{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T06:39:19Z","timestamp":1767854359739,"version":"3.49.0"},"reference-count":133,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2020,7,6]],"date-time":"2020-07-06T00:00:00Z","timestamp":1593993600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Horizon 2020","award":["786890"],"award-info":[{"award-number":["786890"]}]},{"name":"CONCORDIA","award":["833683"],"award-info":[{"award-number":["833683"]}]},{"name":"THREAT-ARREST","award":["830927"],"award-info":[{"award-number":["830927"]}]},{"name":"DARPA ASED Program and AFRL","award":["FA8650-18-C-7880"],"award-info":[{"award-number":["FA8650-18-C-7880"]}]},{"name":"NSF","award":["CNS-1934597"],"award-info":[{"award-number":["CNS-1934597"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2020,11,30]]},"abstract":"<jats:p>Modern smartphone sensors can be leveraged for providing novel functionality and greatly improving the user experience. However, sensor data can be misused by privacy-invasive or malicious entities. Additionally, a wide range of other attacks that use mobile sensor data have been demonstrated; while those attacks have typically relied on users installing malicious apps, browsers have eliminated that constraint with the deployment of HTML5 WebAPI.<\/jats:p>\n          <jats:p>In this article, we conduct a comprehensive evaluation of the multifaceted threat that mobile web browsing poses to users by conducting a large-scale study of mobile-specific HTML5 WebAPI calls across more than 183K of the most popular websites. We build a novel testing infrastructure consisting of actual smartphones on top of a dynamic Android app analysis framework, allowing us to conduct an end-to-end exploration. In detail, our system intercepts and tracks data access in real time, from the WebAPI JavaScript calls down to the Android system calls. Our study reveals the extent to which websites are actively leveraging the WebAPI for collecting sensor data, with 2.89% of websites accessing at least one sensor. To provide a comprehensive assessment of the risks of this emerging practice, we create a taxonomy of sensor-based attacks from prior studies and present an in-depth analysis by framing our collected data within that taxonomy. We find that 1.63% of websites can carry out at least one attack and emphasize the need for a standardized policy across all browsers and the ability for users to control what sensor data each website can access.<\/jats:p>","DOI":"10.1145\/3403947","type":"journal-article","created":{"date-parts":[[2020,7,6]],"date-time":"2020-07-06T21:29:07Z","timestamp":1594070947000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["The Seven Deadly Sins of the HTML5 WebAPI"],"prefix":"10.1145","volume":"23","author":[{"given":"Michalis","family":"Diamantaris","sequence":"first","affiliation":[{"name":"FORTH, Greece"}]},{"given":"Francesco","family":"Marcantoni","sequence":"additional","affiliation":[{"name":"University of Illinois at Chicago, USA"}]},{"given":"Sotiris","family":"Ioannidis","sequence":"additional","affiliation":[{"name":"FORTH, Greece"}]},{"given":"Jason","family":"Polakis","sequence":"additional","affiliation":[{"name":"University of Illinois at Chicago, USA"}]}],"member":"320","published-online":{"date-parts":[[2020,7,6]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"Alexa\u2014Top 50 Banks and Institutions. 2019. Retrieved from https:\/\/www.alexa.com\/topsites\/category\/Business\/Financial_Services\/Banking_Services\/Banks_and_Institutions.  Alexa\u2014Top 50 Banks and Institutions. 2019. Retrieved from https:\/\/www.alexa.com\/topsites\/category\/Business\/Financial_Services\/Banking_Services\/Banks_and_Institutions."},{"key":"e_1_2_1_2_1","unstructured":"Erik Derr. 2016. Axplorer\u2014Demystifying the Android Application Framework. Retrieved from http:\/\/axplorer.org\/.  