{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T22:12:57Z","timestamp":1770415977652,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":66,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,24]],"date-time":"2017-10-24T00:00:00Z","timestamp":1508803200000},"content-version":"vor","delay-in-days":365,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1540066"],"award-info":[{"award-number":["CNS-1540066"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1535796"],"award-info":[{"award-number":["CNS-1535796"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["CNS-1237265"],"award-info":[{"award-number":["CNS-1237265"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978317","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T08:46:35Z","timestamp":1477385195000},"page":"1568-1579","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":83,"title":["PREDATOR"],"prefix":"10.1145","author":[{"given":"Shuang","family":"Hao","sequence":"first","affiliation":[{"name":"University of California, Santa Barbara, Santa Barbara, CA, USA"}]},{"given":"Alex","family":"Kantchelian","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]},{"given":"Brad","family":"Miller","sequence":"additional","affiliation":[{"name":"Google, Inc., Mountain View, CA, USA"}]},{"given":"Vern","family":"Paxson","sequence":"additional","affiliation":[{"name":"University of California, Berkeley &amp; International Computer Science Institute, Berkeley, CA, USA"}]},{"given":"Nick","family":"Feamster","sequence":"additional","affiliation":[{"name":"Princeton University, Princeton, NJ, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse. In Network and Distributed System Security Symposium (NDSS)","author":"Agten P.","year":"2015","unstructured":"P. Agten, W. Joosen, F. Piessens, and N. Nikiforakis. Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse. In Network and Distributed System Security Symposium (NDSS), Feb. 2015."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671239"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.5555\/1929820.1929844"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/2028067.2028094"},{"key":"e_1_3_2_1_5_1","volume-title":"EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. In Network and Distributed System Security Symposium (NDSS)","author":"Bilge L.","year":"2011","unstructured":"L. Bilge, E. Kirda, C. Kruegel, and M. Balduzzi. EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. In Network and Distributed System Security Symposium (NDSS), Feb. 2011."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc1123"},{"key":"e_1_3_2_1_7_1","volume-title":"Understanding Domain Registration Abuses. In 25th International Information Security Conference","author":"Coull S. E.","year":"2010","unstructured":"S. E. Coull, A. M. White, T.-F. Yen, F. Monrose, and M. K. Reiter. Understanding Domain Registration Abuses. In 25th International Information Security Conference, Sept. 2010."},{"key":"e_1_3_2_1_8_1","unstructured":"Demand Media. eNom and LegitScript LLC Announce Agreement to Identify Customers Operating Illegal Online Pharmacies. http:\/\/www.businesswire.com\/news\/home\/20100921005657\/en\/ 2010."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/EC2ND.2011.16"},{"key":"e_1_3_2_1_10_1","volume-title":"http:\/\/www.domaintools.com","year":"2015","unstructured":"DomainTools. http:\/\/www.domaintools.com, 2015."},{"key":"e_1_3_2_1_11_1","unstructured":"S. Ellis. Business Email Compromise Scams on the Rise. http:\/\/www.markmonitor.com\/mmblog\/business-email-compromise-scams\/ 2015. MarkMonitor Blog."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/1390681.1442794"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855686.1855692"},{"key":"e_1_3_2_1_14_1","unstructured":"P. Festa. Identity Thieves Strike eBay. http:\/\/www.cnet.com\/news\/identity-thieves-strike-ebay\/ 2012. CNET."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242660"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2486001.2486018"},{"key":"e_1_3_2_1_17_1","volume-title":"http:\/\/www.godaddy.com\/domains\/searchbulk.aspx","author":"Registration Prices Godaddy Bulk","year":"2014","unstructured":"Godaddy Bulk Registration Prices. http:\/\/www.godaddy.com\/domains\/searchbulk.aspx, 2014."