{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T14:44:18Z","timestamp":1775745858787,"version":"3.50.1"},"reference-count":85,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2023,3,13]],"date-time":"2023-03-13T00:00:00Z","timestamp":1678665600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2023,5,31]]},"abstract":"<jats:p>The integrity of the content a user is exposed to when browsing the web relies on a plethora of non-web technologies and an infrastructure of interdependent hosts, communication technologies, and trust relations. Incidents like the Chinese Great Cannon or the MyEtherWallet attack make it painfully clear: the security of end users hinges on the security of the surrounding infrastructure: routing, DNS, content delivery, and the PKI. There are many competing, but isolated proposals to increase security, from the network up to the application layer. So far, researchers have focused on analyzing attacks and defenses on specific layers. We still lack an evaluation of how, given the status quo of the web, these proposals can be combined, how effective they are, and at what cost the increase of security comes. In this work, we propose a graph-based analysis based on Stackelberg planning that considers a rich attacker model and a multitude of proposals from IPsec to DNSSEC and SRI. Our threat model considers the security of billions of users against attackers ranging from small hacker groups to nation-state actors. Analyzing the infrastructure of the Top 5k Alexa domains, we discover that the security mechanisms currently deployed are ineffective and that some infrastructure providers have a comparable threat potential to nations. We find a considerable increase of security (up to 13% protected web visits) is possible at a relatively modest cost, due to the effectiveness of mitigations at the application and transport layer, which dominate expensive infrastructure enhancements such as DNSSEC and IPsec.<\/jats:p>","DOI":"10.1145\/3567595","type":"journal-article","created":{"date-parts":[[2022,10,13]],"date-time":"2022-10-13T12:58:59Z","timestamp":1665665939000},"page":"1-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Pareto-optimal Defenses for the Web Infrastructure: Theory and Practice"],"prefix":"10.1145","volume":"26","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8713-8197","authenticated-orcid":false,"given":"Giorgio","family":"Di Tizio","sequence":"first","affiliation":[{"name":"University of Trento, Trento, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1022-2179","authenticated-orcid":false,"given":"Patrick","family":"Speicher","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Stuhlsatzenhaus, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8389-633X","authenticated-orcid":false,"given":"Milivoj","family":"Simeonovski","sequence":"additional","affiliation":[{"name":"Independent researcher"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7130-9211","authenticated-orcid":false,"given":"Michael","family":"Backes","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Stuhlsatzenhaus, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9659-0700","authenticated-orcid":false,"given":"Ben","family":"Stock","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Stuhlsatzenhaus, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0822-9283","authenticated-orcid":false,"given":"Robert","family":"K\u00fcnnemann","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Stuhlsatzenhaus, Saarbr\u00fccken, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,3,13]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"K. Afifi-Sabet. 2021. Google is Shifting YouTube Infrastructure to Google Cloud. Retrieved 7 November 2022 from https:\/\/www.itpro.co.uk\/cloud\/cloud-computing\/359785\/google-is-shifting-youtube-infrastructure-to-google-cloud."},{"key":"e_1_3_3_3_2","volume-title":"Proceedings of the 4th FOCI","year":"2014","unstructured":"Anonymous. 