{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,16]],"date-time":"2025-12-16T12:32:19Z","timestamp":1765888339138,"version":"3.41.0"},"reference-count":43,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2020,5,22]],"date-time":"2020-05-22T00:00:00Z","timestamp":1590105600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGCOMM Comput. Commun. Rev."],"published-print":{"date-parts":[[2020,5,22]]},"abstract":"<jats:p>Understanding web co-location is essential for various reasons. For instance, it can help one to assess the collateral damage that denial-of-service attacks or IP-based blocking can cause to the availability of co-located web sites. However, it has been more than a decade since the first study was conducted in 2007. The Internet infrastructure has changed drastically since then, necessitating a renewed study to comprehend the nature of web co-location.<\/jats:p>\n          <jats:p>In this paper, we conduct an empirical study to revisit web co-location using datasets collected from active DNS measurements. Our results show that the web is still small and centralized to a handful of hosting providers. More specifically, we find that more than 60% of web sites are co-located with at least ten other web sites---a group comprising less popular web sites. In contrast, 17.5% of mostly popular web sites are served from their own servers.<\/jats:p>\n          <jats:p>Although a high degree of web co-location could make co-hosted sites vulnerable to DoS attacks, our findings show that it is an increasing trend to co-host many web sites and serve them from well-provisioned content delivery networks (CDN) of major providers that provide advanced DoS protection benefits. Regardless of the high degree of web co-location, our analyses of popular block lists indicate that IP-based blocking does not cause severe collateral damage as previously thought.<\/jats:p>","DOI":"10.1145\/3402413.3402417","type":"journal-article","created":{"date-parts":[[2020,5,25]],"date-time":"2020-05-25T22:41:33Z","timestamp":1590446493000},"page":"24-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["The web is still small after more than a decade"],"prefix":"10.1145","volume":"50","author":[{"given":"Nguyen Phong","family":"Hoang","sequence":"first","affiliation":[{"name":"Stony Brook University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Arian Akhavan","family":"Niaki","sequence":"additional","affiliation":[{"name":"University of Massachusetts, Amherst"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michalis","family":"Polychronakis","sequence":"additional","affiliation":[{"name":"Stony Brook University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Phillipa","family":"Gill","sequence":"additional","affiliation":[{"name":"University of Massachusetts, Amherst"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,5,23]]},"reference":[{"volume-title":"4th Workshop on Free and Open Communications on the Internet. USENIX.","key":"e_1_2_1_1_1","unstructured":"2014. Towards a Comprehensive Picture of the Great Firewalls DNS Censorship . In 4th Workshop on Free and Open Communications on the Internet. USENIX. 2014. Towards a Comprehensive Picture of the Great Firewalls DNS Censorship. In 4th Workshop on Free and Open Communications on the Internet. USENIX."},{"key":"e_1_2_1_2_1","unstructured":"Alexa Internet Inc. Accessed 2019. Alexa Top Global Sites. https:\/\/alexa.com\/  Alexa Internet Inc. Accessed 2019. Alexa Top Global Sites. https:\/\/alexa.com\/"},{"volume-title":"Network and Distributed System Security","author":"Alowaisheq Eihal","key":"e_1_2_1_3_1","unstructured":"Eihal Alowaisheq , Peng Wang , Sumayah Alrwais , Xiaojing Liao , XiaoFeng Wang , Tasneem Alowaisheq , Xianghang Mi , Siyuan Tang , and Baojun Liu . 2019. Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs . In Network and Distributed System Security . Internet Society . Eihal Alowaisheq, Peng Wang, Sumayah Alrwais, Xiaojing Liao, XiaoFeng Wang, Tasneem Alowaisheq, Xianghang Mi, Siyuan Tang, and Baojun Liu. 2019. Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs. In Network and Distributed System Security. Internet Society."},{"key":"e_1_2_1_4_1","volume-title":"22nd International Symposium on Research in Attacks, Intrusions and Defenses.","author":"Barron Timothy","year":"2019","unstructured":"Timothy Barron , Najmeh Miramirkhani , and Nick Nikiforakis . 2019 . Now You See It, Now You Don't: A Large-scale Analysis of Early Domain Deletions . In 22nd International Symposium on Research in Attacks, Intrusions and Defenses. Timothy Barron, Najmeh Miramirkhani, and Nick Nikiforakis. 2019. Now You See It, Now You Don't: A Large-scale Analysis of Early Domain Deletions. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses."},{"key":"e_1_2_1_5_1","volume-title":"EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. In Network and Distributed System Security Symposium.","author":"Bilge Leyla","year":"2011","unstructured":"Leyla Bilge , Engin Kirda , Christopher Kruegel , and Marco Balduzzi . 2011 . EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. In Network and Distributed System Security Symposium. Leyla Bilge, Engin Kirda, Christopher Kruegel, and Marco Balduzzi. 2011. EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis. In Network and Distributed System Security Symposium."},{"key":"e_1_2_1_6_1","unstructured":"Center for Applied Internet Data Analysis. Accessed 2019. Routeviews Prefix to AS mappings Dataset for IPv4 and IPv6 . Web page. http:\/\/www.caida.org\/data\/routing\/routeviews-prefix2as.xml  Center for Applied Internet Data Analysis. Accessed 2019. Routeviews Prefix to AS mappings Dataset for IPv4 and IPv6 . Web page. http:\/\/www.caida.org\/data\/routing\/routeviews-prefix2as.xml"},{"key":"e_1_2_1_7_1","unstructured":"Cloudflare. Accessed 2019. How does Cloudflare work? Web page. https:\/\/support.cloudflare.com\/hc\/en-us\/articles\/205177068-How-does-Cloudflare-work-  Cloudflare. Accessed 2019. How does Cloudflare work? Web page. https:\/\/support.cloudflare.com\/hc\/en-us\/articles\/205177068-How-does-Cloudflare-work-"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134637"},{"key":"e_1_2_1_9_1","volume-title":"Hold-On: Protecting Against On-Path DNS Poisoning. In the Conference on Securing and Trusting Internet Names (SATIN).","author":"Duan Hai-Xin","year":"2012","unstructured":"Hai-Xin Duan , Nicholas Weaver , Zengzhi Zhao , Meng Hu , Jinjin Liang , Jian Jiang , Kang Li , and Vern Paxson . 2012 . Hold-On: Protecting Against On-Path DNS Poisoning. In the Conference on Securing and Trusting Internet Names (SATIN). Hai-Xin Duan, Nicholas Weaver, Zengzhi Zhao, Meng Hu, Jinjin Liang, Jian Jiang, Kang Li, and Vern Paxson. 2012. Hold-On: Protecting Against On-Path DNS Poisoning. In the Conference on Securing and Trusting Internet Names (SATIN)."},{"key":"e_1_2_1_10_1","volume-title":"Analyzing Chinas Blocking of Unpublished Tor Bridges. In 8th USENIX Workshop on Free and Open Communications on the Internet. USENIX","author":"Dunna Arun","year":"2018","unstructured":"Arun Dunna , Ciar\u00e1n O Brien , and Phillipa Gill . 2018 . Analyzing Chinas Blocking of Unpublished Tor Bridges. In 8th USENIX Workshop on Free and Open Communications on the Internet. USENIX , Baltimore, MD. Arun Dunna, Ciar\u00e1n OBrien, and Phillipa Gill. 2018. Analyzing Chinas Blocking of Unpublished Tor Bridges. In 8th USENIX Workshop on Free and Open Communications on the Internet. USENIX, Baltimore, MD."},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994620.2994636"},{"key":"e_1_2_1_12_1","volume-title":"RFC 2068","author":"Fielding R.","year":"2068","unstructured":"R. Fielding , J. Gettys , J. Mogul , H. Frystyk , and T. Berners-Lee . 