{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T16:13:11Z","timestamp":1774541591098,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":55,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,25]],"date-time":"2022-10-25T00:00:00Z","timestamp":1666656000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1934597, CNS-2211574, CNS-2143363"],"award-info":[{"award-number":["CNS-1934597, CNS-2211574, CNS-2143363"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"EPSRC","award":["EP\/T026723\/1"],"award-info":[{"award-number":["EP\/T026723\/1"]}]},{"name":"Ramon y Cajal Fellowship","award":["RYC-2020-029401-I"],"award-info":[{"award-number":["RYC-2020-029401-I"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,25]]},"DOI":"10.1145\/3517745.3561433","type":"proceedings-article","created":{"date-parts":[[2022,10,21]],"date-time":"2022-10-21T21:28:36Z","timestamp":1666387716000},"page":"581-588","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":20,"title":["Exploring the security and privacy risks of chatbots in messaging services"],"prefix":"10.1145","author":[{"given":"Jide","family":"Edu","sequence":"first","affiliation":[{"name":"King's College London, London, UK"}]},{"given":"Cliona","family":"Mulligan","sequence":"additional","affiliation":[{"name":"King's College London, London, UK"}]},{"given":"Fabio","family":"Pierazzi","sequence":"additional","affiliation":[{"name":"King's College London, London, UK"}]},{"given":"Jason","family":"Polakis","sequence":"additional","affiliation":[{"name":"University of Illinois at Chicago"}]},{"given":"Guillermo","family":"Suarez-Tangil","sequence":"additional","affiliation":[{"name":"IMDEA Networks Institute, Madrid, Spain"}]},{"given":"Jose","family":"Such","sequence":"additional","affiliation":[{"name":"King's College London, London, UK"}]}],"member":"320","published-online":{"date-parts":[[2022,10,25]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.33"},{"key":"e_1_3_2_2_2_1","volume-title":"Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie.","author":"Andow Benjamin","year":"2019","unstructured":"Benjamin Andow , Samin Yaseer Mahmud , Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie. 2019 . Policylint: investigating internal privacy policy contradictions on Google play. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 585--602. Benjamin Andow, Samin Yaseer Mahmud, Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie. 2019. Policylint: investigating internal privacy policy contradictions on Google play. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 585--602."},{"key":"e_1_3_2_2_3_1","volume-title":"Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Serge Egelman.","author":"Andow Benjamin","year":"2020","unstructured":"Benjamin Andow , Samin Yaseer Mahmud , Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Serge Egelman. 2020 . Actions speak louder than words: Entity-sensitive privacy policy and data flow analysis with policheck. In 29th {USENIX} Security Symposium ({USENIX} Security 20). 985--1002. Benjamin Andow, Samin Yaseer Mahmud, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Serge Egelman. 2020. Actions speak louder than words: Entity-sensitive privacy policy and data flow analysis with policheck. In 29th {USENIX} Security Symposium ({USENIX} Security 20). 985--1002."},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30806-7_15"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2012.326"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2351676.2351722"},{"key":"e_1_3_2_2_7_1","volume-title":"Slack with Malware. https:\/\/threatpost.com\/attackers-discord-slack-malware\/165295\/. [Online","author":"Bracken Becky","year":"2021","unstructured":"Becky Bracken . 