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866311"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068842"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2504730.2504753"},{"key":"e_1_3_2_1_21_1","unstructured":"K. J. Higgins. Google GoDaddy Help Form Group To Fight Fake Online Pharmacies. http:\/\/www.darkreading.com\/d\/d-id\/1134946 2010. Dark Reading."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc3632"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5730"},{"key":"e_1_3_2_1_24_1","volume-title":"Measureing and Detecting Fast-Flux Service Networks. In Network and Distributed System Security Symposium (NDSS)","author":"Holz T.","year":"2008","unstructured":"T. Holz, C. Gorecki, K. Rieck, and F. C. Freiling. Measureing and Detecting Fast-Flux Service Networks. In Network and Distributed System Security Symposium (NDSS), Feb. 2008."},{"key":"e_1_3_2_1_25_1","volume-title":"http:\/\/www.iana.org\/domains\/root\/db","author":"Root Zone Database IANA.","year":"2016","unstructured":"IANA. Root Zone Database. http:\/\/www.iana.org\/domains\/root\/db, 2016."},{"key":"e_1_3_2_1_26_1","volume-title":"Registrar Accreditation Agreement (Section 3.18). https:\/\/www.icann.org\/resources\/pages\/approved-with-specs-2013-09--17-en","author":"ICANN.","year":"2013","unstructured":"ICANN. Registrar Accreditation Agreement (Section 3.18). https:\/\/www.icann.org\/resources\/pages\/approved-with-specs-2013-09--17-en, 2013."},{"key":"e_1_3_2_1_27_1","unstructured":"ICANN. Delegated Strings of New TLDs. http:\/\/newgtlds.icann.org\/en\/program-status\/delegated-strings 2015."},{"key":"e_1_3_2_1_28_1","volume-title":"http:\/\/archive.org","author":"Archive Internet","year":"2015","unstructured":"Internet Archive. http:\/\/archive.org, 2015."},{"key":"e_1_3_2_1_29_1","volume-title":"http:\/\/iplane.cs.washington.edu\/data\/data.html","year":"2015","unstructured":"iPlane. http:\/\/iplane.cs.washington.edu\/data\/data.html, 2015."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/2969033.2969189"},{"key":"e_1_3_2_1_31_1","volume-title":"Detection of Malicious Payload Distribution Channels in DNS. In Communication and Information Systems Security Symposium","author":"Kara A. M.","year":"2014","unstructured":"A. M. Kara, H. Binsalleeh, M. Mannan, A. Youssef, and M. Debbabi. Detection of Malicious Payload Distribution Channels in DNS. In Communication and Information Systems Security Symposium, June 2014."},{"key":"e_1_3_2_1_32_1","volume-title":"Internet Engineering Task Force","author":"Klensin J.","year":"2010","unstructured":"J. Klensin. Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework. Internet Engineering Task Force, Aug. 2010. RFC 5890."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855676.1855680"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6647"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.5555\/2028067.2028086"},{"key":"e_1_3_2_1_36_1","volume-title":"Filtering Spam Email Based on Retry Patterns. In IEEE International Conference on Communications (ICC)","author":"Lieven P.","year":"2007","unstructured":"P. Lieven, B. Scheuermann, M. Stini, and M. Mauve. Filtering Spam Email Based on Retry Patterns. In IEEE International Conference on Communications (ICC), June 2007."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.5555\/1972441.1972448"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1557019.1557153"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1553374.1553462"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC1034"},{"key":"e_1_3_2_1_41_1","volume-title":"http:\/\/www.moniker.com\/service\/discounts","author":"Registration Discounts Moniker Bulk","year":"2014","unstructured":"Moniker Bulk Registration Discounts. http:\/\/www.moniker.com\/service\/discounts, 2014."},{"key":"e_1_3_2_1_42_1","volume-title":"http:\/\/www.namejet.com\/pages\/downloads.aspx","author":"Domain Name Aftermarket NameJet","year":"2015","unstructured":"NameJet Domain Name Aftermarket. http:\/\/www.namejet.com\/pages\/downloads.aspx, 2015."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/1135777.1135794"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.36"},{"key":"e_1_3_2_1_45_1","volume-title":"http:\/\/internetbs.net\/","author":"Annual","year":"2015","unstructured":"Annual Price$8.49 for .com at INTERNET.bs. http:\/\/internetbs.net\/, 2015."