{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,3]],"date-time":"2026-06-03T03:36:33Z","timestamp":1780457793783,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":70,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,14]],"date-time":"2022-10-14T00:00:00Z","timestamp":1665705600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"funder":[{"name":"UQ Cyber Seed Funding"},{"name":"University of Queensland"},{"name":"NSRSG","award":["4018264-617225"],"award-info":[{"award-number":["4018264-617225"]}]},{"name":"Singapore Ministry of Education Academic Research Fund","award":["MOE2017-T3-1-007"],"award-info":[{"award-number":["MOE2017-T3-1-007"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,14]]},"DOI":"10.1145\/3495243.3517026","type":"proceedings-article","created":{"date-parts":[[2022,10,14]],"date-time":"2022-10-14T15:38:33Z","timestamp":1665761913000},"page":"501-513","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Assessing certificate validation user interfaces of WPA supplicants"],"prefix":"10.1145","author":[{"given":"Kailong","family":"Wang","sequence":"first","affiliation":[{"name":"National University of Singapore"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yuwei","family":"Zheng","sequence":"additional","affiliation":[{"name":"ByteDance"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Qing","family":"Zhang","sequence":"additional","affiliation":[{"name":"ByteDance"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Guangdong","family":"Bai","sequence":"additional","affiliation":[{"name":"The University of Queensland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mingchuang","family":"Qin","sequence":"additional","affiliation":[{"name":"ByteDance"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Donghui","family":"Zhang","sequence":"additional","affiliation":[{"name":"ByteDance"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jin Song","family":"Dong","sequence":"additional","affiliation":[{"name":"National University of Singapore"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2022,10,14]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"https:\/\/www.aircrack-ng.org, visited","year":"2022","unstructured":"aircrack ng. 2008. https:\/\/www.aircrack-ng.org, visited in Feb 2022 . aircrack ng. 2008. https:\/\/www.aircrack-ng.org, visited in Feb 2022."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488395"},{"key":"e_1_3_2_1_3_1","volume-title":"Clickjacking Revisited: A Perceptual View of UI Security. In WOOT.","author":"Akhawe Devdatta","year":"2014","unstructured":"Devdatta Akhawe , Warren He , Zhiwei Li , Reza Moazzezi , and Dawn Song . 2014 . Clickjacking Revisited: A Perceptual View of UI Security. In WOOT. Devdatta Akhawe, Warren He, Zhiwei Li, Reza Moazzezi, and Dawn Song. 2014. Clickjacking Revisited: A Perceptual View of UI Security. In WOOT."},{"key":"e_1_3_2_1_4_1","volume-title":"SoK: Security Evaluation of Home-Based IoT Deployments. In 2019 IEEE Symposium on Security and Privacy (SP). 1362--1380","author":"Alrawi Omar","year":"2019","unstructured":"Omar Alrawi , Chaz Lever , Manos Antonakakis , and Fabian Monrose . 2019 . SoK: Security Evaluation of Home-Based IoT Deployments. In 2019 IEEE Symposium on Security and Privacy (SP). 1362--1380 . Omar Alrawi, Chaz Lever, Manos Antonakakis, and Fabian Monrose. 2019. SoK: Security Evaluation of Home-Based IoT Deployments. In 2019 IEEE Symposium on Security and Privacy (SP). 1362--1380."},{"key":"e_1_3_2_1_5_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Aviram Nimrod","year":"2016","unstructured":"Nimrod Aviram , Sebastian Schinzel , Juraj Somorovsky , Nadia Heninger , Maik Dankel , Jens Steube , Luke Valenta , David Adrian , J. Alex Halderman , Viktor Dukhovni , Emilia K\u00e4sper , Shaanan Cohney , Susanne Engels , Christof Paar , and Yuval Shavitt . 2016 . DROWN: Breaking TLS Using SSLv2 . In 25th USENIX Security Symposium (USENIX Security 16) . 689--706. Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia K\u00e4sper, Shaanan Cohney, Susanne Engels, Christof Paar, and Yuval Shavitt. 2016. DROWN: Breaking TLS Using SSLv2. In 25th USENIX Security Symposium (USENIX Security 16). 689--706."