{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:20:31Z","timestamp":1750306831464,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":59,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,3,3]],"date-time":"2014-03-03T00:00:00Z","timestamp":1393804800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,3,3]]},"DOI":"10.1145\/2557547.2557553","type":"proceedings-article","created":{"date-parts":[[2014,2,25]],"date-time":"2014-02-25T13:21:11Z","timestamp":1393334471000},"page":"61-72","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["PhishSafe"],"prefix":"10.1145","author":[{"given":"Bastian","family":"Braun","sequence":"first","affiliation":[{"name":"ISL, University of Passau, Passau, Germany"}]},{"given":"Martin","family":"Johns","sequence":"additional","affiliation":[{"name":"SAP Research, Karlsruhe, Germany"}]},{"given":"Johannes","family":"Koestler","sequence":"additional","affiliation":[{"name":"University of Passau, Passau, Germany"}]},{"given":"Joachim","family":"Posegga","sequence":"additional","affiliation":[{"name":"ISL, University of Passau, Passau, Germany"}]}],"member":"320","published-online":{"date-parts":[[2014,3,3]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315253"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/WOWMOM.2006.87"},{"volume-title":"Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS '04)","year":"2004","author":"Chou N.","key":"e_1_3_2_1_3_1"},{"key":"e_1_3_2_1_4_1","unstructured":"D. Crocker T. Hansen and M. Kucherawy. DomainKeys Identified Mail (DKIM) Signatures. RFC 6376 http:\/\/tools.ietf.org\/html\/rfc6376 (09\/03\/13).  D. Crocker T. Hansen and M. Kucherawy. DomainKeys Identified Mail (DKIM) Signatures. RFC 6376 http:\/\/tools.ietf.org\/html\/rfc6376 (09\/03\/13)."},{"key":"e_1_3_2_1_5_1","unstructured":"D. Crockford. The application\/json Media Type for JavaScript Object Notation (JSON). RFC 4627 http:\/\/tools.ietf.org\/html\/rfc4627 (09\/03\/13).  D. Crockford. The application\/json Media Type for JavaScript Object Notation (JSON). RFC 4627 http:\/\/tools.ietf.org\/html\/rfc4627 (09\/03\/13)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1073001.1073009"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143131"},{"key":"e_1_3_2_1_8_1","unstructured":"Dr. Web. New Trojan steals short messages. {online} http:\/\/news.drweb.com\/show\/?i=3549 (09\/12\/13).  Dr. Web. New Trojan steals short messages. {online} http:\/\/news.drweb.com\/show\/?i=3549 (09\/12\/13)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357219"},{"key":"e_1_3_2_1_10_1","unstructured":"EMC Corporation. RSASecurID. {online} http:\/\/www.emc.com\/security\/rsa-securid.htm (09\/12\/13).  EMC Corporation. RSASecurID. {online} http:\/\/www.emc.com\/security\/rsa-securid.htm (09\/12\/13)."},{"key":"e_1_3_2_1_11_1","unstructured":"C. Evans C. Palmer and R. Sleevi. Public Key Pinning Extension for HTTP. Internet-Draft http:\/\/tools.ietf.org\/html\/draft-ietf-websec-key-pinning-08 (09\/10\/13).  C. Evans C. Palmer and R. Sleevi. Public Key Pinning Extension for HTTP. Internet-Draft http:\/\/tools.ietf.org\/html\/draft-ietf-websec-key-pinning-08 (09\/10\/13)."},{"volume-title":"Web 2.0 Security and Privacy (W2SP)","year":"2011","author":"Felt A. P.","key":"e_1_3_2_1_12_1"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242660"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/503124.503156"},{"key":"e_1_3_2_1_15_1","unstructured":"Google. Authenticator. {online} http:\/\/code.google.com\/p\/google-authenticator\/ (09\/12\/13).  Google. Authenticator. {online} http:\/\/code.google.com\/p\/google-authenticator\/ (09\/12\/13)."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2007.03.007"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1391949.1391950"},{"key":"e_1_3_2_1_18_1","unstructured":"I. Hickson. Web Storage. {online} http:\/\/www.w3.org\/TR\/webstorage\/ (09\/10\/13).  I. Hickson. Web Storage. {online} http:\/\/www.w3.org\/TR\/webstorage\/ (09\/10\/13)."