{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T02:08:25Z","timestamp":1777342105730,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":57,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100003246","name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","doi-asserted-by":"publisher","award":["003\/628.001.003"],"award-info":[{"award-number":["003\/628.001.003"]}],"id":[{"id":"10.13039\/501100003246","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3133971","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"553-567","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":30,"title":["Herding Vulnerable Cats"],"prefix":"10.1145","author":[{"given":"Samaneh","family":"Tajalizadehkhoob","sequence":"first","affiliation":[{"name":"Delft University of Technology, Delft, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tom","family":"Van Goethem","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven, Leuven, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maciej","family":"Korczy\u0144ski","sequence":"additional","affiliation":[{"name":"Delft University of Technology, Delft, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Arman","family":"Noroozian","sequence":"additional","affiliation":[{"name":"Delft University of Technology, Delft, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rainer","family":"B\u00f6hme","sequence":"additional","affiliation":[{"name":"Innsbruck University, Innsbruck, Austria"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tyler","family":"Moore","sequence":"additional","affiliation":[{"name":"University of Tulsa, Tulsa, OK, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[{"name":"imec-DistriNet, KU Leuven, Leuven, Belgium"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michel","family":"van Eeten","sequence":"additional","affiliation":[{"name":"Delft University of Technology, Delft, Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Greg Aaron and Rod Rasmussen. 2014. Anti-Phishing Working Group (APWG) Global Phishing Survey: Trends and Domain Name Use in 1H2014. http:\/\/docs. apwg.org\/reports\/APWG_Global_Phishing_Report_1H_2014.pdf. (2014)."},{"key":"e_1_3_2_2_2_1","unstructured":"Greg Aaron and Rod Rasmussen. 2015. Anti-Phishing Working Group (APWG) Global Phishing Survey: Trends and Domain Name Use in 2H2014. http:\/\/docs. apwg.org\/reports\/APWG_Global_Phishing_Report_2H_2014.pdf. (2015)."},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978380"},{"key":"e_1_3_2_2_4_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Aviram Nimrod","year":"2016","unstructured":"Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J Alex Halderman, Viktor Dukhovni, et al. 2016. DROWN: breaking TLS using SSLv2. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, 689--706."},{"key":"e_1_3_2_2_5_1","unstructured":"Ben Balker. 2017. Dealing with quasi-models in R. https:\/\/cran.r-project.org\/ web\/packages\/bbmle\/vignettes\/quasi.pdf. (2017)."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978338"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488405"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978301"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyw005"},{"key":"e_1_3_2_2_10_1","volume-title":"2th Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET 09)","author":"Cheung Steven","year":"2009","unstructured":"Steven Cheung and Alfonso Valdes. 2009. Malware Characterization through Alert Pattern Discovery. In 2th Usenix Workshop on Large-scale Exploits and Emergent Threats (LEET 09). USENIX Association. http:\/\/static.usenix.org\/legacy\/ events\/leet09\/tech\/full_papers\/cheung\/cheung_html\/"},{"key":"e_1_3_2_2_11_1","volume-title":"Concentrating Correctly on Cybercrime Concentration. In 14th Workshop on the Economics of Information Security (WEIS). http:\/\/www.econinfosec.org\/archive\/weis2015\/papers\/ WEIS_2015_clayton.pdf","author":"Clayton Richard","year":"2015","unstructured":"Richard Clayton, Tyler Moore, and Nicolas Christin. 2015. Concentrating Correctly on Cybercrime Concentration. In 14th Workshop on the Economics of Information Security (WEIS). http:\/\/www.econinfosec.org\/archive\/weis2015\/papers\/ WEIS_2015_clayton.pdf"},{"key":"e_1_3_2_2_12_1","unstructured":"cPanel. 2017. cPanel TSR-2017-0002 Full Disclosure. http:\/\/news.cpanel.com\/ cpanel-tsr-2017-0002-full-disclosure. (2017)."},{"key":"e_1_3_2_2_13_1","unstructured":"Alban Diquet. 2016. SSLyze. https:\/\/github.com\/nabla-c0d3\/sslyze. (2016)."},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_2_2_15_1","unstructured":"Brian Habing. 