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3230833.3230838"},{"key":"e_1_3_2_1_7_1","volume-title":"Design, Analysis, and Implementation of ARPKI: An Attack-Resilient Public-Key Infrastructure","author":"Basin David","year":"2016","unstructured":"David Basin , Cas Cremers , Tiffany Hyuni-jin, Adrian Perrig , Ralf Sasse , and Pawel Szalachowski . 2016. Design, Analysis, and Implementation of ARPKI: An Attack-Resilient Public-Key Infrastructure . IEEE Transactions on Dependable and Secure Computing PP ( 08 2016 ). David Basin, Cas Cremers, Tiffany Hyuni-jin, Adrian Perrig, Ralf Sasse, and Pawel Szalachowski. 2016. Design, Analysis, and Implementation of ARPKI: An Attack-Resilient Public-Key Infrastructure. IEEE Transactions on Dependable and Secure Computing PP (08 2016)."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660298"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660338"},{"key":"e_1_3_2_1_10_1","unstructured":"John Bellardo and Stefan Savage. 2003. 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions (SSYM'03). 2.  John Bellardo and Stefan Savage. 2003. 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions (SSYM'03). 2."},{"key":"e_1_3_2_1_11_1","volume-title":"Visited","year":"2022","unstructured":"Benjamin, Charles. Visited in Feb 2022 . mschapv2acc. https:\/\/github.com\/polkaned\/mschapv2acc. Benjamin, Charles. Visited in Feb 2022. mschapv2acc. https:\/\/github.com\/polkaned\/mschapv2acc."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978423"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766512"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.15"},{"key":"e_1_3_2_1_15_1","unstructured":"Stefano Calzavara Sebastian Roth Alvise Rabitti Michael Backes and Ben Stock. 2020. A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web. In USENIX Security.  Stefano Calzavara Sebastian Roth Alvise Rabitti Michael Backes and Ben Stock. 2020. A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web. In USENIX Security."},{"key":"e_1_3_2_1_16_1","volume-title":"20th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society.","author":"Cassola Aldo","year":"2013","unstructured":"Aldo Cassola , William K. Robertson , Engin Kirda , and Guevara Noubir . 2013 . A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication . In 20th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society. Aldo Cassola, William K. Robertson, Engin Kirda, and Guevara Noubir. 2013. A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication. In 20th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Laurent Chuat AbdelRahman Abdou Ralf Sasse Christoph Sprenger David Basin and Adrian Perrig. 2019. SoK: Delegation and Revocation the Missing Links in the Web's Chain of Trust.  Laurent Chuat AbdelRahman Abdou Ralf Sasse Christoph Sprenger David Basin and Adrian Perrig. 2019. SoK: Delegation and Revocation the Missing Links in the Web's Chain of Trust.","DOI":"10.1109\/EuroSP48549.2020.00046"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/IAW.2005.1495975"},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the 24th USENIX Conference on Security Symposium. 193--206","author":"Ruiter Joeri De","year":"2015","unstructured":"Joeri De Ruiter and Erik Poll . 2015 . Protocol State Fuzzing of TLS Implementations . In Proceedings of the 24th USENIX Conference on Security Symposium. 193--206 . Joeri De Ruiter and Erik Poll. 2015. Protocol State Fuzzing of TLS Implementations. In Proceedings of the 24th USENIX Conference on Security Symposium. 193--206."},{"key":"e_1_3_2_1_20_1","volume-title":"https:\/\/tools.ietf.org\/html\/rfc4017, visited","author":"Method Extensible Authentication","year":"2022","unstructured":"Extensible Authentication Protocol (EAP) Method Requirements for Wireless LA Ns . 2005. https:\/\/tools.ietf.org\/html\/rfc4017, visited in Feb 2022 . Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs. 2005. https:\/\/tools.ietf.org\/html\/rfc4017, visited in Feb 2022."},{"key":"e_1_3_2_1_21_1","volume-title":"https:\/\/tools.ietf.org\/html\/rfc5281, visited","author":"Protocol Tunneled Transport Layer Extensible Authentication","year":"2022","unstructured":"Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0). 2008. https:\/\/tools.ietf.org\/html\/rfc5281, visited in Feb 2022 . Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0). 