Erik Derr. 2016. Axplorer\u2014Demystifying the Android Application Framework. Retrieved from http:\/\/axplorer.org\/."},{"key":"e_1_2_1_3_1","unstructured":"The EU General Data Protection Regulation. 2019. Retrieved from https:\/\/eugdpr.org.  The EU General Data Protection Regulation. 2019. Retrieved from https:\/\/eugdpr.org."},{"key":"e_1_2_1_4_1","unstructured":"Mozilla. 2019. MDN Web Docs\u2014Magnetometer. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Magnetometer\/Magnetometer.  Mozilla. 2019. MDN Web Docs\u2014Magnetometer. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Magnetometer\/Magnetometer."},{"key":"e_1_2_1_5_1","unstructured":"Mozilla. 2019. Mozilla Support\u2014Does Firefox share my location with websites? Retrieved from https:\/\/support.mozilla.org\/en-US\/kb\/does-firefox-share-my-location-websites.  Mozilla. 2019. Mozilla Support\u2014Does Firefox share my location with websites? Retrieved from https:\/\/support.mozilla.org\/en-US\/kb\/does-firefox-share-my-location-websites."},{"key":"e_1_2_1_6_1","unstructured":"Android. 2019. Request prompts for dangerous permissions. Retrieved from https:\/\/developer.android.com\/guide\/topics\/permissions\/overview#dangerous-permission-prompt.  Android. 2019. Request prompts for dangerous permissions. Retrieved from https:\/\/developer.android.com\/guide\/topics\/permissions\/overview#dangerous-permission-prompt."},{"key":"e_1_2_1_7_1","unstructured":"Yennik Inc. 2019. US Banks on the Internet. Retrieved from http:\/\/www.thecommunitybanker.com\/bank_links\/.  Yennik Inc. 2019. US Banks on the Internet. Retrieved from http:\/\/www.thecommunitybanker.com\/bank_links\/."},{"key":"e_1_2_1_8_1","unstructured":"VirusTotal. 2019. VirusTotal: Analyze suspicious files and URLs to detect types of malware. Retrieved from https:\/\/www.virustotal.com.  VirusTotal. 2019. VirusTotal: Analyze suspicious files and URLs to detect types of malware. Retrieved from https:\/\/www.virustotal.com."},{"key":"e_1_2_1_9_1","unstructured":"VirusTotal. 2019. VirusTotal: goggle.com. Retrieved from https:\/\/tinyurl.com\/VTgoggle-com.  VirusTotal. 2019. VirusTotal: goggle.com. Retrieved from https:\/\/tinyurl.com\/VTgoggle-com."},{"key":"e_1_2_1_10_1","unstructured":"VirusTotal. 2019. VirusTotal: yotube.com. Retrieved from https:\/\/tinyurl.com\/VTyotube-com.  VirusTotal. 2019. VirusTotal: yotube.com. Retrieved from https:\/\/tinyurl.com\/VTyotube-com."},{"key":"e_1_2_1_11_1","unstructured":"Marcel Bokhorst. 2016. The ultimate yet easy to use privacy manager for Android. Retrieved from https:\/\/github.com\/M66B\/XPrivacy.  Marcel Bokhorst. 2016. The ultimate yet easy to use privacy manager for Android. Retrieved from https:\/\/github.com\/M66B\/XPrivacy."},{"key":"e_1_2_1_12_1","unstructured":"2019. IAB FY 2018 Podcast Ad Revenue Study. Retrieved from https:\/\/www.iab.com\/wp-content\/uploads\/2019\/06\/Full-Year-2018-IAB-Podcast-Ad-Rev-Study_6.03.19_vFinal.pdf.  2019. IAB FY 2018 Podcast Ad Revenue Study. Retrieved from https:\/\/www.iab.com\/wp-content\/uploads\/2019\/06\/Full-Year-2018-IAB-Podcast-Ad-Rev-Study_6.03.19_vFinal.pdf."},{"key":"e_1_2_1_13_1","unstructured":"Jasmine Enberg. 2019. What\u2019s Shaping the Digital Ad Market. Retrieved from https:\/\/www.emarketer.com\/content\/global-digital-ad-spending-2019.  Jasmine Enberg. 2019. What\u2019s Shaping the Digital Ad Market. Retrieved from https:\/\/www.emarketer.com\/content\/global-digital-ad-spending-2019."},{"key":"e_1_2_1_14_1","volume-title":"Year-over-year change of advertising expenditure in selected countries from 2016 to","author":"Guttmann A.","year":"2018"},{"key":"e_1_2_1_15_1","volume-title":"Proceedings of the 32nd Conference on Computer Security Applications. ACM, 289--301","author":"Alaca Furkan"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2708685"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.2352\/ISSN.2470-1173.2016.8.MWSF-088"},{"key":"e_1_2_1_18_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (SP\u201918)","author":"Abhishek Anand S.","year":"2018"},{"key":"e_1_2_1_19_1","unstructured":"Andrei Popescu. 