{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T20:24:10Z","timestamp":1773779050026,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,19]],"date-time":"2023-11-19T00:00:00Z","timestamp":1700352000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,19]]},"DOI":"10.1145\/3689941.3695773","type":"proceedings-article","created":{"date-parts":[[2024,11,19]],"date-time":"2024-11-19T23:23:06Z","timestamp":1732058586000},"page":"1-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Detect Counterfeit Mini-apps: A Case Study on WeChat"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-1530-9787","authenticated-orcid":false,"given":"Xuanfa","family":"Deng","sequence":"first","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-9979-848X","authenticated-orcid":false,"given":"Miao","family":"Zhang","sequence":"additional","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-8867-4761","authenticated-orcid":false,"given":"Xinqi","family":"Dong","sequence":"additional","affiliation":[{"name":"Beijing University of Posts and Telecommunications, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-0269-7710","authenticated-orcid":false,"given":"Xin","family":"Hu","sequence":"additional","affiliation":[{"name":"CVC Certification and Testing Co., Ltd, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2024,11,19]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Pieter Agten Wouter Joosen Frank Piessens and Nick Nikiforakis. 2015. Seven Months? Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse.. In NDSS.","DOI":"10.14722\/ndss.2015.23058"},{"key":"e_1_3_2_1_2_1","unstructured":"Aladdin. [n. d.]. Aladdin Mini-Program Ranking. http:\/\/www.aldzs.com\/. Ac- cessed: 2024-07--19."},{"key":"e_1_3_2_1_3_1","volume-title":"Measuring the Leakage and Exploitability of Authentication Secrets in Super- apps: The WeChat Case. arXiv preprint arXiv:2307.09317","author":"Baskaran Supraja","year":"2023","unstructured":"Supraja Baskaran, Lianying Zhao, Mohammad Mannan, and Amr Youssef. 2023. Measuring the Leakage and Exploitability of Authentication Secrets in Super- apps: The WeChat Case. arXiv preprint arXiv:2307.09317 (2023)."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2956035"},{"key":"e_1_3_2_1_5_1","unstructured":"CNCERT. 2021. 2020 Annual Report on China's Internet Network Secu- rity. https:\/\/www.cert.org.cn\/publish\/main\/46\/2021\/20210721130944504525772\/ 20210721130944504525772_.html. Accessed: 2024-07--19."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3366423.3380243"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134002"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3299945"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417255"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE56229.2023.00151"},{"key":"e_1_3_2_1_11_1","volume-title":"Burp Suite: Application Security Testing Software. https: \/\/portswigger.net\/burp. Accessed: 2024-07--19.","year":"2024","unstructured":"PortSwigger. 2024. Burp Suite: Application Security Testing Software. https: \/\/portswigger.net\/burp. Accessed: 2024-07--19."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313427"},{"key":"e_1_3_2_1_13_1","volume-title":"Pro- ceedings of the 23rd USENIX Conference on Security Symposium (San Diego, CA) (SEC'14)","author":"Szurdi Janos","unstructured":"Janos Szurdi, Balazs Kocso, Gabor Cseh, Jonathan Spring, Mark Felegyhazi, and Chris Kanich. 2014. The long 'Taile' of typosquatting domain names. In Pro- ceedings of the 23rd USENIX Conference on Security Symposium (San Diego, CA) (SEC'14). USENIX Association, USA, 191--206."