2021. Attackers Blowing Up Discord , Slack with Malware. https:\/\/threatpost.com\/attackers-discord-slack-malware\/165295\/. [Online ; last accessed 18- August - 2021 ]. Becky Bracken. 2021. Attackers Blowing Up Discord, Slack with Malware. https:\/\/threatpost.com\/attackers-discord-slack-malware\/165295\/. [Online; last accessed 18-August-2021]."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-013-0190-7"},{"key":"e_1_3_2_2_9_1","volume-title":"Sowing Discord: Reaping the benefits of collaboration app abuse. https:\/\/blog.talosintelligence.com\/2021\/04\/collab-app-abuse.html. [Online","author":"Brumaghin Edmund","year":"2021","unstructured":"Edmund Brumaghin . 2021 . Sowing Discord: Reaping the benefits of collaboration app abuse. https:\/\/blog.talosintelligence.com\/2021\/04\/collab-app-abuse.html. [Online ; last accessed 18-August-2021]. Edmund Brumaghin. 2021. Sowing Discord: Reaping the benefits of collaboration app abuse. https:\/\/blog.talosintelligence.com\/2021\/04\/collab-app-abuse.html. [Online; last accessed 18-August-2021]."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663749"},{"key":"e_1_3_2_2_11_1","volume-title":"20th USENIX Security Symposium (USENIX Security 11)","author":"Caballero Juan","year":"2011","unstructured":"Juan Caballero , Chris Grier , Christian Kreibich , and Vern Paxson . 2011 . Measuring {Pay-per-Install}: The Commoditization of Malware Distribution . In 20th USENIX Security Symposium (USENIX Security 11) . Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson. 2011. Measuring {Pay-per-Install}: The Commoditization of Malware Distribution. In 20th USENIX Security Symposium (USENIX Security 11)."},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1099203.1099221"},{"key":"e_1_3_2_2_13_1","volume-title":"Experimental Security Analysis of the App Model in Business Collaboration Platforms. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Chen Yunang","year":"2022","unstructured":"Yunang Chen , Yue Gao , Nick Ceccio , Rahul Chatterjee , Kassem Fawaz , and Earlence Fernandes . 2022 . Experimental Security Analysis of the App Model in Business Collaboration Platforms. In 31st USENIX Security Symposium (USENIX Security 22) . USENIX Association, Boston, MA , 2011--2028. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/chen-yunang-experimental Yunang Chen, Yue Gao, Nick Ceccio, Rahul Chatterjee, Kassem Fawaz, and Earlence Fernandes. 2022. Experimental Security Analysis of the App Model in Business Collaboration Platforms. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 2011--2028. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/chen-yunang-experimental"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423339"},{"key":"e_1_3_2_2_15_1","volume-title":"Enron Email Dataset. https:\/\/www.cs.cmu.edu\/~enron\/. [Online","author":"Cohen William W.","year":"2022","unstructured":"William W. Cohen . 2022. Enron Email Dataset. https:\/\/www.cs.cmu.edu\/~enron\/. [Online ; last accessed 15- May - 2022 ]. William W. Cohen. 2022. Enron Email Dataset. https:\/\/www.cs.cmu.edu\/~enron\/. [Online; last accessed 15-May-2022]."},{"key":"e_1_3_2_2_16_1","volume-title":"Cambridge Analytica and Facebook: The Scandal and the Fallout So Far. https:\/\/www.nytimes.com\/2018\/04\/04\/us\/politics\/cambridge-analytica-scandal-fallout.html. [Online","author":"Confessore Nicholas","year":"2021","unstructured":"Nicholas Confessore . 2021. Cambridge Analytica and Facebook: The Scandal and the Fallout So Far. https:\/\/www.nytimes.com\/2018\/04\/04\/us\/politics\/cambridge-analytica-scandal-fallout.html. [Online ; last accessed 18- August - 2021 ]. Nicholas Confessore. 