Piessens, F., Preneel, B.: FPDetective: dusting the web for fingerprinters. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS) (2013)","DOI":"10.1145\/2508859.2516674"},{"key":"13_CR4","unstructured":"AdblockPlus: EasyPrivacy, October 2017. \n                      https:\/\/easylist.adblockplus.org\/"},{"key":"13_CR5","unstructured":"AdGuard: Tracking list, October 2017. \n                      https:\/\/adguard.com\/"},{"key":"13_CR6","unstructured":"Blocksi: Web content filtering, October 2017. \n                      http:\/\/www.blocksi.net\/"},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"Canali, D., Cova, M., Vigna, G., Kruegel, C.: Prophiler: a fast filter for the large-scale detection of malicious web pages. In: Proceedings of the 20th International Conference on World Wide Web (2011)","DOI":"10.1145\/1963405.1963436"},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"Canali, D., Lanzi, A., Balzarotti, D., Kruegel, C., Christodorescu, M., Kirda, E.: A quantitative study of accuracy in system call-based malware detection. In: Proceedings of the International Symposium on Software Testing and Analysis (2012)","DOI":"10.1145\/2338965.2336768"},{"key":"13_CR9","unstructured":"Cliqz: Ghostery, October 2017. \n                      https:\/\/www.ghostery.com\/"},{"key":"13_CR10","unstructured":"Cloudacl: Web security service, October 2017. \n                      http:\/\/www.cloudacl.com\/"},{"key":"13_CR11","doi-asserted-by":"crossref","unstructured":"Cova, M., Kruegel, C., Vigna, G.: Detection and analysis of drive-by-download attacks and malicious Javascript code. In: Proceedings of the 19th International Conference on World Wide Web (2010)","DOI":"10.1145\/1772690.1772720"},{"key":"13_CR12","unstructured":"Curtsinger, C., Livshits, B., Zorn, B.G., Seifert, C.: ZOZZLE: fast and precise in-browser JavaScript malware detection. In: Proceedings of the USENIX Security Symposium (SEC) (2011)"},{"key":"13_CR13","unstructured":"NerdyData: Search engine for source code, October 2017. \n                      https:\/\/nerdydata.com\/"},{"key":"13_CR14","unstructured":"Disconnect: Tracking list, October 2017. \n                      https:\/\/disconnect.me\/"},{"key":"13_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-14527-8_1","volume-title":"Privacy Enhancing Technologies","author":"P Eckersley","year":"2010","unstructured":"Eckersley, P.: How unique is your web browser? In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 1\u201318. Springer, Heidelberg (2010). \n                      https:\/\/doi.org\/10.1007\/978-3-642-14527-8_1"},{"key":"13_CR16","unstructured":"van Eijk, R.: Tracking detection system (TDS), October 2017. \n                      https:\/\/github.com\/rvaneijk\/ruleset-for-AdBlock"},{"key":"13_CR17","doi-asserted-by":"crossref","unstructured":"Englehardt, S., Narayanan, A.: Online tracking: a 1-million-site measurement and analysis. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS) (2016)","DOI":"10.1145\/2976749.2978313"},{"key":"13_CR18","unstructured":"Englehardt, S., Narayanan, A.: OpenWPM, October 2017. \n                      https:\/\/github.com\/citp\/OpenWPM"},{"key":"13_CR19","unstructured":"Fanboy: Tracking list, October 2017. \n                      https:\/\/www.fanboy.co.nz\/"},{"key":"13_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-662-47854-7_7","volume-title":"Financial Cryptography and Data Security","author":"D Fifield","year":"2015","unstructured":"Fifield, D., Egelman, S.: Fingerprinting web users through font metrics. In: B\u00f6hme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 107\u2013124. Springer, Heidelberg (2015). \n                      https:\/\/doi.org\/10.1007\/978-3-662-47854-7_7"},{"key":"13_CR21","unstructured":"FileWatcher: The file search engine, October 2017. \n                      http:\/\/www.filewatcher.com\/"},{"key":"13_CR22","volume-title":"Statistical