},{"key":"e_1_3_2_1_19_1","unstructured":"J. Hodges C. Jackson and A. Barth. HTTP Strict Transport Security (HSTS). RFC 6797 http:\/\/tools.ietf.org\/html\/rfc6797 (09\/10\/13).  J. Hodges C. Jackson and A. Barth. HTTP Strict Transport Security (HSTS). RFC 6797 http:\/\/tools.ietf.org\/html\/rfc6797 (09\/10\/13)."},{"key":"e_1_3_2_1_20_1","unstructured":"Internet2. Shibboleth. {online} http:\/\/shibboleth.net\/.  Internet2. Shibboleth. {online} http:\/\/shibboleth.net\/."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2005.126"},{"volume-title":"Graduate School of the University of Oregon","year":"2008","author":"Knickerbocker P.","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","unstructured":"H. Krawczyk M. Bellare and R. Canetti. HMAC: Keyed-Hashing for Message Authentication. RFC 2104 https:\/\/tools.ietf.org\/html\/rfc2104 (09\/03\/13).   H. Krawczyk M. Bellare and R. Canetti. HMAC: Keyed-Hashing for Message Authentication. RFC 2104 https:\/\/tools.ietf.org\/html\/rfc2104 (09\/03\/13)."},{"key":"e_1_3_2_1_24_1","unstructured":"H. Lockhart and B. Campbell. SAML V2.0. https:\/\/www.oasis-open.org\/committees\/download.php\/27819\/sstc-saml-tech-overview-2.0-cd-02.pdf March 2008.  H. Lockhart and B. Campbell. SAML V2.0. https:\/\/www.oasis-open.org\/committees\/download.php\/27819\/sstc-saml-tech-overview-2.0-cd-02.pdf March 2008."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_2"},{"key":"e_1_3_2_1_26_1","unstructured":"M. Marlinspike. New Tricks For Defeating SSL In Practice. Talk at BlackHat '09 http:\/\/www.blackhat.com\/presentations\/bh-dc-09\/Marlinspike\/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf (09\/10\/13).  M. Marlinspike. New Tricks For Defeating SSL In Practice. Talk at BlackHat '09 http:\/\/www.blackhat.com\/presentations\/bh-dc-09\/Marlinspike\/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf (09\/10\/13)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1460877.1460905"},{"key":"e_1_3_2_1_28_1","unstructured":"Microsoft. SenderID. {online} http:\/\/www.microsoft.com\/senderid (09\/03\/13).  Microsoft. SenderID. {online} http:\/\/www.microsoft.com\/senderid (09\/03\/13)."},{"volume-title":"John Wiley & Sons","year":"2002","author":"Mitnick K. D.","key":"e_1_3_2_1_29_1"},{"key":"e_1_3_2_1_30_1","unstructured":"Mozilla. Persona. {online} https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Persona (09\/03\/13).  Mozilla. Persona. {online} https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Persona (09\/03\/13)."},{"volume-title":"Fighting Phishing Using Past Activity Tests. In Proceedings of the 3rd European Conference on Computer Network Defense","year":"2009","author":"Nikiforakis N.","key":"e_1_3_2_1_31_1"},{"volume-title":"Proceedings of the 1st Conference on Usability, Psychology, and Security (UPSEC '08)","year":"2008","author":"Niu Y.","key":"e_1_3_2_1_32_1"},{"key":"e_1_3_2_1_33_1","unstructured":"OAuth. {online} http:\/\/oauth.net\/ (09\/03\/13).  OAuth. {online} http:\/\/oauth.net\/ (09\/03\/13)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/11889663_1"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/SESS.2007.6"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1179529.1179532"},{"key":"e_1_3_2_1_37_1","first-page":"39","volume-title":"International Journal of Advanced Engineering Sciences and Technologies (IJAEST)","author":"Reddy V. P.","year":"2011"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECCOM.2007.4550367"},{"volume-title":"Proceedings of the 14th Usenix Security Symposium (USENIX 2005)","year":"2005","author":"Ross B.","key":"e_1_3_2_1_39_1"},{"key":"e_1_3_2_1_40_1","unstructured":"RSA Data Security. SiteKey. {Hosted at Bank of America} https:\/\/www.bankofamerica.com\/privacy\/online-mobile-banking-privacy\/sitekey.go (08\/01\/13).  RSA Data Security. SiteKey. {Hosted at Bank of America} https:\/\/www.bankofamerica.com\/privacy\/online-mobile-banking-privacy\/sitekey.go (08\/01\/13)."