2021. Cambridge Analytica and Facebook: The Scandal and the Fallout So Far. https:\/\/www.nytimes.com\/2018\/04\/04\/us\/politics\/cambridge-analytica-scandal-fallout.html. [Online; last accessed 18-August-2021]."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663729"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-020-09879-8"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3292006.3300027"},{"key":"e_1_3_2_2_20_1","unstructured":"Discord. 2020. Discord Developer Portal --- API Docs For Bots And Developers. https:\/\/discord.com\/developers\/docs\/topics\/permissions.  Discord. 2020. Discord Developer Portal --- API Docs For Bots And Developers. https:\/\/discord.com\/developers\/docs\/topics\/permissions."},{"key":"e_1_3_2_2_21_1","volume-title":"https:\/\/discord.com\/developers\/docs\/resources\/user [Online","author":"Resource Users","year":"2021","unstructured":"Discord. 2020. Users Resource . https:\/\/discord.com\/developers\/docs\/resources\/user [Online ; last accessed 8- October - 2021 ]. Discord. 2020. Users Resource. https:\/\/discord.com\/developers\/docs\/resources\/user [Online; last accessed 8-October-2021]."},{"key":"e_1_3_2_2_22_1","volume-title":"Privacy policy. https:\/\/discord.com\/privacy. [Online","year":"2021","unstructured":"Discord. 2021. Privacy policy. https:\/\/discord.com\/privacy. [Online ; last accessed 18- August - 2021 ]. Discord. 2021. Privacy policy. https:\/\/discord.com\/privacy. [Online; last accessed 18-August-2021]."},{"key":"e_1_3_2_2_23_1","volume-title":"https:\/\/telegram.org\/blog\/400-million. [Online","author":"Durov Pavel","year":"2021","unstructured":"Pavel Durov . 2020. 400 Million Users , 20,000 Stickers, Quizzes 2.0 and 00K for Creators of Educational Tests . https:\/\/telegram.org\/blog\/400-million. [Online ; last accessed 04- January - 2021 ]. Pavel Durov. 2020. 400 Million Users, 20,000 Stickers, Quizzes 2.0 and 00K for Creators of Educational Tests. https:\/\/telegram.org\/blog\/400-million. [Online; last accessed 04-January-2021]."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3129116"},{"key":"e_1_3_2_2_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512289"},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/CIST.2016.7804964"},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.02.007"},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2020-0076"},{"key":"e_1_3_2_2_29_1","volume-title":"Permission Re-Delegation: Attacks and Defenses. In 20th USENIX Security Symposium (USENIX Security 11)","author":"Felt Adrienne Porter","year":"2011","unstructured":"Adrienne Porter Felt , Helen J. Wang , Alexander Moshchuk , Steve Hanna , and Erika Chin . 2011 . Permission Re-Delegation: Attacks and Defenses. In 20th USENIX Security Symposium (USENIX Security 11) . USENIX Association, San Francisco, CA. https:\/\/www.usenix.org\/conference\/usenixsecurity11\/permission-re-delegation-attacks-and-defenses Adrienne Porter Felt, Helen J. Wang, Alexander Moshchuk, Steve Hanna, and Erika Chin. 2011. Permission Re-Delegation: Attacks and Defenses. In 20th USENIX Security Symposium (USENIX Security 11). USENIX Association, San Francisco, CA. https:\/\/www.usenix.org\/conference\/usenixsecurity11\/permission-re-delegation-attacks-and-defenses"},{"key":"e_1_3_2_2_30_1","volume-title":"Malware increasingly targets Discord for abuse. https:\/\/news.sophos.com\/en-us\/2021\/07\/22\/malware-increasingly-targets-discord-for-abuse\/. [Online","author":"Gallagher Sean","year":"2021","unstructured":"Sean Gallagher and Andrew Brandt . 2021. Malware increasingly targets Discord for abuse. https:\/\/news.sophos.com\/en-us\/2021\/07\/22\/malware-increasingly-targets-discord-for-abuse\/. [Online ; last accessed 18- August - 2021 ]. Sean Gallagher and Andrew Brandt. 