{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:14:58Z","timestamp":1766441698607,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":71,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T00:00:00Z","timestamp":1763769600000},"content-version":"vor","delay-in-days":3,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-23-1-2073"],"award-info":[{"award-number":["N00014-23-1-2073"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["2143689"],"award-info":[{"award-number":["2143689"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["N66001-21-C-4024"],"award-info":[{"award-number":["N66001-21-C-4024"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3744822","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:32:38Z","timestamp":1763854358000},"page":"1305-1319","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Lock the Door But Keep the Window Open: Extracting App-Protected Accessibility Information from Browser-Rendered Websites"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-2049-0133","authenticated-orcid":false,"given":"Haichuan","family":"Xu","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-8541-9981","authenticated-orcid":false,"given":"Runze","family":"Zhang","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0225-5141","authenticated-orcid":false,"given":"Mingxuan","family":"Yao","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-5404-3865","authenticated-orcid":false,"given":"David","family":"Oygenblik","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-3701-9370","authenticated-orcid":false,"given":"Yizhi","family":"Huang","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4387-8780","authenticated-orcid":false,"given":"Jeman","family":"Park","sequence":"additional","affiliation":[{"name":"Kyung Hee University, Seoul, Republic of Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5859-6925","authenticated-orcid":false,"given":"Brendan","family":"Saltaformaggio","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_3_2_1_1_1","DOI":"10.1145\/3372297.3423355"},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 33rd USENIX Security Symposium (Security)","author":"Allen Joey","year":"2024","unstructured":"Joey Allen, Zheng Yang, Feng Xiao, Matthew Landen, Roberto Perdisci, and Wenke Lee. 2024.Webrr: a forensic system for replaying and investigating webbased attacks in the modern web. In Proceedings of the 33rd USENIX Security Symposium (Security). Philadelphia, PA (Aug. 2024)."},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug.","author":"Alrawi Omar","year":"2021","unstructured":"Omar Alrawi, Moses Ike, Matthew Pruett, Ranjita Pai Kasturi, Srimanta Barua, Taleb Hirani, Brennan Hill, and Brendan Saltaformaggio. 2021. Forecasting malware capabilities from cyber attack memory images. In Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug. 2021)."},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the 28th USENIX Security Symposium (Security). Santa Clara, CA (Aug.","author":"Alrawi Omar","year":"2019","unstructured":"Omar Alrawi, Chaoshun Zuo, Ruian Duan, Ranjita Pai Kasturi, Zhiqiang Lin, and Brendan Saltaformaggio. 2019. The betrayal at cloud city: an empirical analysis of cloud-based mobile backends. In Proceedings of the 28th USENIX Security Symposium (Security). Santa Clara, CA (Aug. 2019)."},{"unstructured":"Android. 2025. Accessibilityevent: isaccessibilitydatasensitive(). (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent%5C#isAccessibilityDataSensitive().","key":"e_1_3_2_1_5_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityNodeInfo","year":"2025","unstructured":"Android. 2025. Accessibilitynodeinfo. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityNodeInfo.","key":"e_1_3_2_1_6_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/accessibilityservice\/AccessibilityService","year":"2025","unstructured":"Android. 2025. Accessibilityservice. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/accessibilityservice\/AccessibilityService.","key":"e_1_3_2_1_7_1"},{"unstructured":"Android. 2025. Accessibilityserviceinfo: isaccessibilitytool(). (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/accessibilityservice\/AccessibilityServiceInfo%5C#isAccessibilityTool().","key":"e_1_3_2_1_8_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent","year":"2025","unstructured":"Android. 2025. Accessibiltiyevent. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent.","key":"e_1_3_2_1_9_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer. android.com\/reference\/android\/widget\/EditText","year":"2025","unstructured":"Android. 2025. Edittext. (2025). Retrieved 2025-01-07 from https:\/\/developer. android.com\/reference\/android\/widget\/EditText.","key":"e_1_3_2_1_10_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityNodeInfo%5C#getText()","year":"2025","unstructured":"Android. 