1997. Hypertext Transfer Protocol -- HTTP\/1.1 . RFC 2068 . IETF. https:\/\/tools.ietf.org\/html\/rfc 2068 R. Fielding, J. Gettys, J. Mogul, H. Frystyk, and T. Berners-Lee. 1997. Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2068. IETF. https:\/\/tools.ietf.org\/html\/rfc2068"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2015-0009"},{"key":"e_1_2_1_14_1","volume-title":"OONI: Open Observatory of Network Interference. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci12\/foci12-final12.pdf","author":"Filast\u00f2 Arturo","year":"2012","unstructured":"Arturo Filast\u00f2 and Jacob Appelbaum . 2012 . OONI: Open Observatory of Network Interference. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci12\/foci12-final12.pdf Arturo Filast\u00f2 and Jacob Appelbaum. 2012. OONI: Open Observatory of Network Interference. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci12\/foci12-final12.pdf"},{"key":"e_1_2_1_15_1","unstructured":"FireHOL. Accessed 2019. All Cybercrime IP Feeds. Web page. http:\/\/iplists.firehol.org  FireHOL. Accessed 2019. All Cybercrime IP Feeds. Web page. http:\/\/iplists.firehol.org"},{"key":"e_1_2_1_16_1","unstructured":"Google. Accessed 2019. Best Practices for DDoS Protection and Mitigation on Google Cloud Platform. Web page. http:\/\/cloud.google.com\/files\/GCPDDoSprotection-04122016.pdf  Google. Accessed 2019. Best Practices for DDoS Protection and Mitigation on Google Cloud Platform. Web page. http:\/\/cloud.google.com\/files\/GCPDDoSprotection-04122016.pdf"},{"key":"e_1_2_1_17_1","volume-title":"9th USENIX Workshop on Free and Open Communications on the Internet (FOCI 19)","author":"Hoang Nguyen Phong","year":"2019","unstructured":"Nguyen Phong Hoang , Sadie Doreen , and Michalis Polychronakis . 2019 . Measuring I2P Censorship at a Global Scale . In 9th USENIX Workshop on Free and Open Communications on the Internet (FOCI 19) . USENIX Association, Santa Clara, CA. Nguyen Phong Hoang, Sadie Doreen, and Michalis Polychronakis. 2019. Measuring I2P Censorship at a Global Scale. In 9th USENIX Workshop on Free and Open Communications on the Internet (FOCI 19). USENIX Association, Santa Clara, CA."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278565"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384728"},{"volume-title":"Research in Attacks, Intrusions, and Defenses, Fabian Monrose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro (Eds.)","author":"Kountouras Athanasios","key":"e_1_2_1_20_1","unstructured":"Athanasios Kountouras , Panagiotis Kintis , Chaz Lever , Yizheng Chen , Yacin Nadji , David Dagon , Manos Antonakakis , and Rodney Joffe . 2016. Enabling Network Security Through Active DNS Datasets . In Research in Attacks, Intrusions, and Defenses, Fabian Monrose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro (Eds.) . Springer International Publishing , Cham , 188--208. Athanasios Kountouras, Panagiotis Kintis, Chaz Lever, Yizheng Chen, Yacin Nadji, David Dagon, Manos Antonakakis, and Rodney Joffe. 2016. Enabling Network Security Through Active DNS Datasets. In Research in Attacks, Intrusions, and Defenses, Fabian Monrose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro (Eds.). Springer International Publishing, Cham, 188--208."},{"key":"e_1_2_1_21_1","unstructured":"Citizen Lab and Others. 2014. URL testing lists intended for discovering website censorship. https:\/\/github.com\/citizenlab\/test-lists https:\/\/github.com\/citizenlab\/test-listshttps:\/\/github.com\/citizenlab\/test-lists.  Citizen Lab and Others. 2014. URL testing lists intended for discovering website censorship. https:\/\/github.com\/citizenlab\/test-lists https:\/\/github.com\/citizenlab\/test-listshttps:\/\/github.com\/citizenlab\/test-lists."},{"key":"e_1_2_1_22_1","volume-title":"Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers. In 26th USENIX Security Symposium (USENIX Security 17)","author":"Lauinger Tobias","year":"2017","unstructured":"Tobias Lauinger , Abdelberi Chaabane , Ahmet Salih Buyukkayhan , Kaan Onarlioglu , and William Robertson . 