2021. Malware increasingly targets Discord for abuse. https:\/\/news.sophos.com\/en-us\/2021\/07\/22\/malware-increasingly-targets-discord-for-abuse\/. [Online; last accessed 18-August-2021]."},{"key":"e_1_3_2_2_31_1","volume-title":"Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Harkous Hamza","year":"2018","unstructured":"Hamza Harkous , Kassem Fawaz , R\u00e9mi Lebret , Florian Schaub , Kang G. Shin , and Karl Aberer . 2018 . Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. In 27th USENIX Security Symposium (USENIX Security 18) . USENIX Association, Baltimore, MD, 531--548. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/harkous Hamza Harkous, Kassem Fawaz, R\u00e9mi Lebret, Florian Schaub, Kang G. Shin, and Karl Aberer. 2018. Polisis: Automated Analysis and Presentation of Privacy Policies Using Deep Learning. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 531--548. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/harkous"},{"key":"e_1_3_2_2_32_1","volume-title":"Chat App Discord Abused to Attack ROBLOX Players. https:\/\/www.trendmicro.com\/en_us\/research\/17\/h\/chat-app-discord-abused-cybercriminals-attack-roblox-players.html. [Online","author":"Hilt Stephen","year":"2021","unstructured":"Stephen Hilt . 2017. Chat App Discord Abused to Attack ROBLOX Players. https:\/\/www.trendmicro.com\/en_us\/research\/17\/h\/chat-app-discord-abused-cybercriminals-attack-roblox-players.html. [Online ; last accessed 18- January - 2021 ]. Stephen Hilt. 2017. Chat App Discord Abused to Attack ROBLOX Players. https:\/\/www.trendmicro.com\/en_us\/research\/17\/h\/chat-app-discord-abused-cybercriminals-attack-roblox-players.html. [Online; last accessed 18-January-2021]."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423651"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCE-Berlin.2017.8210616"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3334480.3382960"},{"key":"e_1_3_2_2_36_1","volume-title":"Proceedings of the 27th European Conference on Information Systems (ECIS). https:\/\/www.alexandria.unisg.ch\/257166\/","author":"Lechler Ruth","year":"2019","unstructured":"Ruth Lechler , Emanuel St\u00f6ckli , Roman Rietsche , and Falk Uebernickel . 2019 . Looking Beneath the Tip of the Iceberg: The Two-Sided Nature of Chatbots and Their Roles for Digital Feedback Exchange . In Proceedings of the 27th European Conference on Information Systems (ECIS). https:\/\/www.alexandria.unisg.ch\/257166\/ Ruth Lechler, Emanuel St\u00f6ckli, Roman Rietsche, and Falk Uebernickel. 2019. Looking Beneath the Tip of the Iceberg: The Two-Sided Nature of Chatbots and Their Roles for Digital Feedback Exchange. In Proceedings of the 27th European Conference on Information Systems (ECIS). https:\/\/www.alexandria.unisg.ch\/257166\/"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.semnephrol.2020.04.009"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3110025.3110103"},{"key":"e_1_3_2_2_39_1","volume-title":"TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy. https:\/\/threatpost.com\/trickbot-attack-covid-19docusign-themed-malw\/155391\/. [Online","author":"Montalbano Elizabeth","year":"2021","unstructured":"Elizabeth Montalbano . 2020. TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy. https:\/\/threatpost.com\/trickbot-attack-covid-19docusign-themed-malw\/155391\/. [Online ; last accessed 18- January - 2021 ]. Elizabeth Montalbano. 2020. TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy. https:\/\/threatpost.com\/trickbot-attack-covid-19docusign-themed-malw\/155391\/. [Online; last accessed 18-January-2021]."},{"key":"e_1_3_2_2_40_1","unstructured":"Ruchna Nigam and Kyle Wilhoit. 2017. TeleRAT: Another Android Trojan Leveraging Telegram's Bot API to Target Iranian Users. https:\/\/unit42.paloaltonetworks.com\/unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-iranian-users\/. [Online; last accessed 18-January-2021].  