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/SSIRI.2010.17"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1779274.1779303"},{"volume-title":"An Empirical Analysis of Phishing Blacklists. In Sixth Conference on Email and AntiSpam (CEAS 2009)","year":"2009","author":"Sheng S.","key":"e_1_3_2_1_43_1"},{"key":"e_1_3_2_1_44_1","unstructured":"The Anti-Phishing Working Group (APWG). Global Phishing Survey: Domain Name Use and Trends in 2H2012. {online} http:\/\/docs.apwg.org\/reports\/APWG_GlobalPhishingSurvey_2H2012.pdf (09\/03\/13).  The Anti-Phishing Working Group (APWG). Global Phishing Survey: Domain Name Use and Trends in 2H2012. {online} http:\/\/docs.apwg.org\/reports\/APWG_GlobalPhishingSurvey_2H2012.pdf (09\/03\/13)."},{"volume-title":"1st Quarter","year":"2013","author":"The Anti-Phishing Working Group (APWG).","key":"e_1_3_2_1_45_1"},{"key":"e_1_3_2_1_46_1","unstructured":"The Anti-Phishing Working Group (APWG). Phishing Attack Trends Reports. {online} http:\/\/www.apwg.org\/resources\/apwg-reports\/ (09\/03\/13).  The Anti-Phishing Working Group (APWG). Phishing Attack Trends Reports. {online} http:\/\/www.apwg.org\/resources\/apwg-reports\/ (09\/03\/13)."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSE.2009.306"},{"key":"e_1_3_2_1_48_1","unstructured":"L. Varteressian. Yahoo! Sign-In Seal. {online} http:\/\/security.yahoo.com\/sign-seal-000000996.html (08\/01\/13).  L. Varteressian. Yahoo! Sign-In Seal. {online} http:\/\/security.yahoo.com\/sign-seal-000000996.html (08\/01\/13)."},{"key":"e_1_3_2_1_49_1","unstructured":"B. Violino. After Phishing? Pharming! {online} http:\/\/www.csoonline.com\/article\/220629\/after-phishing-pharming- (09\/10\/13).  B. Violino. After Phishing? Pharming! {online} http:\/\/www.csoonline.com\/article\/220629\/after-phishing-pharming- (09\/10\/13)."},{"key":"e_1_3_2_1_50_1","unstructured":"WHATWG. Cross-document messaging. {online} http:\/\/www.whatwg.org\/specs\/web-apps\/current-work\/multipage\/web-messaging.html (09\/06\/13).  WHATWG. Cross-document messaging. {online} http:\/\/www.whatwg.org\/specs\/web-apps\/current-work\/multipage\/web-messaging.html (09\/06\/13)."},{"volume-title":"Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS '10)","year":"2010","author":"Whittaker C.","key":"e_1_3_2_1_51_1"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124863"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143133"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2019599.2019606"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.5555\/647253.720283"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143126"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2008.32"},{"key":"e_1_3_2_1_58_1","unstructured":"M. Zalewski. Browser Security Handbook part 2. {online} http:\/\/code.google.com\/p\/browsersec\/wiki\/Part2#Same-origin_policy (09\/03\/13).  M. Zalewski. Browser Security Handbook part 2. {online} http:\/\/code.google.com\/p\/browsersec\/wiki\/Part2#Same-origin_policy (09\/03\/13)."},{"volume-title":"Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 2007)","year":"2007","author":"Zhang Y.","key":"e_1_3_2_1_59_1"}],"event":{"name":"CODASPY'14: Fourth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"San Antonio Texas USA","acronym":"CODASPY'14"},"container-title":["Proceedings of the 4th ACM conference on Data and application security and privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2557547.2557553","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2557547.2557553","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:09:50Z","timestamp":1750234190000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2557547.2557553"}},"subtitle":["leveraging modern JavaScript API's for transparent and robust protection"],"short-title":[],"issued":{"date-parts":[[2014,3,3]]},"references-count":59,"alternative-id":["10.1145\/2557547.2557553","10.1145\/2557547"],"URL":"https:\/\/doi.org\/10.1145\/2557547.2557553","relation":{},"subject":[],"published":{"date-parts":[[2014,3,3]]},"assertion":[{"value":"2014-03-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}