},{"key":"e_1_3_2_1_46_1","volume-title":"http:\/\/www.domainpeople.com\/domain-names\/pricing.html","author":"DomainPeople Annual","year":"2015","unstructured":"Annual Price$24.95 for .com at DomainPeople. http:\/\/www.domainpeople.com\/domain-names\/pricing.html, 2015."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273496.1273598"},{"key":"e_1_3_2_1_48_1","unstructured":"McAfee SiteAdvisor. https:\/\/www.siteadvisor.com\/."},{"key":"e_1_3_2_1_49_1","unstructured":"Spamhaus. http:\/\/www.spamhaus.org\/."},{"key":"e_1_3_2_1_50_1","unstructured":"Spamhaus. ABSystems Domain Registrar De-accredited. http:\/\/www.spamhaus.org\/rokso\/evidence\/ROK10342\/ 2013."},{"key":"e_1_3_2_1_51_1","volume-title":"Can Registrars Suspend Domains for Spam and Abuse? https:\/\/www.spamhaus.org\/faq\/section\/Generic%20Questions#127","year":"2015","unstructured":"Spamhaus. Can Registrars Suspend Domains for Spam and Abuse? https:\/\/www.spamhaus.org\/faq\/section\/Generic%20Questions#127, 2015."},{"key":"e_1_3_2_1_52_1","volume-title":"The Underground Economy of Fake Antivirus Software. In 10th Workshop on Economics of Information Security (WEIS)","author":"Stone-Gross B.","year":"2011","unstructured":"B. Stone-Gross, R. Abman, R. Kemmerer, C. Kruegel, D. Steigerwald, and G. Vigna. The Underground Economy of Fake Antivirus Software. In 10th Workshop on Economics of Information Security (WEIS), June 2011."},{"key":"e_1_3_2_1_53_1","unstructured":"Symantec. Rise in URL Spam. http:\/\/www.symantec.com\/connect\/blogs\/rise-url-spam 2013."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.5555\/2671225.2671238"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.25"},{"key":"e_1_3_2_1_56_1","unstructured":"URIBL. http:\/\/www.uribl.com\/."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/1326561.1326564"},{"key":"e_1_3_2_1_58_1","volume-title":"Verisign Announces Increase in .com\/.net Domain Name Fees. https:\/\/investor.verisign.com\/releasedetail.cfm?releaseid=591560","year":"2011","unstructured":"Verisign. Verisign Announces Increase in .com\/.net Domain Name Fees. https:\/\/investor.verisign.com\/releasedetail.cfm?releaseid=591560, 2011."},{"key":"e_1_3_2_1_59_1","volume-title":"http:\/\/domaincountdown.verisignlabs.com","author":"Countdown Verisign Domain","year":"2011","unstructured":"Verisign Domain Countdown. http:\/\/domaincountdown.verisignlabs.com, 2011."},{"key":"e_1_3_2_1_60_1","unstructured":"Verisign. The Domain Name Industry Brief. http:\/\/www.verisign.com\/assets\/domain-name-brief-dec2012.pdf 2012."},{"key":"e_1_3_2_1_61_1","volume-title":"Parking Sensors: Analyzing and Detecting Parked Domains. In Network and Distributed System Security Symposium (NDSS)","author":"Vissers T.","year":"2015","unstructured":"T. Vissers, W. Joosen, and N. Nikiforakis. Parking Sensors: Analyzing and Detecting Parked Domains. In Network and Distributed System Security Symposium (NDSS), Feb. 2015."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046763"},{"key":"e_1_3_2_1_63_1","volume-title":"http:\/\/who.is\/domain-history","year":"2015","unstructured":"Who.is. http:\/\/who.is\/domain-history, 2015."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/1062745.1062762"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/1402958.1402979"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2013.10"}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","location":"Vienna Austria","acronym":"CCS'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978317","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978317","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978317","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:25:02Z","timestamp":1763457902000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978317"}},"subtitle":["Proactive Recognition and Elimination of Domain Abuse at Time-Of-Registration"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":66,"alternative-id":["10.1145\/2976749.2978317","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978317","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}