Ruchna Nigam and Kyle Wilhoit. 2017. TeleRAT: Another Android Trojan Leveraging Telegram's Bot API to Target Iranian Users. https:\/\/unit42.paloaltonetworks.com\/unit42-telerat-another-android-trojan-leveraging-telegrams-bot-api-to-target-iranian-users\/. [Online; last accessed 18-January-2021]."},{"key":"e_1_3_2_2_41_1","unstructured":"Oauth.net. 2020. OAuth 2.0. https:\/\/oauth.net\/2\/.  Oauth.net. 2020. OAuth 2.0. https:\/\/oauth.net\/2\/."},{"key":"e_1_3_2_2_42_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Onaolapo Jeremiah","year":"2021","unstructured":"Jeremiah Onaolapo , Nektarios Leontiadis , Despoina Magka , and Gianluca Stringhini . 2021 . {SocialHEISTing}: Understanding Stolen Facebook Accounts . In 30th USENIX Security Symposium (USENIX Security 21) . 4115--4132. Jeremiah Onaolapo, Nektarios Leontiadis, Despoina Magka, and Gianluca Stringhini. 2021. {SocialHEISTing}: Understanding Stolen Facebook Accounts. In 30th USENIX Security Symposium (USENIX Security 21). 4115--4132."},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987475"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCSS.2017.2719705"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-49336-3_41"},{"key":"e_1_3_2_2_46_1","volume-title":"Number COM2013-0428 in ATINER conference paper series. Atiner.","author":"Ross Penny","year":"2013","unstructured":"Penny Ross . 2013 . The use of honey tokens in database security . Number COM2013-0428 in ATINER conference paper series. Atiner. Penny Ross. 2013. The use of honey tokens in database security. Number COM2013-0428 in ATINER conference paper series. Atiner."},{"key":"e_1_3_2_2_47_1","volume-title":"MAPS: Scaling Privacy Compliance Analysis to a Million Apps.","author":"Sebastian Zimmeck","year":"2019","unstructured":"Zimmeck Sebastian , Story Peter , Smullen Daniel , Wang Abhilasha , Ravichanderand Ziqi , Reidenberg Joel , Russell N. Cameron , and Sadeh Norman . 2019 . MAPS: Scaling Privacy Compliance Analysis to a Million Apps. Zimmeck Sebastian, Story Peter, Smullen Daniel, Wang Abhilasha, Ravichanderand Ziqi, Reidenberg Joel, Russell N. Cameron, and Sadeh Norman. 2019. MAPS: Scaling Privacy Compliance Analysis to a Million Apps."},{"key":"e_1_3_2_2_48_1","volume-title":"https:\/\/www.selenium.dev\/. [Online","author":"WebDriver Selenium","year":"2020","unstructured":"Selenium. 2020. Selenium WebDriver . https:\/\/www.selenium.dev\/. [Online ; last accessed 15- October - 2020 ]. Selenium. 2020. Selenium WebDriver. https:\/\/www.selenium.dev\/. [Online; last accessed 15-October-2020]."},{"key":"e_1_3_2_2_49_1","volume-title":"Locator strategies. https:\/\/www.selenium.dev\/documentation\/webdriver\/elements\/locators\/. [Online","year":"2022","unstructured":"Selenium. 2022. Locator strategies. https:\/\/www.selenium.dev\/documentation\/webdriver\/elements\/locators\/. [Online ; last accessed 06- September - 2022 ]. Selenium. 2022. Locator strategies. https:\/\/www.selenium.dev\/documentation\/webdriver\/elements\/locators\/. [Online; last accessed 06-September-2022]."},{"key":"e_1_3_2_2_50_1","volume-title":"55 Slack Statistics and Facts (2020) | By the Numbers. https:\/\/expandedramblings.com\/index.php\/slack-statistics\/. [Online","author":"Smith Craig","year":"2021","unstructured":"Craig Smith . 2020. 55 Slack Statistics and Facts (2020) | By the Numbers. https:\/\/expandedramblings.com\/index.php\/slack-statistics\/. [Online ; last accessed 04- January - 2021 ]. Craig Smith. 2020. 55 Slack Statistics and Facts (2020) | By the Numbers. https:\/\/expandedramblings.com\/index.php\/slack-statistics\/. [Online; last accessed 04-January-2021]."