2008. https:\/\/tools.ietf.org\/html\/rfc5281, visited in Feb 2022."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590341"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382205"},{"key":"e_1_3_2_1_24_1","unstructured":"Adrienne Porter Felt Richard Barnes April King Chris Palmer Chris Bentzel and Parisa Tabriz. 2017. Measuring HTTPS Adoption on the Web. In USENIX Security. 1323--1338.  Adrienne Porter Felt Richard Barnes April King Chris Palmer Chris Bentzel and Parisa Tabriz. 2017. Measuring HTTPS Adoption on the Web. In USENIX Security. 1323--1338."},{"key":"e_1_3_2_1_25_1","volume-title":"https:\/\/github.com\/anonymous-research-security\/Supplementary-Document.git, visited","author":"Repository","year":"2022","unstructured":"Repository for supplementary material. 2021. https:\/\/github.com\/anonymous-research-security\/Supplementary-Document.git, visited in Feb 2022 . Repository for supplementary material. 2021. https:\/\/github.com\/anonymous-research-security\/Supplementary-Document.git, visited in Feb 2022."},{"key":"e_1_3_2_1_26_1","volume-title":"Wi-Fi Hotspots: Setting Up Public Wireless Internet Access. Networking Technology","author":"Geier Eric","year":"2006","unstructured":"Eric Geier . 2006. Wi-Fi Hotspots: Setting Up Public Wireless Internet Access. Networking Technology ( 2006 ). Eric Geier. 2006. Wi-Fi Hotspots: Setting Up Public Wireless Internet Access. Networking Technology (2006)."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"e_1_3_2_1_28_1","volume-title":"https:\/\/www.cisco.com\/c\/dam\/en\/us\/solutions\/collateral\/enterprise-networks\/global-networking-trends-report-executive-brief.pdf, visited","author":"Trends Report Global Networking","year":"2022","unstructured":"Global Networking Trends Report . 2020. https:\/\/www.cisco.com\/c\/dam\/en\/us\/solutions\/collateral\/enterprise-networks\/global-networking-trends-report-executive-brief.pdf, visited in Feb 2022 . Global Networking Trends Report. 2020. https:\/\/www.cisco.com\/c\/dam\/en\/us\/solutions\/collateral\/enterprise-networks\/global-networking-trends-report-executive-brief.pdf, visited in Feb 2022."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2989126"},{"key":"e_1_3_2_1_30_1","volume-title":"Vetting SSL Usage in Applications with SSLINT. In 2015 IEEE Symposium on Security and Privacy. 519--534","author":"He Boyuan","year":"2015","unstructured":"Boyuan He , Vaibhav Rastogi , Yinzhi Cao , Yan Chen , V.N. Venkatakrishnan , Runqing Yang , and Zhenrui Zhang . 2015 . Vetting SSL Usage in Applications with SSLINT. In 2015 IEEE Symposium on Security and Privacy. 519--534 . Boyuan He, Vaibhav Rastogi, Yinzhi Cao, Yan Chen, V.N. Venkatakrishnan, Runqing Yang, and Zhenrui Zhang. 2015. Vetting SSL Usage in Applications with SSLINT. In 2015 IEEE Symposium on Security and Privacy. 519--534."},{"key":"e_1_3_2_1_31_1","volume-title":"Clickjacking: Attacks and Defenses. In USENIX Security. 413--428.","author":"Huang Lin-Shung","year":"2012","unstructured":"Lin-Shung Huang , Alex Moshchuk , Helen J. Wang , Stuart Schecter , and Collin Jackson . 2012 . Clickjacking: Attacks and Defenses. In USENIX Security. 413--428. Lin-Shung Huang, Alex Moshchuk, Helen J. Wang, Stuart Schecter, and Collin Jackson. 2012. Clickjacking: Attacks and Defenses. In USENIX Security. 413--428."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.13"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"crossref","unstructured":"Collin Jackson Daniel R. Simon Desney S. Tan and Adam Barth. 2007. An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks. In Financial Cryptography and Data Security Sven Dietrich and Rachna Dhamija (Eds.). 281--293.  Collin Jackson Daniel R. Simon Desney S. Tan and Adam Barth. 2007. An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks. In Financial Cryptography and Data Security Sven Dietrich and Rachna Dhamija (Eds.). 281--293.","DOI":"10.1007\/978-3-540-77366-5_27"},{"key":"e_1_3_2_1_34_1","volume-title":"Visited","author":"Joshua Wright","year":"2022","unstructured":"Wright Joshua . Visited in Feb 2022 . ASLEEP - recovers weak LEAP password. https:\/\/github.com\/joswr1ght\/asleap. Wright Joshua. Visited in Feb 2022. ASLEEP - recovers weak LEAP password. https:\/\/github.com\/joswr1ght\/asleap."