{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T17:41:40Z","timestamp":1772905300677,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":53,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,5,13]],"date-time":"2024-05-13T00:00:00Z","timestamp":1715558400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100006374","name":"National Research Foundation of Korea","doi-asserted-by":"publisher","award":["NRF-2021R1A6A1A13044830"],"award-info":[{"award-number":["NRF-2021R1A6A1A13044830"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Institute of Information and communications Technology Planning and Evaluation","award":["No.2022-0-00411, IITP-2024-2020-0-01819, IITP-2023-2021-0-01810"],"award-info":[{"award-number":["No.2022-0-00411, IITP-2024-2020-0-01819, IITP-2023-2021-0-01810"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,5,13]]},"DOI":"10.1145\/3589334.3645708","type":"proceedings-article","created":{"date-parts":[[2024,5,8]],"date-time":"2024-05-08T07:08:13Z","timestamp":1715152093000},"page":"1923-1932","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["PhishinWebView: Analysis of Anti-Phishing Entities in Mobile Apps with WebView Targeted Phishing"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-6450-2929","authenticated-orcid":false,"given":"Yoonjung","family":"Choi","sequence":"first","affiliation":[{"name":"Korea University, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9984-6879","authenticated-orcid":false,"given":"Woonghee","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea University, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4823-4194","authenticated-orcid":false,"given":"Junbeom","family":"Hur","sequence":"additional","affiliation":[{"name":"Korea University, Seoul, Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,5,13]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"1999. GoDaddy. https:\/\/www.godaddy.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_2_1","unstructured":"1999. Naver. https:\/\/www.naver.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_3_1","unstructured":"2002. DOTHOME - Hosting is DOTHOME. https:\/\/www.dothome.co.kr\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_4_1","unstructured":"2004. Facebook. https:\/\/www.facebook.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_5_1","unstructured":"2005. Google Safe Browsing. safebrowsing.google.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_6_1","unstructured":"2006. PhishTank - Join the fight against phishing. https:\/\/phishtank.org\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_7_1","unstructured":"2010. Instagram. https:\/\/www.instagram.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_8_1","unstructured":"2010. KakaoTalk where people and the world come to get connected. https: \/\/www.kakaocorp.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_9_1","unstructured":"2011. LINE - We are always with users. https:\/\/line.me\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_10_1","unstructured":"2011. Messenger. https:\/\/www.messenger.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_11_1","unstructured":"2011. WeChat. https:\/\/www.wechat.com\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_12_1","unstructured":"2012. Appium. https:\/\/appium.io\/docs\/en\/2.1\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_13_1","unstructured":"2012. Zalo. https:\/\/zalo.me\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_14_1","unstructured":"2017. Whale Safe Browsing. https:\/\/whale.naver.com\/ko\/details\/security\/ (Accessed: 10.2.2023)."},{"key":"e_1_3_2_2_15_1","unstructured":"2019. Better password protections in Chrome. https:\/\/blog.google\/products\/ chrome\/better-password-protections\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_16_1","unstructured":"2019. Microsoft Defender SmartScreen. https:\/\/learn.microsoft.com\/enus\/ windows\/security\/operating-system-security\/virus-and-threatprotection\/ microsoft-defender-smartscreen\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_17_1","unstructured":"2019. Tuesday briefing: Apple says its Tencent-powered Safe Browsing system isn't sending URLs back to China. https:\/\/www.wired.co.uk\/article\/wired-awake- 151019 (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_18_1","unstructured":"2021. Overview | Safe Browsing APIs (v4). https:\/\/developers.google.com\/safebrowsing\/ v4 (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_19_1","unstructured":"2021. Whale Safe Browsing Data. https:\/\/deview.kr\/data\/deview\/session\/attach\/ 3_%EC%9B%A8%EC%9D%BC%20%ED%94%BC%EC%8B%B1%EA%B3%BC%20% EC%A0%84%EC%9F%81%20%EC%A4%91.pdf (Accessed: 10.2.2023)."},{"key":"e_1_3_2_2_20_1","volume-title":"2022 APWG report Phishing attack","year":"2022","unstructured":"2022. 2022 APWG report Phishing attack in 2022. https:\/\/docs.apwg.org\/reports\/ apwg_trends_report_q4_2022.pdf (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_21_1","unstructured":"2022. Exclusive: How A Hacker Used Social Engineering To Target A Newslaundry Journalist On Instagram And What Happened After. https:\/\/ www.medianama.com\/2022\/03\/223-nidhi-suresh-twitter-instagram-hack\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_22_1","unstructured":"2022. Messenger Phishing Financial Lost. https:\/\/news.mt.co.kr\/mtview.php?no= 2022020912104621627 (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_23_1","volume-title":"The ranking of the most used mobile apps by Koreans","year":"2022","unstructured":"2022. The ranking of the most used mobile apps by Koreans in 2022. https: \/\/platum.kr\/archives\/199255 (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_24_1","unstructured":"2023. Appium driver for Android UIAutomator2. https:\/\/github.com\/appium\/ appium-uiautomator2-driver (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_25_1","unstructured":"2023. Facebook Help Center. https:\/\/www.facebook.com\/help\/713015355575644 (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_26_1","unstructured":"2023. Google Safe Browsing Report. https:\/\/safebrowsing.google.com\/ safebrowsing\/report_phish\/?hl=ko (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_27_1","volume-title":"Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2","year":"2023","unstructured":"2023. Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023. https:\/\/www.checkpoint.com\/press-releases\/microsoft-dominatesas- the-most-impersonated-brand-for-phishing-scams-in-q2--2023\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_28_1","volume-title":"Mobile vs Desktop Usage Statistics for","year":"2024","unstructured":"2023. Mobile vs Desktop Usage Statistics for 2024. https:\/\/research.com\/software\/ mobile-vs-desktop-usage#4 (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_29_1","volume-title":"Most Popular Messaging Apps Worldwide","year":"2023","unstructured":"2023. Most Popular Messaging Apps Worldwide 2023. https: \/\/www.similarweb.com\/blog\/research\/market-research\/worldwide-messagingapps\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_30_1","unstructured":"2023. phishunt.io - Feed of active phishing cases. https:\/\/phishunt.io\/ (Accessed: 10.02.2023)."},{"key":"e_1_3_2_2_31_1","unstructured":"2023. WebView Safe Browsing. https:\/\/developer.android.com\/develop\/ui\/views\/ layout\/webapps\/managing-webview (Accessed: 10.2.2023)."},{"key":"e_1_3_2_2_32_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Acharya Bhupendra","year":"2021","unstructured":"Bhupendra Acharya and Phani Vadrevu. 2021. {PhishPrint}: evading phishing detection crawlers by prior profiling. In 30th USENIX Security Symposium (USENIX Security 21). 3775--3792."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-09484-2_9"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3373017.3373020"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-05149-9_9"},{"key":"e_1_3_2_2_36_1","volume-title":"PEBA: Enhancing User Privacy and Coverage of Safe Browsing Services","author":"Du Yuefeng","year":"2022","unstructured":"Yuefeng Du, Huayi Duan, Lei Xu, Helei Cui, Cong Wang, and Qian Wang. 2022. PEBA: Enhancing User Privacy and Coverage of Safe Browsing Services. IEEE Transactions on Dependable and Secure Computing (2022)."},{"key":"e_1_3_2_2_37_1","volume-title":"Phisherman: Phishing Link Scanner. In International Conference on Machine Learning for Networking. Springer, 153--168","author":"Escoses Christian Angelo A","year":"2022","unstructured":"Christian Angelo A Escoses, Mark Renzo R Magno, Hannah Mae P Balba, Neil C Enriquez, and Marlon A Diloy. 2022. Phisherman: Phishing Link Scanner. In International Conference on Machine Learning for Networking. Springer, 153--168."},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCAA.2016.7813778"},{"key":"e_1_3_2_2_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-17749-1_25"},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.50"},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076781"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00049"},{"key":"e_1_3_2_2_43_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Oest Adam","year":"2020","unstructured":"Adam Oest, Yeganeh Safaei, Penghui Zhang, Brad Wardman, Kevin Tyers, Yan Shoshitaishvili, and Adam Doup\u00e9. 2020. {PhishTime}: Continuous longitudinal measurement of the effectiveness of anti-phishing blacklists. In 29th USENIX Security Symposium (USENIX Security 20). 379--396."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/ECRIME.2018.8376206"},{"key":"e_1_3_2_2_45_1","volume-title":"29th {USENIX} Security Symposium ({USENIX} Security 20).","author":"Oest Adam","unstructured":"Adam Oest, Penghui Zhang, Brad Wardman, Eric Nunes, Jakub Burgis, Ali Zand, Kurt Thomas, Adam Doup\u00e9, and Gail-Joon Ahn. 2020. Sunrise to sunset: Analyzing the end-to-end life cycle and effectiveness of phishing attacks at scale. In 29th {USENIX} Security Symposium ({USENIX} Security 20)."},{"key":"e_1_3_2_2_46_1","unstructured":"Steve Sheng Brad Wardman Gary Warner Lorrie Cranor Jason Hong and Chengshan Zhang. 2009. An empirical analysis of phishing blacklists. (2009)."},{"key":"e_1_3_2_2_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3184558.3188742"},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3517745.3561467"},{"key":"e_1_3_2_2_49_1","volume-title":"d.]","author":"Tejaswi Bhaskar","unstructured":"Bhaskar Tejaswi, Nayanamana Samarasinghe, Sajjad Pourali, Mohammad Mannan, and Amr Youssef. [n. d.]. Leaky Kits: The Increased Risk of Data Exposure from Phishing Kits. ([n. d.])."},{"key":"e_1_3_2_2_50_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Yang Guangliang","year":"2019","unstructured":"Guangliang Yang, Jeff Huang, and Guofei Gu. 2019. {Iframes\/Popups} Are Dangerous in Mobile {WebView}: Studying and Mitigating Differential Context Vulnerabilities. In 28th USENIX Security Symposium (USENIX Security 19). 977-- 994."},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00021"},{"key":"e_1_3_2_2_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3559334"},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471625"}],"event":{"name":"WWW '24: The ACM Web Conference 2024","location":"Singapore Singapore","acronym":"WWW '24","sponsor":["SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"]},"container-title":["Proceedings of the ACM Web Conference 2024"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3589334.3645708","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3589334.3645708","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T00:26:16Z","timestamp":1755822376000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3589334.3645708"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,13]]},"references-count":53,"alternative-id":["10.1145\/3589334.3645708","10.1145\/3589334"],"URL":"https:\/\/doi.org\/10.1145\/3589334.3645708","relation":{},"subject":[],"published":{"date-parts":[[2024,5,13]]},"assertion":[{"value":"2024-05-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}