{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T16:29:41Z","timestamp":1758126581072,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,8,23]],"date-time":"2022-08-23T00:00:00Z","timestamp":1661212800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100010661","name":"Horizon 2020 Framework Programme","doi-asserted-by":"publisher","award":["833418"],"award-info":[{"award-number":["833418"]}],"id":[{"id":"10.13039\/100010661","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,8,23]]},"DOI":"10.1145\/3538969.3538997","type":"proceedings-article","created":{"date-parts":[[2022,8,17]],"date-time":"2022-08-17T23:41:40Z","timestamp":1660779700000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Dating Phish: An Analysis of the Life Cycles of Phishing Attacks and Campaigns"],"prefix":"10.1145","author":[{"given":"Vincent","family":"Drury","sequence":"first","affiliation":[{"name":"RWTH Aachen University, Germany"}]},{"given":"Luisa","family":"Lux","sequence":"additional","affiliation":[{"name":"RWTH Aachen University, Germany"}]},{"given":"Ulrike","family":"Meyer","sequence":"additional","affiliation":[{"name":"RWTH Aachen University, Germany"}]}],"member":"320","published-online":{"date-parts":[[2022,8,23]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"N. Banu and M. Banu. 2013. A comprehensive study of phishing attacks. (2013)."},{"key":"e_1_3_2_1_2_1","unstructured":"S. Bell K. Paterson and L. Cavallaro. 2019. Catch Me (On Time) If You Can: Understanding the Effectiveness of Twitter URL Blacklists. arXiv:1912.02520 (2019)."},{"key":"e_1_3_2_1_3_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Bijmans H.","year":"2021","unstructured":"H. Bijmans, T. Booij, A. Schwedersky, A. Nedgabat, and R. van Wegberg. 2021. Catching Phishers By Their Bait: Investigating the Dutch Phishing Landscape through Phishing Kit Detection. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3757\u20133774."},{"key":"e_1_3_2_1_4_1","unstructured":"I. Biju C. Raymond and M.J. Seibu. 2014. Analysis of Phishing Attacks and Countermeasures. arXiv:1410.467 (2014)."},{"key":"e_1_3_2_1_5_1","volume-title":"Phishing Attacks: Detection And Prevention. arXiv:2004.01556","author":"Birlea M.C.","year":"2020","unstructured":"M.C. Birlea. 2020. Phishing Attacks: Detection And Prevention. arXiv:2004.01556 (2020)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3038912.3052654"},{"key":"e_1_3_2_1_7_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"De\u00a0Silva Ravindu","year":"2021","unstructured":"Ravindu De\u00a0Silva, Mohamed Nabeel, Charith Elvitigala, Issa Khalil, Ting Yu, and Chamath Keppitiyagama. 2021. Compromised or {Attacker-Owned}: A Large Scale Classification and Study of Hosting Domains of Malicious {URLs}. In 30th USENIX Security Symposium (USENIX Security 21). 3721\u20133738."},{"volume-title":"Phishing Trends. In Proceedings of the 2009 First International Conference on Networks & Communications (NETCOM \u201909)","author":"Dhinakaran C.","key":"e_1_3_2_1_8_1","unstructured":"C. Dhinakaran, J.\u00a0K. Lee, and D. Nagamalai. 2009. \u201dReminder: please update your details\u201d: Phishing Trends. In Proceedings of the 2009 First International Conference on Networks & Communications (NETCOM \u201909). IEEE, 295\u2013300."},{"volume-title":"Automatic Identification of Replicated Criminal Websites Using Combined Clustering. In 2014 IEEE Security and Privacy Workshops. IEEE, 116\u2013123","author":"Drew J.","key":"e_1_3_2_1_9_1","unstructured":"J. Drew and T. Moore. 2014. Automatic Identification of Replicated Criminal Websites Using Combined Clustering. In 2014 IEEE Security and Privacy Workshops. IEEE, 116\u2013123."},{"volume-title":"Proceedings of the 2015 IEEE International Conference on Big Data (Big Data \u201915)","author":"Fang L.","key":"e_1_3_2_1_10_1","unstructured":"L. Fang, W. Bailing, H. Junheng, S. Yushan, and W. Yuliang. 2015. A proactive discovery and filtering solution on phishing websites. In Proceedings of the 2015 IEEE International Conference on Big Data (Big Data \u201915). IEEE, 2348\u20132355."},{"key":"e_1_3_2_1_11_1","volume-title":"Phishing trends report 4rd quarter","author":"Anti-Phishing\u00a0Working Group","year":"2021","unstructured":"Anti-Phishing\u00a0Working Group. 2021. Phishing trends report 4rd quarter 2021. APWG (2021)."},{"volume-title":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS \u201916)","author":"Han X.","key":"e_1_3_2_1_12_1","unstructured":"X. Han, N. Kheir, and D. Balzarotti. 2016. PhishEye: Live Monitoring of Sandboxed Phishing Kits. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS \u201916). ACM, 1402\u20131413."