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Kaushal Kafle Kevin Moran Sunil Manandhar Adwait Nadkarni and Denys Poshyvanyk. 2019. A Study of Data Store-Based Home Automation. 73--84.  Kaushal Kafle Kevin Moran Sunil Manandhar Adwait Nadkarni and Denys Poshyvanyk. 2019. A Study of Data Store-Based Home Automation. 73--84.","DOI":"10.1145\/3292006.3300031"},{"key":"e_1_3_2_1_36_1","volume-title":"A Comprehensive Attack Flow Model and Security Analysis for Wi-Fi and WPA3. Electronics 7 (10","author":"Kohlios Christopher","year":"2018","unstructured":"Christopher Kohlios and Thaier Hayajneh . 2018. A Comprehensive Attack Flow Model and Security Analysis for Wi-Fi and WPA3. Electronics 7 (10 2018 ), 284. Christopher Kohlios and Thaier Hayajneh. 2018. A Comprehensive Attack Flow Model and Security Analysis for Wi-Fi and WPA3. Electronics 7 (10 2018), 284."},{"key":"e_1_3_2_1_37_1","volume-title":"Tracking Certificate Misissuance in the Wild. In IEEE Symposium on Security and Privacy. 785--798","author":"Kumar Deepak","year":"2018","unstructured":"Deepak Kumar , Zhengping Wang , Matthew Hyder , Joseph Dickinson , Gabrielle Beck , David Adrian , Joshua Mason , Zakir Durumeric , J. Alex Halderman , and Michael Bailey . 2018 . Tracking Certificate Misissuance in the Wild. In IEEE Symposium on Security and Privacy. 785--798 . Deepak Kumar, Zhengping Wang, Matthew Hyder, Joseph Dickinson, Gabrielle Beck, David Adrian, Joshua Mason, Zakir Durumeric, J. Alex Halderman, and Michael Bailey. 2018. Tracking Certificate Misissuance in the Wild. In IEEE Symposium on Security and Privacy. 785--798."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3013212"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815685"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11280-017-0458-9"},{"key":"e_1_3_2_1_41_1","volume-title":"https:\/\/tools.ietf.org\/html\/rfc2433, visited","author":"Extensions Microsoft PPP CHAP","year":"2022","unstructured":"Microsoft PPP CHAP Extensions . 1998. https:\/\/tools.ietf.org\/html\/rfc2433, visited in Feb 2022 . Microsoft PPP CHAP Extensions. 1998. https:\/\/tools.ietf.org\/html\/rfc2433, visited in Feb 2022."},{"key":"e_1_3_2_1_42_1","volume-title":"Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-52r2.pdf, visited","author":"National Institute of Standards and Technology. 2019.","year":"2022","unstructured":"National Institute of Standards and Technology. 2019. Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-52r2.pdf, visited in Feb 2022 . National Institute of Standards and Technology. 2019. Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-52r2.pdf, visited in Feb 2022."},{"key":"e_1_3_2_1_43_1","unstructured":"National Institute of Standards and Technology. 2021. Implementation Guidance for FIPS 140-2 and the Cryptographic Module Validation Program. https:\/\/csrc.nist.gov\/csrc\/media\/projects\/cryptographic-module-validation-program\/documents\/fips140-2\/fips1402ig.pdf visited in Feb 2022.  National Institute of Standards and Technology. 2021. Implementation Guidance for FIPS 140-2 and the Cryptographic Module Validation Program. https:\/\/csrc.nist.gov\/csrc\/media\/projects\/cryptographic-module-validation-program\/documents\/fips140-2\/fips1402ig.pdf visited in Feb 2022."},{"key":"e_1_3_2_1_44_1","volume-title":"Visited","author":"National Vulnerability Database.","year":"2022","unstructured":"National Vulnerability Database. Visited in Feb 2022 . https:\/\/nvd.nist.gov. National Vulnerability Database. Visited in Feb 2022. https:\/\/nvd.nist.gov."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133977"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2766498.2766522"},{"key":"e_1_3_2_1_47_1","volume-title":"https:\/\/github.com\/cfrg\/pake-selection#reviews-by-crypto-review-panel-round-2, visited","author":"Selection PAKE","year":"2022","unstructured":"PAKE Selection . 2019. https:\/\/github.com\/cfrg\/pake-selection#reviews-by-crypto-review-panel-round-2, visited in Feb 2022 . PAKE Selection. 2019. https:\/\/github.com\/cfrg\/pake-selection#reviews-by-crypto-review-panel-round-2, visited in Feb 2022."