2017 . Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers. In 26th USENIX Security Symposium (USENIX Security 17) . USENIX Association, Vancouver, BC, 865--880. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/lauinger Tobias Lauinger, Abdelberi Chaabane, Ahmet Salih Buyukkayhan, Kaan Onarlioglu, and William Robertson. 2017. Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 865--880. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/lauinger"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23386"},{"key":"e_1_2_1_24_1","doi-asserted-by":"crossref","unstructured":"G. Lindberg. 1999. Anti-Spam Recommendations for SMTP MTAs. RFC 2505. IETF. https:\/\/tools.ietf.org\/html\/rfc2505  G. Lindberg. 1999. Anti-Spam Recommendations for SMTP MTAs . RFC 2505. IETF. https:\/\/tools.ietf.org\/html\/rfc2505","DOI":"10.17487\/rfc2505"},{"key":"e_1_2_1_25_1","unstructured":"Netcraft Ltd. Accessed 2019. How many active sites are there? Web page. https:\/\/www.netcraft.com\/active-sites\/  Netcraft Ltd. Accessed 2019. How many active sites are there? Web page. https:\/\/www.netcraft.com\/active-sites\/"},{"key":"e_1_2_1_26_1","unstructured":"Neil MacFarquhar. 2018. Russia Tried to Shut Down Telegram. Websites Were Collateral Damage. https:\/\/www.nytimes.com\/2018\/04\/18\/world\/europe\/russia-telegram-shutdown.html.  Neil MacFarquhar. 2018. Russia Tried to Shut Down Telegram. Websites Were Collateral Damage. https:\/\/www.nytimes.com\/2018\/04\/18\/world\/europe\/russia-telegram-shutdown.html."},{"key":"e_1_2_1_27_1","unstructured":"Majestic. Accessed 2019. The Majestic Million. Web page. https:\/\/majestic.com\/reports\/majestic-million  Majestic. Accessed 2019. The Majestic Million. Web page. https:\/\/majestic.com\/reports\/majestic-million"},{"key":"e_1_2_1_28_1","volume-title":"Longitudinal Internet Censorship Measurement Platform. In IEEE Symposium on Security and Privacy.","author":"Niaki Arian Akhavan","year":"2020","unstructured":"Arian Akhavan Niaki , Shinyoung Cho , Zachary Weinberg , Nguyen Phong Hoang , Abbas Razaghpanah , Nicolas Christin , and Phillipa Gill . 2020 . ICLab: A Global , Longitudinal Internet Censorship Measurement Platform. In IEEE Symposium on Security and Privacy. Arian Akhavan Niaki, Shinyoung Cho, Zachary Weinberg, Nguyen Phong Hoang, Abbas Razaghpanah, Nicolas Christin, and Phillipa Gill. 2020. ICLab: A Global, Longitudinal Internet Censorship Measurement Platform. In IEEE Symposium on Security and Privacy."},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196554"},{"key":"e_1_2_1_30_1","volume-title":"Global Measurement of DNS Manipulation. In 26th USENIX Security Symposium.","author":"Pearce Paul","year":"2017","unstructured":"Paul Pearce , Ben Jones , Frank Li , Roya Ensafi , Nick Feamster , Nick Weaver , and Vern Paxson . 2017 . Global Measurement of DNS Manipulation. In 26th USENIX Security Symposium. Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. 2017. Global Measurement of DNS Manipulation. In 26th USENIX Security Symposium."},{"key":"e_1_2_1_31_1","unstructured":"quantcast. Accessed 2019. Quantcast Top Websites. Web page. https:\/\/www.quantcast.com\/top-sites\/  quantcast. Accessed 2019. Quantcast Top Websites. Web page. https:\/\/www.quantcast.com\/top-sites\/"},{"key":"e_1_2_1_32_1","volume-title":"It\u2019s Not What It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains. In 2019 IEEE Conference on Communications and Network Security (CNS).","author":"Quinkert Florian","year":"2019","unstructured":"Florian Quinkert , Tobias Lauinger , William Robertson , Engin Kirda , and Thorsten Holz . 