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2063176.2063197"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2010.5560168"},{"volume-title":"Spam and phishing in Q3","year":"2021","key":"e_1_3_2_1_15_1","unstructured":"Kaspersky. 2021. Spam and phishing in Q3 2021. Technical Report. Kaspersky. https:\/\/securelist.com\/spam-and-phishing-in-q3-2021\/"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"R. Layton and P. Watters. 2009. Determining provenance in phishing websites using automated conceptual analysis. In 2009 eCrime Researchers Summit. IEEE 1\u20137.","DOI":"10.1109\/ECRIME.2009.5342614"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"R. Layton P. Watters and R. Dazeley. 2010. Automatically determining phishing campaigns using the USCAP methodology. In 2010 eCrime Researchers Summit. IEEE 1 \u2013 8.","DOI":"10.1109\/ecrime.2010.5706698"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"L. Ma J. Yearwood and P. Watters. 2009. Establishing phishing provenance using orthographic features. In 2009 eCrime Researchers Summit. IEEE 1\u201310.","DOI":"10.1109\/ECRIME.2009.5342604"},{"volume-title":"Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET\u201908)","author":"McGrath K.","key":"e_1_3_2_1_19_1","unstructured":"D.\u00a0K. McGrath and M. Gupta. 2008. Behind Phishing: An Examination of Phisher Modi Operandi. In Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET\u201908). USENIX Association, 1\u20138."},{"volume-title":"Proceedings of the 2nd USENIX Conference on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More (LEET\u201909)","author":"Moore T.","key":"e_1_3_2_1_20_1","unstructured":"T. Moore, R. Clayton, and H. Stern. 2009. Temporal Correlations between Spam and Phishing Websites. In Proceedings of the 2nd USENIX Conference on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More (LEET\u201909). USENIX Association, 1\u20138."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00049"},{"volume-title":"Proceedings of the 29th USENIX Security Symposium. USENIX Association, 361\u2013377","author":"Oest A.","key":"e_1_3_2_1_22_1","unstructured":"A. Oest, P. Zhang, B. Wardman, E. Nunes, J. Burgis, A. Zand, K. Thomas, A. Doup\u00e9, and G. Ahn. 2020. Sunrise to Sunset: Analyzing the End-to-end Life Cycle and Effectiveness of Phishing Attacks at Scale. In Proceedings of the 29th USENIX Security Symposium. USENIX Association, 361\u2013377."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-19274-7_20"},{"volume-title":"Discovering HTTPSified Phishing Websites Using the TLS Certificates Footprints. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). IEEE, 522\u2013531","author":"Sakurai Y.","key":"e_1_3_2_1_24_1","unstructured":"Y. Sakurai, T. Watanabe, T. Okuda, M. Akiyama, and T. Mori. 2020. Discovering HTTPSified Phishing Websites Using the TLS Certificates Footprints. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). IEEE, 522\u2013531."},{"key":"e_1_3_2_1_25_1","volume-title":"CEAS 2009 - Sixth Conference on Email and Anti-Spam.","author":"Sheng Steve","year":"2009","unstructured":"Steve Sheng, Brad Wardman, Gary Warner, Lorrie Cranor, Jason Hong, and Chengshan Zhang. 2009. An empirical analysis of phishing blacklists. In CEAS 2009 - Sixth Conference on Email and Anti-Spam."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/SAINT.2010.20"},{"volume-title":"Proceedings of IEEE International Conference on Communications (ICC \u201909)","author":"Xu K.","key":"e_1_3_2_1_27_1","unstructured":"K. Xu, M. Kliger, Y. Chen, P. Woolf, and A. Hero. 2009. Revealing Social Networks of Spammers Through Spectral Clustering. In Proceedings of IEEE International Conference on Communications (ICC \u201909). IEEE, 1\u20136."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"S. Zawoad A.\u00a0K. Dutta A. Sprague R. Hasan J. Britt and G. Warner. 2013. Phish-Net: Investigating phish clusters using drop email addresses. In 2013 eCrime Researchers Summit. IEEE 1\u201313.","DOI":"10.1109\/eCRS.2013.6805777"}],"event":{"name":"ARES 2022: The 17th International Conference on Availability, Reliability and Security","acronym":"ARES 2022","location":"Vienna Austria"},"container-title":["Proceedings of the 17th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3538969.3538997","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3538969.3538997","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:40Z","timestamp":1750183780000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3538969.3538997"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,8,23]]},"references-count":28,"alternative-id":["10.1145\/3538969.3538997","10.1145\/3538969"],"URL":"https:\/\/doi.org\/10.1145\/3538969.3538997","relation":{},"subject":[],"published":{"date-parts":[[2022,8,23]]},"assertion":[{"value":"2022-08-23","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}