2018. Geolocation API. Retrieved from https:\/\/www.w3.org\/TR\/geolocation-API\/.  Andrei Popescu. 2018. Geolocation API. Retrieved from https:\/\/www.w3.org\/TR\/geolocation-API\/."},{"key":"e_1_2_1_20_1","unstructured":"Anssi Kostiainen. 2018. Ambient light sensor API. Retrieved from https:\/\/www.w3.org\/TR\/ambient-light\/.  Anssi Kostiainen. 2018. Ambient light sensor API. Retrieved from https:\/\/www.w3.org\/TR\/ambient-light\/."},{"key":"e_1_2_1_21_1","unstructured":"Anssi Kostiainen. 2018. Vibration API. Retrieved from https:\/\/www.w3.org\/TR\/vibration\/.  Anssi Kostiainen. 2018. Vibration API. Retrieved from https:\/\/www.w3.org\/TR\/vibration\/."},{"key":"e_1_2_1_22_1","unstructured":"Anssi Kostiainen Alexander Shalamov. 2018. Accelerometer. Retrieved from https:\/\/www.w3.org\/TR\/accelerometer\/.  Anssi Kostiainen Alexander Shalamov. 2018. Accelerometer. Retrieved from https:\/\/www.w3.org\/TR\/accelerometer\/."},{"key":"e_1_2_1_23_1","unstructured":"Anssi Kostiainen Rijubrata Bhaumik. 2018. Proximity sensor API. Retrieved from https:\/\/www.w3.org\/TR\/proximity\/.  Anssi Kostiainen Rijubrata Bhaumik. 2018. Proximity sensor API. Retrieved from https:\/\/www.w3.org\/TR\/proximity\/."},{"key":"e_1_2_1_24_1","volume-title":"Proceedings of the 28th Computer Security Applications Conference. ACM, 41--50","author":"Aviv Adam J."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-017-0061-8"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644928"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1002\/erv.714"},{"key":"e_1_2_1_28_1","volume-title":"Proceedings of the 23rd International Conference on World Wide Web (WWW\u201914)","author":"Barford Paul"},{"key":"e_1_2_1_29_1","volume-title":"Proceedings of the 25th USENIX Security Symposium (USENIX Security\u201916)","author":"Bashir Muhammad Ahmad","year":"2016"},{"key":"e_1_2_1_30_1","unstructured":"Ben Alman. 2018. Monkey-patch (hook) functions for debugging and stuff. Retrieved from https:\/\/github.com\/cowboy\/javascript-hooker.  Ben Alman. 2018. Monkey-patch (hook) functions for debugging and stuff. Retrieved from https:\/\/github.com\/cowboy\/javascript-hooker."},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-47854-7_30"},{"key":"e_1_2_1_32_1","volume-title":"Mobile device identification via sensor fingerprinting. arXiv preprint arXiv:1408.1416","author":"Bojinov Hristo","year":"2014"},{"key":"e_1_2_1_33_1","volume-title":"Proceedings of the IEEE Consumer Communications and Networking Conference (CCNC\u201912)","author":"Bujari Armir"},{"key":"e_1_2_1_34_1","volume-title":"Proceedings of the USENIX Summit on Hot Topics in Security (HotSec\u201911)","author":"Cai Liang","year":"2011"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-30921-2_16"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2017.8258268"},{"key":"e_1_2_1_37_1","unstructured":"Aldo Cortesi Mayimilian Hils and Thomas Kriechbaumer. 2019. mitmproxy. v.3.0.3. Retrieved from https:\/\/mitmproxy.org.  Aldo Cortesi Mayimilian Hils and Thomas Kriechbaumer. 2019. mitmproxy. v.3.0.3. Retrieved from https:\/\/mitmproxy.org."},{"key":"e_1_2_1_38_1","unstructured":"Daniel C. Burnett Adam Bergkvist Cullen Jennings Anant Narayanan Bernard Aboba. 2018. Media capture API. Retrieved from https:\/\/www.w3.org\/TR\/mediacapture-streams\/.  Daniel C. Burnett Adam Bergkvist Cullen Jennings Anant Narayanan Bernard Aboba. 2018. Media capture API. Retrieved from https:\/\/www.w3.org\/TR\/mediacapture-streams\/."