2014. Towards a comprehensive picture of the great firewall\u2019s DNS censorship. In Proceedings of the 4th FOCI."},{"key":"e_1_3_3_4_2","unstructured":"APNIC. 2014. DNSSEC Validation Rate by Country. Retrieved September 1 2021 from https:\/\/stats.labs.apnic.net\/dnssec."},{"key":"e_1_3_3_5_2","volume-title":"Content Security Policy 1.0","author":"Barth A.","year":"2015","unstructured":"A. Barth and B. Sterne. 2015. Content Security Policy 1.0. Technical Report. W3C. Retrieved from http:\/\/www.w3.org\/TR\/2015\/NOTE-CSP1-20150219\/."},{"key":"e_1_3_3_6_2","unstructured":"Chromium Blog. 2021. A Safer Default for Navigation: HTTPS. Retrieved 7 November 2022 from https:\/\/blog.chromium.org\/2021\/03\/a-safer-default-for-navigation-https.html."},{"key":"e_1_3_3_7_2","unstructured":"Mozilla Security Blog. 2021. Firefox 91 Introduces HTTPS by Default in Private Browsing. Retrieved 7 November 2022 from https:\/\/blog.mozilla.org\/security\/2021\/08\/10\/firefox-91-introduces-https-by-default-in-private-browsing\/."},{"key":"e_1_3_3_8_2","unstructured":"M. Chapple. 2017. How Expensive are IPsec VPN Setup Costs?Retrieved June 1 2021 from http:\/\/searchsecurity.techtarget.com\/answer\/How-expensive-are-IPsec-VPN-setup-costs."},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1609\/icaps.v30i1.6648"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSF51468.2021.00039"},{"key":"e_1_3_3_11_2","unstructured":"Deloitte. 2014. Deloitte Contractor Site Hourly Rates. Retrieved October 30 2018 from https:\/\/www2.deloitte.com\/content\/dam\/Deloitte\/us\/Documents\/public-sector\/us-fed-contractor-site-hourly-rates-10172014.pdf."},{"key":"e_1_3_3_12_2","unstructured":"DOJ. 2021. Four Chinese Nationals Working with the Ministry of State Security Charged with Global Computer Intrusion Campaign Targeting Intellectual Property and Confidential Business Information Including Infectious Disease Research. Retrieved 7 November 2022 from https:\/\/www.justice.gov\/opa\/pr\/four-chinese-nationals-working-ministry-state-security-charged-global-computer-intrusion."},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.1145\/3139293"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380092"},{"key":"e_1_3_3_15_2","volume-title":"Proceedings of the Formal Aspects in Security and Trust","author":"Kordy B.","year":"2010","unstructured":"B. Kordy, S. Mauw, S. Radomirovic, and P. Schweitzer. 2010. Foundations of Attack-Defense Trees. In Proceedings of the Formal Aspects in Security and Trust."},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40196-1_15"},{"key":"e_1_3_3_17_2","first-page":"27","article-title":"Certificate Transparency","author":"Laurie B.","year":"2013","unstructured":"B. Laurie, A. Langley, and E. Kasper. 2013. Certificate Transparency. RFC 6962 (Experimental), 27 pages.","journal-title":"RFC 6962 (Experimental)"},{"key":"e_1_3_3_18_2","volume-title":"Proceedings of the 5th FOCI","author":"Marczak B.","year":"2015","unstructured":"B. Marczak, N. Weaver, J. Dalek, R. Ensafi, D. Fifield, S. McKune, A. Rey, J. Scott-Railton, R. Deibert, and V. Paxson. 2015. An Analysis of China\u2019s \u201cGreat Cannon\u201d. In Proceedings of the 5th FOCI."},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813707"},{"key":"e_1_3_3_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/CloudNet.2016.25"},{"key":"e_1_3_3_21_2","volume-title":"Proceedings of the 24th USENIX Security","author":"Silver D.","year":"2014","unstructured":"D. Silver, S. Jana, D. Boneh, E. Y. Chen, and C. Jackson. 2014. Password managers: Attacks and defenses. In Proceedings of the 24th USENIX Security."},{"key":"e_1_3_3_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/2398776.2398803"},{"key":"e_1_3_3_23_2","article-title":"Reducing the X. 509 attack surface with DNSSEC\u2019s DANE","volume":"12","author":"Osterweil E.","year":"2012","unstructured":"E. Osterweil, B. Kaliski, M. Larson, D. McPherson. 