2025. Gettext(). (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityNodeInfo%5C#getText().","key":"e_1_3_2_1_11_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/devel oper.android.com\/reference\/android\/view\/accessibility\/AccessibilityNodeInfo%5C#getUniqueId()","year":"2025","unstructured":"Android. 2025. Getuniqueid(). (2025). Retrieved 2025-01-07 from https:\/\/devel oper.android.com\/reference\/android\/view\/accessibility\/AccessibilityNodeInfo%5C#getUniqueId().","key":"e_1_3_2_1_12_1"},{"unstructured":"Android. 2025. Overview of android custom tabs. (2025). Retrieved 2025-01-07 from https:\/\/developer.chrome.com\/docs\/android\/custom-tabs.","key":"e_1_3_2_1_13_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/widget\/TextView%5C#setText(java.lang.CharSequence)","year":"2025","unstructured":"Android. 2025. Settext(java.lang.charsequence). (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/widget\/TextView%5C#setText(java.lang.CharSequence).","key":"e_1_3_2_1_14_1"},{"unstructured":"Android. 2025. Specify the input method type. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/develop\/ui\/views\/touch-and-input\/keyboardinput\/style.","key":"e_1_3_2_1_15_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/widget\/TextView","year":"2025","unstructured":"Android. 2025. Textview. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/widget\/TextView.","key":"e_1_3_2_1_16_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent%5C#TYPE%5C_VIEW%5C_ACCESSIBILITY%5C_FOCUSED","year":"2025","unstructured":"Android. 2025. Type_view_accessibility_focused. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent%5C#TYPE%5C_VIEW%5C_ACCESSIBILITY%5C_FOCUSED.","key":"e_1_3_2_1_17_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent%5C#TYPE%5C_WINDOW%5C_STATE%5C_CHANGED","year":"2025","unstructured":"Android. 2025. Type_window_state_changed. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/accessibility\/AccessibilityEvent%5C#TYPE%5C_WINDOW%5C_STATE%5C_CHANGED.","key":"e_1_3_2_1_18_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/View","year":"2025","unstructured":"Android. 2025. View. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/View.","key":"e_1_3_2_1_19_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/View.AccessibilityDelegate","year":"2025","unstructured":"Android. 2025. View.accessibilitydelegate. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/View.AccessibilityDelegate.","key":"e_1_3_2_1_20_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/ViewGroup","year":"2025","unstructured":"Android. 2025. Viewgroup. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/view\/ViewGroup.","key":"e_1_3_2_1_21_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/webkit\/WebView","year":"2025","unstructured":"Android. 2025. Webview. (2025). Retrieved 2025-01-07 from https:\/\/developer.android.com\/reference\/android\/webkit\/WebView.","key":"e_1_3_2_1_22_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/androzoo.uni.lu\/","year":"2025","unstructured":"Androzoo. 2025. Androzoo. (2025). Retrieved 2025-01-07 from https:\/\/androzoo.uni.lu\/.","key":"e_1_3_2_1_23_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.1145\/3243734.3243778"},{"unstructured":"AppBrain. 2025. Appbrain - everything you need for a successful android app. (2025). Retrieved 2025-01-07 from https:\/\/www.appbrain.com\/.","key":"e_1_3_2_1_25_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/appium.io\/docs\/en\/latest\/","year":"2025","unstructured":"Appium. 2025. Appium. (2025). Retrieved 2025-01-07 from https:\/\/appium.io\/docs\/en\/latest\/.","key":"e_1_3_2_1_26_1"},{"key":"e_1_3_2_1_27_1","volume-title":"Fabr\u00edcio Ceschin, Raphael Machnicki, Marco Antonio Zanata Alves, Paulo L\u00edcio de Geus, and Andr\u00e9 Gr\u00e9gio.","author":"Botacin Marcus","year":"2022","unstructured":"Marcus Botacin, Felipe Duarte Domingues, Fabr\u00edcio Ceschin, Raphael Machnicki, Marco Antonio Zanata Alves, Paulo L\u00edcio de Geus, and Andr\u00e9 Gr\u00e9gio. 2022. Antiviruses under the microscope: a hands-on perspective. Computers and Security, 112 (Jan. 2022), 102500."},{"doi-asserted-by":"crossref","unstructured":"Davide Bove and Anatoli Kalysch. 2019. In pursuit of a secure ui: the cycle of breaking and fixing android's ui. it - Information Technology 61 2--3 (Apr. 2019) 147--156.","key":"e_1_3_2_1_28_1","DOI":"10.1515\/itit-2018-0023"},{"unstructured":"Andrew Buck. 2025. Mobile apps vs mobile websites: why people spend 90% of their time in apps. (2025). Retrieved 2025-01-07 from https:\/\/www.mobiloud.com\/blog\/mobile-apps-vs-mobile-websites.","key":"e_1_3_2_1_29_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_30_1","DOI":"10.1109\/TSE.2021.3108162"},{"unstructured":"CyberGhostVPN. 