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243860"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660325"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23390"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2018-0005"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.23919\/EUSIPCO.2017.8081600"},{"key":"e_1_2_1_44_1","volume-title":"Proceedings of the Workshop on Offensive Technologies (WOOT\u201914)","author":"Deshotels Luke","year":"2014"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23059"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300027"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14527-8_1"},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2016.458"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978313"},{"key":"e_1_2_1_50_1","volume-title":"Characterization of web browser usage on smartphones. Comput. Hum. Behav. 51 (Oct","year":"2015"},{"key":"e_1_2_1_51_1","volume-title":"Proceedings of the Workshop on Offensive Technologies (WOOT\u201914)","author":"Fiebig Tobias","year":"2014"},{"key":"e_1_2_1_52_1","unstructured":"Maximiliano Firtman. 2018. Mobile HTML5 Compatibility on Mobile Devices. Retrieved from http:\/\/mobilehtml5.org\/.  Maximiliano Firtman. 2018. Mobile HTML5 Compatibility on Mobile Devices. Retrieved from http:\/\/mobilehtml5.org\/."},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2017.09.005"},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00074"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44371-2_25"},{"key":"e_1_2_1_56_1","unstructured":"ghostwords. 2018. Browser fingerprinting protection for everybody. Retrieved from https:\/\/github.com\/ghostwords\/chameleon.  ghostwords. 2018. Browser fingerprinting protection for everybody. Retrieved from https:\/\/github.com\/ghostwords\/chameleon."},{"key":"e_1_2_1_57_1","unstructured":"Global Stats. 2018. Mobile and tablet internet usage exceeds desktop for first time worldwide. Retrieved from http:\/\/gs.statcounter.com\/press\/mobile-and-tablet-internet-usage-exceeds-desktop-for-first-time-worldwide.  Global Stats. 2018. Mobile and tablet internet usage exceeds desktop for first time worldwide. Retrieved from http:\/\/gs.statcounter.com\/press\/mobile-and-tablet-internet-usage-exceeds-desktop-for-first-time-worldwide."},{"key":"e_1_2_1_58_1","volume-title":"No Place to Hide: Edward Snowden, the NSA, and the US Surveillance State","author":"Greenwald Glenn"},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-24174-6_6"},{"key":"e_1_2_1_60_1","volume-title":"Proceedings of the 4th International Conference on Communication Systems and Networks (COMSNETS\u201912)","author":"Han Jun","year":"2012"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2517351.2517367"},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2018.2850313"},{"key":"e_1_2_1_63_1","volume-title":"Proceedings of the ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp\u201915)","author":"Hu Shaohan"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2611489"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818032"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/BTAS.2012.6374552"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664247"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664247"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/1964897.1964918"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/2750858.2804262"},{"key":"e_1_2_1_71_1","unstructured":"Pierre Laperdrix. 2017. Browser Fingerprinting: Exploring Device Diversity to Augment Authentification and Build Client-Side Countermeasures. Ph.D. Dissertation. Rennes INSA.  Pierre Laperdrix. 2017. Browser Fingerprinting: Exploring Device Diversity to Augment Authentification and Build Client-Side Countermeasures. Ph.D. Dissertation. Rennes INSA."},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.57"},{"key":"e_1_2_1_73_1","volume-title":"Smartphone Penetration Surpassed 80 Percent","author":"Lella Adam","year":"2016"},{"key":"e_1_2_1_74_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Lerner Adam","year":"2016"},{"key":"e_1_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1145\/2370216.2370290"},{"key":"e_1_2_1_76_1","volume-title":"Proceedings of the 10th Innovations in Software Engineering Conference. ACM, 112--116","author":"Maheshwari Yogesh"},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420958"},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046771"},{"key":"e_1_2_1_79_1","unstructured":"McAfee. 