2012. Reducing the X. 509 attack surface with DNSSEC\u2019s DANE. Securing and Trusting Internet Names, SATIN 12 (2012).","journal-title":"Securing and Trusting Internet Names, SATIN"},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/2699907"},{"key":"e_1_3_3_25_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243840"},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11280-009-0064-6"},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489247"},{"key":"e_1_3_3_28_2","first-page":"46","article-title":"HTTP Strict Transport Security (HSTS)","author":"Hodges J.","year":"2012","unstructured":"J. Hodges, C. Jackson, and A. Barth. 2012. HTTP Strict Transport Security (HSTS). RFC 6797 (Proposed Standard), 46 pages.","journal-title":"RFC 6797 (Proposed Standard)"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.1145\/637201.637232"},{"key":"e_1_3_3_30_2","volume-title":"Subresource Integrity","author":"Weinberger J.","year":"2016","unstructured":"J. Weinberger, D. Akhawe, F. Braun, and F. Marier. 2016. Subresource Integrity. Technical Report. W3C. Retrieved from http:\/\/www.w3.org\/TR\/2016\/REC-SRI-20160623\/."},{"key":"e_1_3_3_31_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-25594-1_13"},{"key":"e_1_3_3_32_2","volume-title":"Proceedings of the 24th IJCAI Conference","author":"Durkota K.","year":"2015","unstructured":"K. Durkota, V. Lis\u00fd, B. Bosansk\u00fd, and C. Kiekintveld. 2015. Optimal network security hardening using attack graph games. In Proceedings of the 24th IJCAI Conference."},{"key":"e_1_3_3_33_2","doi-asserted-by":"publisher","DOI":"10.1109\/MIS.2016.74"},{"key":"e_1_3_3_34_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2009.2034031"},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978363"},{"key":"e_1_3_3_36_2","volume-title":"Automated Planning: Theory and Practice","author":"Ghallab M.","year":"2004","unstructured":"M. Ghallab, D. S. Nau, and P. Traverso. 2004. Automated Planning: Theory and Practice. Morgan Kaufmann."},{"key":"e_1_3_3_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3038912.3052587"},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23009"},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24028"},{"key":"e_1_3_3_40_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_11"},{"key":"e_1_3_3_41_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSF51468.2021.00003"},{"key":"e_1_3_3_42_2","article-title":"DNS Certification Authority Authorization (CAA) Resource Record","author":"Hallam-Backer P.","year":"2019","unstructured":"P. Hallam-Backer, R. Stradling, and J. Hoffman-Andrews. 2019. DNS Certification Authority Authorization (CAA) Resource Record. RFC 8659.","journal-title":"RFC 8659"},{"key":"e_1_3_3_43_2","volume-title":"Proceedings of the 3rd IEEE EuroSP","author":"Speicher P.","year":"2018","unstructured":"P. Speicher, M. Steinmetz, R. K\u00fcnnemann, M. Simeonovski, G. Pellegrino, J. Hoffmann, and M. Backes. 2018. Formally reasoning about the cost and efficacy of securing the e-mail infrastructure. In Proceedings of the 3rd IEEE EuroSP."},{"key":"e_1_3_3_44_2","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v32i1.12090"},{"key":"e_1_3_3_45_2","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586140"},{"key":"e_1_3_3_46_2","first-page":"21","article-title":"DNS Security Introduction and Requirements","author":"Arends R.","year":"2005","unstructured":"R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. 