2025. New google play malware poses major threat to mobile banking. (2025). Retrieved 2025-01-07 from https:\/\/www.cyberghostvpn.com\/ en%5C_US\/privacyhub\/google-play-malware\/.","key":"e_1_3_2_1_31_1"},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID)","author":"Wenrui","year":"2019","unstructured":"Wenrui Diao et al. 2019. Kindness is a risky business: on the usage of the accessibility APIs in android. In Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID). Beijing, China (Sept. 2019)."},{"unstructured":"Alice Boxhall et al. 2025. Accessibility object model. (2025). Retrieved 2025-01-07 from https:\/\/wicg.github.io\/aom\/explainer.html.","key":"e_1_3_2_1_33_1"},{"unstructured":"Threat Fabric. 2022. 2022 mobile threat landscape update. (2022). Retrieved 2025-01-07 from https:\/\/www.threatfabric.com\/blogs\/h1--2022-mobile-threatlandscape.html.","key":"e_1_3_2_1_34_1"},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the 25th USENIX Security Symposium (Security)","author":"Fernandes Earlence","year":"2016","unstructured":"Earlence Fernandes, Justin Paupore, Amir Rahmati, Daniel Simionato, Mauro Conti, and Atul Prakash. 2016. FlowFence: practical data protection for emerging IoT application frameworks. In Proceedings of the 25th USENIX Security Symposium (Security). Austin, TX (Aug. 2016)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_36_1","DOI":"10.1109\/SP.2017.39"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_37_1","DOI":"10.1145\/3460120.3484537"},{"unstructured":"Google. 2025. Google cloud natual language api basics. (2025). Retrieved 2025-01-07 from https:\/\/cloud.google.com\/natural-language\/docs\/basics.","key":"e_1_3_2_1_38_1"},{"unstructured":"Google. 2025. Navigate your device with talkback. (2025). Retrieved 2025-01-07 from https:\/\/support.google.com\/accessibility\/android\/answer\/6006598'sjid.","key":"e_1_3_2_1_39_1"},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium (Security)","author":"Heuser Stephan","year":"2014","unstructured":"Stephan Heuser, Adwait Nadkarni, William Enck, and Ahmad-Reza Sadeghi. 2014. ASM: a programmable interface for extending android security. In Proceedings of the 23rd USENIX Security Symposium (Security). San Diego, CA (Aug. 2014)."},{"key":"e_1_3_2_1_41_1","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug.","author":"Huang Jie","year":"2021","unstructured":"Jie Huang, Michael Backes, and Sven Bugiel. 2021. A11y and privacy don't have to be mutually exclusive: constraining accessibility service misuse on android. In Proceedings of the 30th USENIX Security Symposium (Security). Virtual Conference (Aug. 2021)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_42_1","DOI":"10.1145\/2660267.2660295"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_43_1","DOI":"10.1145\/3289595.3289597"},{"key":"e_1_3_2_1_44_1","volume-title":"Proceedings of Mobile and Ubiquitous Systems: Computing, Networking, and Services (MobiQuitous)","author":"Kraunelis Joshua","year":"2013","unstructured":"Joshua Kraunelis, Yinjie Chen, Zhen Ling, Xinwen Fu, and Wei Zhao. 2013. On malware leveraging the android accessibility framework. In Proceedings of Mobile and Ubiquitous Systems: Computing, Networking, and Services (MobiQuitous). Tokyo, Japan (Dec. 2013)."},{"unstructured":"Ravie Lakshmanan. 2023. Goldoson android malware infects over 100 million google play store downloads. (2023). Retrieved 2025-01-07 from https:\/\/thehackernews.com\/2023\/04\/goldoson-android-malware-infects-over.html.","key":"e_1_3_2_1_45_1"},{"unstructured":"Ravie Lakshmanan. 2022. Teabot android banking malware spreads again through google play store apps. (2022). Retrieved 2025-01-07 from https:\/\/thehackernews.com\/2022\/03\/teabot-android- banking-malware-spreads.html.","key":"e_1_3_2_1_46_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_47_1","DOI":"10.1007\/978-3-030-59817-4_2"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_48_1","DOI":"10.14722\/ndss.2023.24005"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_49_1","DOI":"10.1145\/3551349.3560424"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.mozilla.org\/enUS\/docs\/Web\/Accessibility","year":"2025","unstructured":"Mozilla. 2025. Accessibility. (2025). Retrieved 2025-01-07 from https:\/\/developer.mozilla.org\/enUS\/docs\/Web\/Accessibility.","key":"e_1_3_2_1_50_1"},{"volume-title":"Retrieved 2025-01-07 from https:\/\/developer.mozilla.org\/enUS\/docs\/Web\/Accessibility\/ARIA","year":"2025","unstructured":"Mozilla. 2025. Aria. (2025). Retrieved 2025-01-07 from https:\/\/developer.mozilla.org\/enUS\/docs\/Web\/Accessibility\/ARIA.","key":"e_1_3_2_1_51_1"},{"unstructured":"Mozilla. 2025. Document object model. (2025). Retrieved 2025-01-07 from https:\/\/developer.mozilla.org\/enUS\/docs\/Web\/API\/Document%5C_Object%5C_Model.","key":"e_1_3_2_1_52_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_53_1","DOI":"10.2478\/popets-2019-0031"},{"key":"e_1_3_2_1_54_1","volume-title":"Proceedings of the 33rd USENIX Security Symposium (Security)","author":"Oygenblik David","year":"2024","unstructured":"David Oygenblik, Carter Yagemann, Joseph Zhang, Arianna Mastali, Jeman Park, and Brendan Saltaformaggio. 