2003. Exploratory factor analysis. University of South Carolina- October 15 (2003)."},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-9473(03)00062-8"},{"key":"e_1_3_2_2_17_1","unstructured":"hosting.com. 2012. Best Practices for Architecting Your Hosted Systems for 100% Application Availability. http:\/\/www.hosting.com\/wp-content\/uploads\/2013\/11\/ Hosting_2012-04-WP-Architect-Availability.pdf. (2012)."},{"key":"e_1_3_2_2_18_1","volume-title":"New Year","author":"Security Intelligence IBM","year":"2016","unstructured":"IBM Security Intelligence. 2016. New Year, New Problems: CMS Vulnerabilites Take on 2016. https:\/\/securityintelligence.com\/news\/ new-year-new-problems-cms-vulnerabilites-take-on-2016. (2016)."},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1135777.1135817"},{"key":"e_1_3_2_2_20_1","volume-title":"Reducing the Impact of Amplification DDoS Attacks. In 23rd USENIX Security Symposium (USENIX Security 14)","author":"K\u00fchrer Marc","year":"2014","unstructured":"Marc K\u00fchrer, Thomas Hupperich, Christian Rossow, and Thorsten Holz. 2014. Exit from Hell? Reducing the Impact of Amplification DDoS Attacks. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association, 111--125."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516703"},{"key":"e_1_3_2_2_22_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Li Frank","year":"2016","unstructured":"Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey, Damon McCoy, Stefan Savage, and Vern Paxson. 2016. You've Got Vulnerability: Exploring Effective Vulnerability Notifications. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, 1033--1050."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872427.2883039"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1972441.1972448"},{"key":"e_1_3_2_2_25_1","unstructured":"M3AAWG. 2015. M3AAWG Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers. https:\/\/www.m3aawg.org\/sites\/default\/files\/document\/ M3AAWG_Hosting_Abuse_BCPs-2015-03.pdf. (2015)."},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382285"},{"key":"e_1_3_2_2_27_1","volume-title":"Internet Technology And Secured Transactions, 2012 International Conference for. IEEE, 318--323","author":"Mirheidari Seyed Ali","year":"2012","unstructured":"Seyed Ali Mirheidari, Sajjad Arshad, Saeidreza Khoshkdahan, and Rasool Jalili. 2012. Two novel server-side attacks against log file in Shared Web Hosting servers. In Internet Technology And Secured Transactions, 2012 International Conference for. IEEE, 318--323."},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1299015.1299016"},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39235-1_1"},{"key":"e_1_3_2_2_30_1","unstructured":"National Institute of Standards and Technology (NIST. 2017. National Vulnerability Database. https:\/\/nvd.nist.gov\/vuln\/search\/results?adv_search=false&form_ type=basic&results_type=overview&search_type=all&query=PHP5. (2017)."},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1972551.1972553"},{"key":"e_1_3_2_2_32_1","volume-title":"16th Workshop on the Economics of Information Security. http:\/\/weis2017","author":"Noroozian Arman","year":"2017","unstructured":"Arman Noroozian, Michael Ciere, Maciej Korczy\u0144ski, Samaneh Tajalizadehkhoob, and Michel Eeten. 2017. Inferring the Security Performance of Providers from Noisy and Heterogenous Abuse Datasets. In 16th Workshop on the Economics of Information Security. http:\/\/weis2017.econinfosec.org\/wp-content\/uploads\/sites\/ 3\/2017\/05\/WEIS_2017_paper_60.pdf"},{"key":"e_1_3_2_2_33_1","volume-title":"8th Workshop on Cyber Security Experimentation and Test (CSET)","author":"Noroozian Arman","unstructured":"Arman Noroozian, Maciej Korczynski, Samaneh Tajalizadehkhoob, and Michel van Eeten. 2015. Developing Security Reputation Metrics for Hosting Providers. In 8th Workshop on Cyber Security Experimentation and Test (CSET). USENIX Association. https:\/\/www.usenix.org\/system\/files\/conference\/cset15\/cset15-noroozian. pdf"},{"key":"e_1_3_2_2_34_1","unstructured":"OWASP. 2017. OWASP Top Ten Project. https:\/\/www.owasp.org\/index.php\/ Category:OWASP_Top_Ten_Project. (2017)."},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978384"},{"key":"e_1_3_2_2_36_1","unstructured":"RedHat. 2014. OpenSSL CCS Injection Vulnerability (CVE-2014-0224). https: \/\/access.redhat.com\/articles\/904433. (2014)."