},{"key":"e_1_3_2_1_14_1","first-page":"12","article-title":"A generation method of word-level adversarial samples for Chinese text classification","volume":"20","author":"Tong Xin","year":"2020","unstructured":"Xin Tong, Luona Wang, Runzheng Wang, and Jingya Wang. 2020. A generation method of word-level adversarial samples for Chinese text classification. Netinfo Secur 20, 09 (2020), 12--16.","journal-title":"Netinfo Secur"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00086"},{"key":"e_1_3_2_1_16_1","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Wang Chao","year":"2023","unstructured":"Chao Wang, Yue Zhang, and Zhiqiang Lin. 2023. One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant {APIs} in {WeChat}. In 32nd USENIX Security Symposium (USENIX Security 23). 6629--6646."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616676"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3634737.3645001"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2771783.2771795"},{"key":"e_1_3_2_1_20_1","unstructured":"Shenao Wang Yuekang Li Kailong Wang Yi Liu Chao Wang Yanjie Zhao Gelei Deng Ling Shi Hui Li Yang Liu et al. 2024. MiniScope: Automated UI Explo- ration and Privacy Inconsistency Detection of MiniApps via Two-phase Iterative Hybrid Analysis. arXiv preprint arXiv:2401.03218 (2024)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3605762.3624435"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510114"},{"key":"e_1_3_2_1_23_1","first-page":"2415","article-title":"Adversarial exam- ples generation approach for tendency classification on Chinese texts","volume":"30","author":"Wang Wenqi","year":"2019","unstructured":"Wenqi Wang, Run Wang, Lina Wang, and Benxiao Tang. 2019. Adversarial exam- ples generation approach for tendency classification on Chinese texts. Journal of Software 30, 8 (2019), 2415--2427.","journal-title":"Journal of Software"},{"key":"e_1_3_2_1_24_1","volume-title":"Do as you say: Consistency detection of data practice in program code and privacy policy in mini-app. arXiv preprint arXiv:2302.13860","author":"Wang Yin","year":"2023","unstructured":"Yin Wang, Ming Fan, Junfeng Liu, Junjie Tao, Wuxia Jin, Qi Xiong, Yuhao Liu, Qinghua Zheng, and Ting Liu. 2023. Do as you say: Consistency detection of data practice in program code and privacy policy in mini-app. arXiv preprint arXiv:2302.13860 (2023)."},{"key":"e_1_3_2_1_25_1","unstructured":"WeChat. 2024. WeChat Mini-Programs Introduction. https:\/\/developers.weixin. qq.com\/miniprogram\/dev\/framework\/quickstart. Accessed: 2024-07--19."},{"key":"e_1_3_2_1_26_1","unstructured":"Wikipedia. 2024. Cybersquatting. https:\/\/en.wikipedia.org\/wiki\/Cybersquatting. Accessed: 2024-07--19."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560597"},{"key":"e_1_3_2_1_28_1","volume-title":"31st USENIX Security Sym- posium (USENIX Security 22). 1597--1613.","author":"Zhang Lei","unstructured":"Lei Zhang, Zhibo Zhang, Ancong Liu, Yinzhi Cao, Xiaohan Zhang, Yanjun Chen, Yuan Zhang, Guangliang Yang, and Min Yang. 2022. Identity confusion in {WebView-based} mobile app-in-app ecosystems. In 31st USENIX Security Sym- posium (USENIX Security 22). 1597--1613."},{"key":"e_1_3_2_1_29_1","volume-title":"Understanding Privacy Over-collection in WeChat Sub-app Ecosystem. arXiv preprint arXiv:2306.08391","author":"Zhang Xiaohan","year":"2023","unstructured":"Xiaohan Zhang, Yang Wang, Xin Zhang, Ziqi Huang, Lei Zhang, and Min Yang. 2023. Understanding Privacy Over-collection in WeChat Sub-app Ecosystem. arXiv preprint arXiv:2306.08391 (2023)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616591"}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Workshop on Secure and Trustworthy Superapps"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689941.3695773","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3689941.3695773","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:17:31Z","timestamp":1750295851000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689941.3695773"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,19]]},"references-count":30,"alternative-id":["10.1145\/3689941.3695773","10.1145\/3689941"],"URL":"https:\/\/doi.org\/10.1145\/3689941.3695773","relation":{},"subject":[],"published":{"date-parts":[[2023,11,19]]},"assertion":[{"value":"2024-11-19","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}