},{"key":"e_1_3_2_1_48_1","volume-title":"Visited","author":"Reported Patch","year":"2022","unstructured":"Patch for Reported Vulnerability CVE-2020-0201. Visited in Feb 2022 . https:\/\/android.googlesource.com\/platform\/packages\/apps\/Settings\/\/f3848729b416a20a3d5d4b1a8e5a8794f727cbdc%5E%21\/#F2. Patch for Reported Vulnerability CVE-2020-0201. Visited in Feb 2022. https:\/\/android.googlesource.com\/platform\/packages\/apps\/Settings\/\/f3848729b416a20a3d5d4b1a8e5a8794f727cbdc%5E%21\/#F2."},{"key":"e_1_3_2_1_49_1","volume-title":"https:\/\/tools.ietf.org\/rfc\/rfc2284.txt, visited","author":"Extensible Authentication PPP","year":"2022","unstructured":"PPP Extensible Authentication Protocol (EAP). 1998. https:\/\/tools.ietf.org\/rfc\/rfc2284.txt, visited in Feb 2022 . PPP Extensible Authentication Protocol (EAP). 1998. https:\/\/tools.ietf.org\/rfc\/rfc2284.txt, visited in Feb 2022."},{"key":"e_1_3_2_1_50_1","volume-title":"https:\/\/www.topuniversities.com\/university-rankings\/world-university-rankings\/2020, visited","author":"QS World University Rankings 2020. 2020.","year":"2022","unstructured":"QS World University Rankings 2020. 2020. https:\/\/www.topuniversities.com\/university-rankings\/world-university-rankings\/2020, visited in Feb 2022 . QS World University Rankings 2020. 2020. https:\/\/www.topuniversities.com\/university-rankings\/world-university-rankings\/2020, visited in Feb 2022."},{"key":"e_1_3_2_1_51_1","volume-title":"https:\/\/www.ietf.org\/rfc\/rfc3579.txt, visited","author":"Remote Authentication Dial In RADIUS","year":"2022","unstructured":"RADIUS ( Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP). 2003. https:\/\/www.ietf.org\/rfc\/rfc3579.txt, visited in Feb 2022 . RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP). 2003. https:\/\/www.ietf.org\/rfc\/rfc3579.txt, visited in Feb 2022."},{"key":"e_1_3_2_1_52_1","unstructured":"Requirements for Password-Authenticated Key Agreement (PAKE) Schemes. 2017. https:\/\/tools.ietf.org\/html\/rfc8125.  Requirements for Password-Authenticated Key Agreement (PAKE) Schemes. 2017. https:\/\/tools.ietf.org\/html\/rfc8125."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/1352533.1352569"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329832"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"crossref","unstructured":"Bruce Schneier Mudge and David Wagner. 1999. Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2). In Secure Networking --- CQRE [Secure]. 192--203.  Bruce Schneier Mudge and David Wagner. 1999. Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2). In Secure Networking --- CQRE [Secure]. 192--203.","DOI":"10.1007\/3-540-46701-7_17"},{"key":"e_1_3_2_1_56_1","volume-title":"Visited","year":"2022","unstructured":"StatCounter. Visited in Feb 2022 . Operating System Version Market Share . https:\/\/gs.statcounter.com\/os-market-share. StatCounter. Visited in Feb 2022. Operating System Version Market Share. https:\/\/gs.statcounter.com\/os-market-share."},{"key":"e_1_3_2_1_57_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Stute Milan","year":"2019","unstructured":"Milan Stute , Sashank Narain , Alex Mariotto , Alexander Heinrich , David Kreitschmann , Guevara Noubir , and Matthias Hollick . 2019 . A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link . In 28th USENIX Security Symposium (USENIX Security 19) . 37--54. Milan Stute, Sashank Narain, Alex Mariotto, Alexander Heinrich, David Kreitschmann, Guevara Noubir, and Matthias Hollick. 2019. A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link. In 28th USENIX Security Symposium (USENIX Security 19). 37--54."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"crossref","unstructured":"Hiroaki Suzuki Daiki Chiba Yoshiro Yoneya Tatsuya Mori and Shigeki Goto. 2019. ShamFinder: An Automated Framework for Detecting IDN Homographs. In IMC. 449--462.  Hiroaki Suzuki Daiki Chiba Yoshiro Yoneya Tatsuya Mori and Shigeki Goto. 2019. ShamFinder: An Automated Framework for Detecting IDN Homographs. In IMC. 449--462.","DOI":"10.1145\/3355369.3355587"},{"key":"e_1_3_2_1_59_1","volume-title":"https:\/\/tools.ietf.org\/html\/rfc5216, visited","author":"Authentication Protocol The EAP-TLS","year":"2022","unstructured":"The EAP-TLS Authentication Protocol . 2008. https:\/\/tools.ietf.org\/html\/rfc5216, visited in Feb 2022 . The EAP-TLS Authentication Protocol. 2008. https:\/\/tools.ietf.org\/html\/rfc5216, visited in Feb 2022."