Methods and Scientific Inference","author":"RA Fisher","year":"1956","unstructured":"Fisher, R.A.: Statistical Methods and Scientific Inference. Hafner Publishing Co., New York (1956)"},{"key":"13_CR23","unstructured":"Fortinet: FortiGuard web filtering, October 2017. \n                      http:\/\/www.fortiguard.com\/"},{"key":"13_CR24","unstructured":"Electronic Frontier Foundation: Privacy Badger, October 2017. \n                      https:\/\/www.eff.org\/es\/privacybadger"},{"key":"13_CR25","unstructured":"Mozilla Foundation: Public suffix list, October 2017. \n                      https:\/\/publicsuffix.org\/list\/"},{"issue":"5814","key":"13_CR26","doi-asserted-by":"publisher","first-page":"972","DOI":"10.1126\/science.1136800","volume":"315","author":"BJ Frey","year":"2007","unstructured":"Frey, B.J., Dueck, D.: Clustering by passing messages between data points. Science 315(5814), 972\u2013976 (2007)","journal-title":"Science"},{"key":"13_CR27","unstructured":"Hidayat, A.: PhantomJS, October 2017. \n                      http:\/\/phantomjs.org\/"},{"key":"13_CR28","unstructured":"Ho, T.K.: Random decision forests. In: Proceedings of the International Conference on Document Analysis and Recognition (ICDAR) (1995)"},{"key":"13_CR29","unstructured":"Kamkar, S.: Evercookie, October 2017. \n                      https:\/\/github.com\/samyk\/evercookie"},{"key":"13_CR30","unstructured":"Kaspersky: Tracking list (ABBL), October 2017. \n                      http:\/\/forum.kaspersky.com\/"},{"key":"13_CR31","doi-asserted-by":"crossref","unstructured":"Krishnamurthy, B., Wills, C.: Privacy diffusion on the web: a longitudinal perspective. In: Proceedings of the International Conference on World Wide Web (WWW) (2009)","DOI":"10.1145\/1526709.1526782"},{"key":"13_CR32","unstructured":"Lerner, A., Simpson, A.K., Kohno, T., Roesner, F.: Internet jones and the raiders of the lost trackers: an archaeological study of web tracking from 1996 to 2016. In: Proceedings of the USENIX Security Symposium (SEC) (2016)"},{"key":"13_CR33","unstructured":"Lielmanis, E.: JS Beautifier, October 2017. \n                      http:\/\/jsbeautifier.org\/"},{"issue":"4","key":"13_CR34","doi-asserted-by":"publisher","first-page":"309","DOI":"10.1147\/rd.14.0309","volume":"1","author":"HP Luhn","year":"1957","unstructured":"Luhn, H.P.: A statistical approach to mechanized encoding and searching of literary information. IBM J. Res. Dev. 1(4), 309\u2013317 (1957)","journal-title":"IBM J. Res. Dev."},{"key":"13_CR35","unstructured":"MalwareBytes: Unusual exploit kit targets Chinese users (part 1). \n                      https:\/\/blog.malwarebytes.org\/exploits-2\/2015\/05\/unusual-exploit-kit-targets-chinese-users-part-1\/\n                      \n                    . Accessed Oct 2017"},{"key":"13_CR36","unstructured":"MalwareBytes: Unusual exploit kit targets Chinese users (part 2). \n                      https:\/\/blog.malwarebytes.org\/intelligence\/2015\/06\/unusual-exploit-kit-targets-chinese-users-part-2\/\n                      \n                    . Accessed Oct 2017"},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: Proceedings of the International Symposium on Security and Privacy, Oakland (2012)","DOI":"10.1109\/SP.2012.47"},{"key":"13_CR38","unstructured":"MeanPath: The source code search engine, October 2017. \n                      https:\/\/meanpath.com\/"},{"key":"13_CR39","unstructured":"Mowery, K., Shacham, H.: Pixel perfect: fingerprinting canvas in HTML5. In: Proceedings of the Web 2.0 Workshop on Security and Privacy (W2SP) (2012)"},{"key":"13_CR40","unstructured":"Nikiforakis, N., Invernizzi, L., Kapravelos, A., Van Acker, S., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: You are what you include: large-scale evaluation of remote Javascript inclusions. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS)"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: Cookieless monster: exploring the ecosystem of web-based device fingerprinting. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland (2013)","DOI":"10.1109\/SP.2013.43"},{"key":"13_CR42","doi-asserted-by":"crossref","unstructured":"Rieck, K., Krueger, T., Dewald, A.: Cujo: efficient detection and prevention of drive-by-download attacks. In: Proceedings of the Annual Computer Security Applications Conference (CSS) (2010)","DOI":"10.1145\/1920261.1920267"},{"key":"13_CR43","unstructured":"Roesner, F., Kohno, T., Wetherall, D.: Detecting and defending against third-party tracking on the web. In: Proceedings of the USENIX conference on Networked Systems Design and Implementation (NDSI) (2012)"},{"key":"13_CR44","unstructured":"Security Response, Symantec: The Waterbug attack group (2015). \n                      http:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/waterbug-attack-group.pdf"},{"key":"13_CR45","unstructured":"Selzer, A.: Beaverbird, October 2017. \n                      https:\/\/github.com\/AlexanderSelzer\/BeaverBird"},{"key":"13_CR46","unstructured":"Amazon Web Services: Alexa top sites, October 2017. \n                      https:\/\/aws.amazon.com\/es\/alexa-top-sites\/"},{"key":"13_CR47","unstructured":"Shekyan, S., Vinegar, B., Zhang, B.: PhantomJS hide and seek, October 2017. \n                      https:\/\/github.com\/ikarienator\/phantomjs_hide_and_seek"},{"key":"13_CR48","unstructured":"Singer, N.: Do not track? Advertisers say \u201cdon\u2019t tread on us\u201d (2012). \n                      http:\/\/www.nytimes.com\/2012\/10\/14\/technology\/do-not-track-movement-is-drawing-advertisers-fire.html"},{"issue":"1","key":"13_CR49","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1108\/eb026526","volume":"28","author":"K Sparck Jones","year":"1972","unstructured":"Sparck Jones, K.: A statistical interpretation of term specificity and its application in retrieval. J. Doc. 28(1), 11\u201321 (1972)","journal-title":"J. Doc."},{"key":"13_CR50","unstructured":"AVG Technologies: Privacyfix tracking list, October 2017. \n                      http:\/\/privacyfix.com"},{"key":"13_CR51","unstructured":"Threat Intelligence, FireEye: Pinpointing Targets: Exploiting Web Analytics to Ensnare Victims (2015). \n                      https:\/\/www2.fireeye.com\/rs\/848-DID-242\/images\/rpt-witchcoven.pdf"},{"key":"13_CR52","unstructured":"Web of Trust: Crowdsourced web safety, October 2017. \n                      https:\/\/www.mywot.com\/"},{"key":"13_CR53","unstructured":"TrustArc: TRUSTe tracking list, October 2017. \n                      https:\/\/www.truste.com\/"},{"key":"13_CR54","unstructured":"Vasilyev, V.: FingerprintJS, October 2017. \n                      https:\/\/github.com\/Valve\/fingerprintjs"},{"key":"13_CR55","unstructured":"Webutation: Open website reputation, October 2017. \n                      http:\/\/www.webutation.net\/"},{"key":"13_CR56","unstructured":"Yamaguchi, F., Lindner, F., Rieck, K.: Vulnerability extrapolation: assisted discovery of vulnerabilities using machine learning. In: Proceedings of the USENIX Conference on Offensive Technologies (WOOT) (2011)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-93411-2_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,3]],"date-time":"2020-03-03T03:18:57Z","timestamp":1583205537000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-93411-2_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319934105","9783319934112"],"references-count":56,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-93411-2_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"8 June 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Saclay","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.dimva2018.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}