2024. Ai psychiatry: forensic investigation of deep learning networks in memory images. In Proceedings of the 33rd USENIX Security Symposium (Security). Philadelphia, PA (Aug. 2024)."},{"key":"e_1_3_2_1_55_1","volume-title":"Proceedings of the 31st USENIX Security Symposium (Security)","author":"Kasturi Ranjita Pai","year":"2022","unstructured":"Ranjita Pai Kasturi, Jonathan Fuller, Yiting Sun, Omar Chabklo, Andres Rodriguez, Jeman Park, and Brendan Saltaformaggio. 2022. Mistrust plugins you must: a large-scale study of malicious plugins in wordpress marketplaces. In Proceedings of the 31st USENIX Security Symposium (Security). Boston, MA (Aug. 2022)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_56_1","DOI":"10.1109\/SP40000.2020.00116"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_57_1","DOI":"10.14722\/ndss.2018.23143"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_58_1","DOI":"10.1145\/3411764.3445455"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_59_1","DOI":"10.1145\/2810103.2813650"},{"key":"e_1_3_2_1_60_1","volume-title":"Proceedings of the 25th USENIX Security Symposium (Security)","author":"Saltaformaggio Brendan","year":"2016","unstructured":"Brendan Saltaformaggio, Rohit Bhatia, Xiangyu Zhang, Dongyan Xu, and Golden G. Richard. 2016. Screen after previous screens: spatial-temporal recreation of android app displays from memory images. In Proceedings of the 25th USENIX Security Symposium (Security). Austin, TX (Aug. 2016)."},{"unstructured":"Gaurav Shinde. 2017. Malware on google play abusing accessibility service. (2017). Retrieved 2025-01-07 from https:\/\/www.zscaler.com\/blogs\/securityresearch\/malware-google-play-abusing-accessibility-service.","key":"e_1_3_2_1_61_1"},{"unstructured":"Bill Toulas. 2023. Cybercrime service bypasses android security to install malware. (2023). Retrieved 2025-01-07 from https:\/\/www.bleepingcomputer.com\/news\/security\/cybercrime- servicebypasses-android-security-to-install-malware\/.","key":"e_1_3_2_1_62_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_63_1","DOI":"10.1145\/3548606.3559340"},{"key":"e_1_3_2_1_64_1","volume-title":"Proceedings of the 33rd USENIX Security Symposium (Security)","author":"Xu Haichuan","year":"2024","unstructured":"Haichuan Xu, Mingxuan Yao, Runze Zhang, Mohamed Moustafa Dawoud, Jeman Park, and Brendan Saltaformaggio. 2024. Dva: extracting victims and abuse vectors from android accessibility malware. In Proceedings of the 33rd USENIX Security Symposium (Security). Philadelphia, PA (Aug. 2024)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_65_1","DOI":"10.1145\/3307334.3326094"},{"key":"e_1_3_2_1_66_1","volume-title":"Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug.","author":"Yang Zheng","year":"2023","unstructured":"Zheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, and Wenke Lee. 2023. Trident: towards detecting and mitigating web-based social engineering attacks. In Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug. 2023)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_67_1","DOI":"10.1109\/SP61157.2025.00195"},{"key":"e_1_3_2_1_68_1","volume-title":"Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug.","author":"Yao Mingxuan","year":"2023","unstructured":"Mingxuan Yao, Jonathan Fuller, Ranjita Pai Sridhar, Saumya Agarwal, Amit K. Sikder, and Brendan Saltaformaggio. 2023. Hiding in plain sight: an empirical study of web application abuse in malware. In Proceedings of the 32nd USENIX Security Symposium (Security). Anaheim, CA (Aug. 2023)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_69_1","DOI":"10.1109\/SP54263.2024.00228"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_70_1","DOI":"10.14722\/ndss.2025.241353"},{"key":"e_1_3_2_1_71_1","volume-title":"Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P)","author":"Runze","year":"2025","unstructured":"Runze Zhang et al. 2025. Identifying incoherent search sessions: search click fraud remediation under real-world constraints. In Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P). San Francisco, CA (May 2025)."}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"CCS '25","name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","location":"Taipei Taiwan"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3744822","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3744822","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:10:58Z","timestamp":1766441458000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3744822"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":71,"alternative-id":["10.1145\/3719027.3744822","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3744822","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}