},{"key":"e_1_3_2_1_60_1","volume-title":"Visited","author":"Server Project The","year":"2022","unstructured":"The FreeRADIUS Server Project . Visited in Feb 2022 . https:\/\/freeradius.org. The FreeRADIUS Server Project. Visited in Feb 2022. https:\/\/freeradius.org."},{"key":"e_1_3_2_1_61_1","volume-title":"Visited","author":"Access Point Daemon The Host","year":"2022","unstructured":"The Host Access Point Daemon . Visited in Feb 2022 . https:\/\/w1.fi\/hostapd. The Host Access Point Daemon. Visited in Feb 2022. https:\/\/w1.fi\/hostapd."},{"key":"e_1_3_2_1_62_1","volume-title":"Visited","author":"Project The Openwall","year":"2022","unstructured":"The Openwall Project . Visited in Feb 2022 . https:\/\/www.openwall.com\/john. The Openwall Project. Visited in Feb 2022. https:\/\/www.openwall.com\/john."},{"key":"e_1_3_2_1_63_1","unstructured":"Christopher Thompson Martin Shelton Emily Stark Maximilian Walker Emily Schechter and Adrienne Porter Felt. 2019. The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators. In USENIX Security. 1715--1732.  Christopher Thompson Martin Shelton Emily Stark Maximilian Walker Emily Schechter and Adrienne Porter Felt. 2019. The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators. In USENIX Security. 1715--1732."},{"key":"e_1_3_2_1_64_1","article-title":"Differential Testing of Certificate Validation in SSL\/TLS Implementations","volume":"28","author":"Tian Cong","year":"2019","unstructured":"Cong Tian , Chu Chen , Zhenhua Duan , and Liang Zhao . 2019 . Differential Testing of Certificate Validation in SSL\/TLS Implementations : An RFC-Guided Approach. ACM Trans. Softw. Eng. Methodol. 28 , 4, Article 24 (Oct. 2019), 37 pages. Cong Tian, Chu Chen, Zhenhua Duan, and Liang Zhao. 2019. Differential Testing of Certificate Validation in SSL\/TLS Implementations: An RFC-Guided Approach. ACM Trans. Softw. Eng. Methodol. 28, 4, Article 24 (Oct. 2019), 37 pages.","journal-title":"An RFC-Guided Approach. ACM Trans. Softw. Eng. Methodol."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2484313.2484368"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.5555\/3241094.3241147"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134027"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00031"},{"key":"e_1_3_2_1_69_1","unstructured":"Mingxue Zhang Wei Meng Sangho Lee Byoungyoung Lee and Xinyu Xing. 2019. All Your Clicks Belong to Me: Investigating Click Interception on the Web. In USENIX Security.  Mingxue Zhang Wei Meng Sangho Lee Byoungyoung Lee and Xinyu Xing. 2019. All Your Clicks Belong to Me: Investigating Click Interception on the Web. In USENIX Security."},{"key":"e_1_3_2_1_70_1","volume-title":"The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations. In 2014 IEEE Symposium on Security and Privacy. 409--423","author":"Lee Yeonjoon","year":"2014","unstructured":"Xiao-yong Zhou, Yeonjoon Lee , Nan Zhang , Muhammad Naveed , and XiaoFeng Wang . 2014 . The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations. In 2014 IEEE Symposium on Security and Privacy. 409--423 . Xiao-yong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, and XiaoFeng Wang. 2014. The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations. In 2014 IEEE Symposium on Security and Privacy. 409--423."}],"event":{"name":"ACM MobiCom '22: The 28th Annual International Conference on Mobile Computing and Networking","location":"Sydney NSW Australia","acronym":"ACM MobiCom '22","sponsor":["SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing"]},"container-title":["Proceedings of the 28th Annual International Conference on Mobile Computing And Networking"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3495243.3517026","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3495243.3517026","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:12:03Z","timestamp":1750191123000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3495243.3517026"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,14]]},"references-count":70,"alternative-id":["10.1145\/3495243.3517026","10.1145\/3495243"],"URL":"https:\/\/doi.org\/10.1145\/3495243.3517026","relation":{},"subject":[],"published":{"date-parts":[[2022,10,14]]},"assertion":[{"value":"2022-10-14","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}