2019. Customer URL Ticketing System Check Single URL. Retrieved from https:\/\/trustedsource.org\/.  McAfee. 2019. Customer URL Ticketing System Check Single URL. Retrieved from https:\/\/trustedsource.org\/."},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-017-0369-x"},{"key":"e_1_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2017.26"},{"key":"e_1_2_1_82_1","volume-title":"Proceedings of the USENIX Security Symposium. 1053--1067","author":"Michalevsky Yan","year":"2014"},{"key":"e_1_2_1_83_1","unstructured":"Elinor Mills. 2009. Device identification in online banking is privacy threat expert says. Retrieved from https:\/\/www.cnet.com\/news\/device-identification-in-online-banking-is-privacy-threat-expert-says\/.  Elinor Mills. 2009. Device identification in online banking is privacy threat expert says. Retrieved from https:\/\/www.cnet.com\/news\/device-identification-in-online-banking-is-privacy-threat-expert-says\/."},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1145\/2307636.2307666"},{"key":"e_1_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14577-3_15"},{"key":"e_1_2_1_86_1","unstructured":"Mounir Lamouri and Marcos C\u00e1ceres. 2018. Screen orientation API. Retrieved from https:\/\/www.w3.org\/TR\/screen-orientation\/.  Mounir Lamouri and Marcos C\u00e1ceres. 2018. Screen orientation API. Retrieved from https:\/\/www.w3.org\/TR\/screen-orientation\/."},{"key":"e_1_2_1_87_1","volume-title":"Proceedings of the Web 2.0 Security 8 Privacy Conference (W2SP\u201912)","author":"Mowery Keaton","year":"2012"},{"key":"e_1_2_1_88_1","volume-title":"Proceedings of the Mobile Security Technologies Workshop (MoST\u201915)","author":"Mutchler Patrick","year":"2015"},{"key":"e_1_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/2627393.2627417"},{"key":"e_1_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.31"},{"key":"e_1_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1145\/2668332.2668348"},{"key":"e_1_2_1_92_1","doi-asserted-by":"publisher","DOI":"10.1145\/3339252.3340518"},{"key":"e_1_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.43"},{"key":"e_1_2_1_94_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2013.160"},{"key":"e_1_2_1_95_1","volume-title":"Data Privacy Management, and Security Assurance","author":"Olejnik \u0141ukasz"},{"key":"e_1_2_1_96_1","volume-title":"Proceedings of the 3rd International Workshop on Privacy Engineering (IWPE\u201917)","author":"Olejnik \u0141ukasz","year":"2017"},{"key":"e_1_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.1145\/2162081.2162095"},{"key":"e_1_2_1_98_1","volume-title":"Proceedings of the 26th International Conference on World Wide Web. International World Wide Web Conferences Steering Committee.","author":"Papadopoulos Elias P."},{"key":"e_1_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766511"},{"key":"e_1_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046769"},{"key":"e_1_2_1_101_1","article-title":"HTML5 in web development: A new approach","volume":"5","author":"Ratha Ashis Kumar","year":"2018","journal-title":"International Research Journal of Engineering and Technology (IRJET)"},{"key":"e_1_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1145\/1689239.1689243"},{"key":"e_1_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1109\/SAHCN.2013.6644973"},{"key":"e_1_2_1_104_1","volume-title":"Andrei Popescu.","author":"Tibbett Rich","year":"2018"},{"key":"e_1_2_1_105_1","unstructured":"rovo89. 2018. Xposed framework. Retrieved from https:\/\/repo.xposed.info.  rovo89. 2018. Xposed framework. Retrieved from https:\/\/repo.xposed.info."