},{"key":"e_1_3_2_2_51_1","volume-title":"Honeypots: Tracking Hackers","author":"Spitzner L.","year":"2002","unstructured":"L. Spitzner . 2002 . Honeypots: Tracking Hackers . Addison-Wesley Longman Publishing Co., Inc. , USA. L. Spitzner. 2002. Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., USA."},{"key":"e_1_3_2_2_52_1","unstructured":"SRLabs. 2019. smart spies: alexa and google home expose users to vishing and eavesdropping. https:\/\/srlabs.de\/bites\/smart-spies\/  SRLabs. 2019. smart spies: alexa and google home expose users to vishing and eavesdropping. https:\/\/srlabs.de\/bites\/smart-spies\/"},{"key":"e_1_3_2_2_53_1","volume-title":"Bram Klievink, Nicolas Christin, and Michel Van Eeten.","author":"Wegberg Rolf Van","year":"2018","unstructured":"Rolf Van Wegberg , Samaneh Tajalizadehkhoob , Kyle Soska , Ugur Akyazi , Carlos Hernandez Ganan , Bram Klievink, Nicolas Christin, and Michel Van Eeten. 2018 . Plug and prey? measuring the commoditization of cybercrime via online anonymous markets. In 27th USENIX security symposium (USENIX security 18). 1009--1026. Rolf Van Wegberg, Samaneh Tajalizadehkhoob, Kyle Soska, Ugur Akyazi, Carlos Hernandez Ganan, Bram Klievink, Nicolas Christin, and Michel Van Eeten. 2018. Plug and prey? measuring the commoditization of cybercrime via online anonymous markets. In 27th USENIX security symposium (USENIX security 18). 1009--1026."},{"key":"e_1_3_2_2_54_1","volume-title":"Passwords. https:\/\/www.tomsguide.com\/news\/discord-spidey-bot-malware-is-stealing-usernames-passwords. [Online","author":"Wagenseil Paul","year":"2021","unstructured":"Paul Wagenseil . 2019. Discord 'Spidey Bot' Malware Is Stealing Usernames , Passwords. https:\/\/www.tomsguide.com\/news\/discord-spidey-bot-malware-is-stealing-usernames-passwords. [Online ; last accessed 18- January - 2021 ]. Paul Wagenseil. 2019. Discord 'Spidey Bot' Malware Is Stealing Usernames, Passwords. https:\/\/www.tomsguide.com\/news\/discord-spidey-bot-malware-is-stealing-usernames-passwords. [Online; last accessed 18-January-2021]."},{"key":"e_1_3_2_2_55_1","volume-title":"Quantitative Security Risk Assessment of Android Permissions and Applications","author":"Wang Yang","unstructured":"Yang Wang , Jun Zheng , Chen Sun , and Srinivas Mukkamala . 2013. Quantitative Security Risk Assessment of Android Permissions and Applications . In Data and Applications Security and Privacy XXVII, Lingyu Wang and Basit Shafiq (Eds.). Springer Berlin Heidelberg , Berlin, Heidelberg , 226--241. Yang Wang, Jun Zheng, Chen Sun, and Srinivas Mukkamala. 2013. Quantitative Security Risk Assessment of Android Permissions and Applications. In Data and Applications Security and Privacy XXVII, Lingyu Wang and Basit Shafiq (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 226--241."}],"event":{"name":"IMC '22: ACM Internet Measurement Conference","location":"Nice France","acronym":"IMC '22","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication","USENIX Assoc USENIX Assoc"]},"container-title":["Proceedings of the 22nd ACM Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3517745.3561433","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3517745.3561433","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3517745.3561433","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:16Z","timestamp":1750182556000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3517745.3561433"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,25]]},"references-count":55,"alternative-id":["10.1145\/3517745.3561433","10.1145\/3517745"],"URL":"https:\/\/doi.org\/10.1145\/3517745.3561433","relation":{},"subject":[],"published":{"date-parts":[[2022,10,25]]},"assertion":[{"value":"2022-10-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}