2005. DNS Security Introduction and Requirements. RFC 4033 (Proposed Standard), 21 pages.","journal-title":"RFC 4033 (Proposed Standard)"},{"key":"e_1_3_3_47_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243858"},{"key":"e_1_3_3_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2009.2020798"},{"key":"e_1_3_3_49_2","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978338"},{"key":"e_1_3_3_50_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.39"},{"key":"e_1_3_3_51_2","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-24230-9_9"},{"key":"e_1_3_3_52_2","doi-asserted-by":"publisher","DOI":"10.1109\/CATCH.2009.19"},{"key":"e_1_3_3_53_2","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484780"},{"key":"e_1_3_3_54_2","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772784"},{"key":"e_1_3_3_55_2","volume-title":"Proceedings of the 26th USENIX Security","author":"Chung T.","year":"2017","unstructured":"T. Chung, R. van Rijswijk-Deij, B. Chandrasekaran, D. R. Choffnes, D. Levin, B. M. Maggs, A. Mislove, C. Wilson, T. Chung, R. van Rijswijk-Deij, et\u00a0al. 2017. A longitudinal, end-to-end view of the DNSSEC ecosystem. In Proceedings of the 26th USENIX Security."},{"key":"e_1_3_3_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380203"},{"key":"e_1_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23386"},{"key":"e_1_3_3_58_2","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423626"},{"key":"e_1_3_3_59_2","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180446"},{"key":"e_1_3_3_60_2","volume-title":"Proceedings of the Workshop on Intelligent Security","author":"Ghosh N.","year":"2009","unstructured":"N. Ghosh and S. K. Ghosh. 2009. An intelligent technique for generating minimal attack graph. In Proceedings of the Workshop on Intelligent Security."},{"key":"e_1_3_3_61_2","doi-asserted-by":"publisher","DOI":"10.1145\/2659899"},{"key":"e_1_3_3_62_2","first-page":"37","article-title":"The DNS-based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA","author":"Hoffman P.","year":"2012","unstructured":"P. Hoffman and J. Schlyter. 2012. The DNS-based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. RFC 6698 (Proposed Standard), 37 pages.","journal-title":"RFC 6698 (Proposed Standard)"},{"key":"e_1_3_3_63_2","first-page":"13","article-title":"Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP)","author":"Housley R.","year":"2005","unstructured":"R. Housley. 2005. Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP). RFC 4309 (Proposed Standard). 13 pages.","journal-title":"RFC 4309 (Proposed Standard)"},{"key":"e_1_3_3_64_2","unstructured":"ICANN. 2021. TLD DNSSEC Report. Retrieved August 1 2021 from http:\/\/stats.research.icann.org\/dns\/tld_report\/."},{"key":"e_1_3_3_65_2","unstructured":"Joshua Mervine Justin Dorfman. 2016. How to Implement SRI in Your Build Process. Retrieved March 1 2021 from https:\/\/hacks.mozilla.org\/2016\/04\/how-to-implement-sri-into-your-build-process."},{"key":"e_1_3_3_66_2","volume-title":"Proceedings of the 14th AAMAS Conference","author":"Durkota K.","year":"2015","unstructured":"K. Durkota, V. Lis\u00fd, C. Kiekintveld, and B. Bosansk\u00fd. 2015. Game-theoretic algorithms for optimal network security hardening using attack graphs. In Proceedings of the 14th AAMAS Conference."},{"key":"e_1_3_3_67_2","first-page":"101","article-title":"Security Architecture for the Internet Protocol","author":"Kent S.","year":"2005","unstructured":"S. Kent and K. Seo. 2005. Security Architecture for the Internet Protocol. RFC 4301 (Proposed Standard). 101 pages.","journal-title":"RFC 4301 (Proposed Standard)"},{"key":"e_1_3_3_68_2","unstructured":"MaxMind. 2017. IP Geolocation and Online Fraud Prevention. Retrieved 7 November 2022 from http:\/\/dev.maxmind.com\/."},{"key":"e_1_3_3_69_2","unstructured":"MDN. 2021. Certificate Transparency. Accessed: Retrieved July 23 2021 from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Security\/Certificate_Transparency."},{"key":"e_1_3_3_70_2","unstructured":"European Network and Information Security Agency. 2009. Study of the Cost of DNSSEC Deployment. Retrieved 7 November 2022 from https:\/\/www.enisa.europa.eu\/publications\/archive\/dnsseccosts."