},{"key":"e_1_3_2_2_37_1","unstructured":"SANS. 2003. A Practical Methodology for Implementing a Patch management Process. https:\/\/www.sans. org\/reading-room\/whitepapers\/bestprac\/practical-methodology-implementing-patch-management-process-1206. (2003)."},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-54328-4_9"},{"key":"e_1_3_2_2_39_1","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"Soska Kyle","year":"2014","unstructured":"Kyle Soska and Nicolas Christin. 2014. Automatically detecting vulnerable websites before they turn malicious. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association, 625--640."},{"key":"e_1_3_2_2_40_1","volume-title":"Applied multivariate statistics for the social sciences","author":"Stevens James P","unstructured":"James P Stevens. 2012. Applied multivariate statistics for the social sciences. Routledge."},{"key":"e_1_3_2_2_41_1","volume-title":"25th USENIX Security Symposium (USENIX Security. USENIX Association, 1015--1032","author":"Stock Ben","year":"2016","unstructured":"Ben Stock, Giancarlo Pellegrino, Christian Rossow, Martin Johns, and Michael Backes. 2016. Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification. In 25th USENIX Security Symposium (USENIX Security. USENIX Association, 1015--1032."},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.29"},{"key":"e_1_3_2_2_43_1","volume-title":"Rotten Apples or Bad Harvest? What We Are Measuring When We Are Measuring Abuse. ACM Transactions on Internet Technology (TOIT) Forthcoming","author":"Tajalizadehkhoob Samaneh","year":"2017","unstructured":"Samaneh Tajalizadehkhoob, Rainer B\u00f6hme, Carlos Gan\u00e1n, Maciej Korczy\u0144ski, and Michel van Eeten. 2017. Rotten Apples or Bad Harvest? What We Are Measuring When We Are Measuring Abuse. ACM Transactions on Internet Technology (TOIT) Forthcoming (2017), 00-00. https:\/\/arxiv.org\/abs\/1702.01624"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053023"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2016.7502824"},{"key":"e_1_3_2_2_46_1","unstructured":"Mark Usher Limor Kessem and Martin Steigemann. 2017. Relying on Data to Mitigate the Risk of WordPress Website Hijacking. https:\/\/securityintelligence.com\/ relying-on-data-to-mitigate-the-risk-of-wordpress-website-hijacking\/. (2017)."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3019612.3019798"},{"key":"e_1_3_2_2_48_1","volume-title":"TPRC 2010","author":"Eeten Michel Van","year":"2010","unstructured":"Michel Van Eeten, Johannes M Bauer, Hadi Asghari, Shirin Tabatabaie, and David Rand. 2010. The role of internet service providers in botnet mitigation an empirical analysis based on spam data. In TPRC 2010. OECD Publications. https:\/\/ssrn.com\/abstract=1989198"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-08593-7_8"},{"key":"e_1_3_2_2_50_1","volume-title":"An Experimental Study. In 5th USENIX Workshop on Cyber Security Experimentation and Test (CSET). USENIX Association.","author":"Vasek Marie","year":"2012","unstructured":"Marie Vasek and Tyler Moore. 2012. Do Malware Reports Expedite Cleanup? An Experimental Study. In 5th USENIX Workshop on Cyber Security Experimentation and Test (CSET). USENIX Association."},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2015.2427847"},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994539.2994548"},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23053"},{"key":"e_1_3_2_2_54_1","unstructured":"Web Technology Survays. 2016. Market share trends for content management systems for websites. https:\/\/w3techs.com\/technologies\/history_overview\/content_ management. (2016)."},{"key":"e_1_3_2_2_55_1","unstructured":"Web Technology Survays. 2017. Usage statistics and market share of Linux for websites. https:\/\/w3techs.com\/technologies\/details\/os-linux\/all\/all. (2017)."},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978363"},{"key":"e_1_3_2_2_57_1","unstructured":"WPBeginner. 2016. Sucuri Review -- How Sucuri Helped us Block 450 000 WordPress Attacks in 3 Months. http:\/\/www.wpbeginner.com\/opinion\/ sucuri-review-how-sucuri-helped-us-block-450000-wordpress-attacks-in-3-months\/. (2016"}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3133971","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3133971","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:13:26Z","timestamp":1750212806000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3133971"}},"subtitle":["A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":57,"alternative-id":["10.1145\/3133956.3133971","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3133971","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}