2019 . It\u2019s Not What It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains. In 2019 IEEE Conference on Communications and Network Security (CNS). Florian Quinkert, Tobias Lauinger, William Robertson, Engin Kirda, and Thorsten Holz. 2019. It\u2019s Not What It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains. In 2019 IEEE Conference on Communications and Network Security (CNS)."},{"key":"e_1_2_1_33_1","unstructured":"Rapid7. 2019. Rapid7: Open Data. https:\/\/opendata.rapid7.com\/.  Rapid7. 2019. Rapid7: Open Data. https:\/\/opendata.rapid7.com\/."},{"key":"e_1_2_1_34_1","unstructured":"Fahmida Y. Rashid. 2018. Amazon joins Google in shutting down doamin fronting. https:\/\/duo.com\/decipher\/amazon-joins-google-in-shutting-down-domain-fronting.  Fahmida Y. Rashid. 2018. Amazon joins Google in shutting down doamin fronting. https:\/\/duo.com\/decipher\/amazon-joins-google-in-shutting-down-domain-fronting."},{"volume-title":"Clustering and the Weekend Effect: Recommendations for the Use of Top Domain Lists in Security Research","author":"Rweyemamu Walter","key":"e_1_2_1_35_1","unstructured":"Walter Rweyemamu , Christo Lauinger , Tobiasand Wilson , William Robertson , and Engin Kirda . 2019. Clustering and the Weekend Effect: Recommendations for the Use of Top Domain Lists in Security Research . In Passive and Active Measurement, David Choffnes and Marinho Barcellos (Eds.). Springer International Publishing , 161--177. Walter Rweyemamu, Christo Lauinger, Tobiasand Wilson, William Robertson, and Engin Kirda. 2019. Clustering and the Weekend Effect: Recommendations for the Use of Top Domain Lists in Security Research. In Passive and Active Measurement, David Choffnes and Marinho Barcellos (Eds.). Springer International Publishing, 161--177."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278574"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298324"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2317307.2317311"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278569"},{"key":"e_1_2_1_40_1","unstructured":"Cisco Umbrella. Accessed 2019. Umbrella Popularity List. Web page. https:\/\/s3-us-west-1.amazonaws.com\/umbrella-static\/index.html  Cisco Umbrella. Accessed 2019. Umbrella Popularity List. Web page. https:\/\/s3-us-west-1.amazonaws.com\/umbrella-static\/index.html"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2014.2323299"},{"key":"e_1_2_1_43_1","volume-title":"FIRST conference on computer security incident. 98","author":"Weimer Florian","year":"2005","unstructured":"Florian Weimer . 2005 . Passive DNS replication . In FIRST conference on computer security incident. 98 . Florian Weimer. 2005. Passive DNS replication. In FIRST conference on computer security incident. 98."},{"key":"e_1_2_1_44_1","unstructured":"Philipp Winter and Stefan Lindskog. 2012. How the Great Firewall of China is Blocking Tor. In Free and Open Communications on the Internet. USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci12\/foci12-final2.pdf  Philipp Winter and Stefan Lindskog. 2012. How the Great Firewall of China is Blocking Tor. In Free and Open Communications on the Internet . USENIX. https:\/\/www.usenix.org\/system\/files\/conference\/foci12\/foci12-final2.pdf"}],"container-title":["ACM SIGCOMM Computer Communication Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3402413.3402417","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3402413.3402417","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:41:34Z","timestamp":1750200094000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3402413.3402417"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,5,22]]},"references-count":43,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2020,5,22]]}},"alternative-id":["10.1145\/3402413.3402417"],"URL":"https:\/\/doi.org\/10.1145\/3402413.3402417","relation":{},"ISSN":["0146-4833"],"issn-type":[{"type":"print","value":"0146-4833"}],"subject":[],"published":{"date-parts":[[2020,5,22]]},"assertion":[{"value":"2020-05-23","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}