},{"key":"e_1_3_3_71_2","volume-title":"Proceedings of the 29th USENIX Security","author":"Oesch S.","year":"2020","unstructured":"S. Oesch and S. Ruoti. 2020. That was then, this is now: A security evaluation of password generation, storage, and autofill in browser-based password managers. In Proceedings of the 29th USENIX Security."},{"key":"e_1_3_3_72_2","doi-asserted-by":"publisher","DOI":"10.1145\/310889.310919"},{"key":"e_1_3_3_73_2","volume-title":"Proceedings of the New Security Paradigms Workshop","author":"Phillips C.","year":"1998","unstructured":"C. Phillips and L. P. Swiler. 1998. A graph-based system for network-vulnerability analysis. In Proceedings of the New Security Paradigms Workshop."},{"key":"e_1_3_3_74_2","unstructured":"Python. 2020. tldextract 3.1.0. Retrieved 7 November 2022 from https:\/\/pypi.org\/project\/tldextract\/."},{"key":"e_1_3_3_75_2","first-page":"7","article-title":"HTTP Over TLS","author":"Rescorla E.","year":"2000","unstructured":"E. Rescorla. 2000. HTTP Over TLS. RFC 2818 (Informational), 7 pages.","journal-title":"RFC 2818 (Informational)"},{"key":"e_1_3_3_76_2","unstructured":"RIPE Atlas. 2018. Internet Data Collection System. Retrieved 7 November 2022 from https:\/\/atlas.ripe.net\/."},{"key":"e_1_3_3_77_2","unstructured":"RIPE Stat. 2017. Information about Specific IP Addresses and Prefixes. Retrieved 7 November 2022 from https:\/\/stat.ripe.net\/."},{"issue":"12","key":"e_1_3_3_78_2","first-page":"21","article-title":"Attack trees","volume":"24","author":"Schneier B.","year":"1999","unstructured":"B. Schneier. 1999. Attack trees. Dr. Dobb\u2019s Journal 24, 12 (1999), 21\u201329.","journal-title":"Dr. Dobb\u2019s Journal"},{"key":"e_1_3_3_79_2","unstructured":"Statcounter. 2009. Desktop Browser Market Share Worldwide. Retrieved July 23 2021 from http:\/\/gs.statcounter.com\/browser-market-share\/desktop\/worldwide."},{"key":"e_1_3_3_80_2","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590336"},{"key":"e_1_3_3_81_2","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511973031"},{"key":"e_1_3_3_82_2","unstructured":"MyEtherWallet #teamMEW. 2018. A MESSAGE TO OUR COMMUNITY - a Response to the DNS HACK of April 24th 2018. Retrieved 7 November 2022 from https:\/\/medium.com\/@myetherwallet\/a-message-to-our-community-a-response-to- the-dns-hack-of-april-24th-2018-26cfe491d31c."},{"key":"e_1_3_3_83_2","volume-title":"Proceedings of the New Security Paradigms Workshop","author":"Templeton S. J.","year":"2000","unstructured":"S. J. Templeton and K. E. Levitt. 2000. A requires\/provides model for computer attacks. In Proceedings of the New Security Paradigms Workshop."},{"key":"e_1_3_3_84_2","volume-title":"Drive-by Download Attacks as a Stackelberg Planning Problem","author":"Di Tizio G.","year":"2018","unstructured":"G. Di Tizio. 2018. Drive-by Download Attacks as a Stackelberg Planning Problem. Master\u2019s Thesis. University of Trento."},{"key":"e_1_3_3_85_2","unstructured":"B. Toews. 2015. Subresource Integrity. Retrieved 7 November 2022 from https:\/\/githubengineering.com\/subresource-integrity\/."},{"key":"e_1_3_3_86_2","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v35i13.17425"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3567595","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3567595","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:51:12Z","timestamp":1750182672000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3567595"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,13]]},"references-count":85,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2023,5,31]]}},"alternative-id":["10.1145\/3567595"],"URL":"https:\/\/doi.org\/10.1145\/3567595","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,3,13]]},"assertion":[{"value":"2022-03-03","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-09-26","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-03-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}