},{"key":"e_1_2_1_106_1","doi-asserted-by":"publisher","DOI":"10.1145\/3278532.3278574"},{"key":"e_1_2_1_107_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","volume":"11","author":"Schlegel Roman","year":"2011"},{"key":"e_1_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.06.013"},{"key":"e_1_2_1_109_1","doi-asserted-by":"publisher","DOI":"10.1145\/2516760.2516770"},{"key":"e_1_2_1_110_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987466"},{"key":"e_1_2_1_111_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133966"},{"key":"e_1_2_1_112_1","volume-title":"Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses.","author":"Solomos Konstantinos","year":"2019"},{"key":"e_1_2_1_113_1","doi-asserted-by":"publisher","DOI":"10.1145\/2666620.2666622"},{"key":"e_1_2_1_114_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-94496-8_6"},{"key":"e_1_2_1_115_1","unstructured":"Greg Sterling. 2016. Mobile Devices Now Driving 56 Percent of Traffic to Top Sites. https:\/\/marketingland.com\/mobile-top-sites-165725.  Greg Sterling. 2016. Mobile Devices Now Driving 56 Percent of Traffic to Top Sites. https:\/\/marketingland.com\/mobile-top-sites-165725."},{"key":"e_1_2_1_116_1","doi-asserted-by":"publisher","DOI":"10.1145\/2809695.2809718"},{"key":"e_1_2_1_117_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.10"},{"key":"e_1_2_1_118_1","article-title":"The self-activation effect of advertisements: Ads can affect whether and how consumers think about the self","volume":"37","author":"Trampe Debra","year":"2010","journal-title":"J. Consum. Res."},{"key":"e_1_2_1_119_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-28537-0_16"},{"key":"e_1_2_1_120_1","doi-asserted-by":"publisher","DOI":"10.1109\/NTMS.2015.7266460"},{"key":"e_1_2_1_121_1","doi-asserted-by":"publisher","DOI":"10.1145\/3355369.3355583"},{"key":"e_1_2_1_122_1","volume-title":"Proceedings of the USENIX Symposium on Networked Systems Design and Implementation","volume":"11","author":"Wang Yong","year":"2011"},{"key":"e_1_2_1_123_1","volume-title":"Proceedings of the USENIX Steps to Reducing Unwanted Traffic on the Internet Conference (SRUTI\u201906)","author":"Wang Yi-Min","year":"2006"},{"key":"e_1_2_1_124_1","volume-title":"Proceedings of the 9th USENIX Workshop on Offensive Technologies (WOOT\u201915)","author":"Watanabe Takuya","year":"2015"},{"key":"e_1_2_1_125_1","doi-asserted-by":"publisher","DOI":"10.1145\/3178876.3186088"},{"key":"e_1_2_1_126_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2017.8228636"},{"key":"e_1_2_1_127_1","doi-asserted-by":"publisher","DOI":"10.1145\/2493432.2493435"},{"key":"e_1_2_1_128_1","doi-asserted-by":"publisher","DOI":"10.1145\/2185448.2185465"},{"key":"e_1_2_1_129_1","doi-asserted-by":"publisher","DOI":"10.1145\/3038912.3052577"},{"key":"e_1_2_1_130_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00072"},{"key":"e_1_2_1_131_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660300"},{"key":"e_1_2_1_132_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660296"},{"key":"e_1_2_1_133_1","doi-asserted-by":"publisher","DOI":"10.2196\/jmir.9775"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3403947","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3403947","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3403947","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:38:22Z","timestamp":1750199902000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3403947"}},"subtitle":["A Large-scale Study on the Risks of Mobile Sensor-based Attacks"],"short-title":[],"issued":{"date-parts":[[2020,7,6]]},"references-count":133,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2020,11,30]]}},"alternative-id":["10.1145\/3403947"],"URL":"https:\/\/doi.org\/10.1145\/3403947","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,7,6]]},"assertion":[{"value":"2019-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-05-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-07-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}