{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T20:10:05Z","timestamp":1755893405807,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":17,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,6,19]],"date-time":"2024-06-19T00:00:00Z","timestamp":1718755200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,6,19]]},"DOI":"10.1145\/3626232.3658641","type":"proceedings-article","created":{"date-parts":[[2024,6,10]],"date-time":"2024-06-10T18:20:25Z","timestamp":1718043625000},"page":"167-169","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["An Overview of Threats Exploring the Confusion Between Top-Level Domains and File Type Extensions"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0005-4208-5983","authenticated-orcid":false,"given":"Anderson","family":"Sales","sequence":"first","affiliation":[{"name":"Instituto Polit\u00e9cnico de Viana do Castelo, Viana do Castelo, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7598-3687","authenticated-orcid":false,"given":"Nuno","family":"Torres","sequence":"additional","affiliation":[{"name":"Instituto Polit\u00e9cnico de Viana do Castelo, Viana do Castelo, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1856-6101","authenticated-orcid":false,"suffix":"Prof.","given":"Pedro","family":"Pinto","sequence":"additional","affiliation":[{"name":"Instituto Polit\u00e9cnico de Viana do Castelo, Viana do Castelo, Portugal"}]}],"member":"320","published-online":{"date-parts":[[2024,6,19]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Alshaima Almarzooqi Jawahir Mahmoud Bayena Alzaabi Arsiema Ghebremichael and Monther Aldwairi. 2022. Detecting Malicious Domains Using Statistical Internationalized Domain Name Features in Top Level Domains. arXiv:2211.08020 [cs.CR]","DOI":"10.1109\/URC58160.2022.10054226"},{"key":"e_1_3_2_1_2_1","volume-title":"Trend Micro. Retrieved","author":"Aquino Joshua","year":"2023","unstructured":"Joshua Aquino and Stephen Hilt. 2023. Future exploitation vector file extensions as top level domains. Trend Micro. Retrieved February 25, 2024 from https:\/\/www.trendmicro.com\/en_us\/research\/23\/e\/future-exploitation-vector-file-extensions-as-top-level-domains.html"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2017.1600521CM"},{"key":"e_1_3_2_1_4_1","volume-title":"IANA. Retrieved","author":"IANA.","year":"2023","unstructured":"IANA. 2023. IANA Root Zone Database. IANA. Retrieved March 12, 2024 from https:\/\/www.iana.org\/domains\/root\/db"},{"key":"e_1_3_2_1_5_1","volume-title":"ICANN. Retrieved","author":"ICANN.","year":"2012","unstructured":"ICANN. 2012. New Generic Top-Level Domains. ICANN. Retrieved March 12, 2024 from https:\/\/newgtlds.icann.org\/en\/about\/program"},{"key":"e_1_3_2_1_6_1","article-title":"New google top-level domains that use common file extensions could pose a serious cyber risk","author":"Ikeda Scott","year":"2023","unstructured":"Scott Ikeda. 2023. New google top-level domains that use common file extensions could pose a serious cyber risk. CPO Magazine. Retrieved March 01, 2024 from https:\/\/www.cpomagazine.com\/cyber-security\/new-google-top-level-domains-that-use-common-file-extensions-could-pose-a-serious-cyber-risk\/","journal-title":"CPO Magazine. Retrieved"},{"key":"e_1_3_2_1_7_1","volume-title":"Kaspersky Blog. Retrieved","author":"Kaminsky Stan","year":"2023","unstructured":"Stan Kaminsky. 2023. Security risks of the .zip and .mov domains. Kaspersky Blog. Retrieved February 05, 2024 from https:\/\/www.kaspersky.com\/blog\/zip-mov-domain-extension-confusion\/48254\/"},{"key":"e_1_3_2_1_8_1","volume-title":"NIST. Retrieved","author":"National Vulnerability Database NIST.","year":"2024","unstructured":"National Vulnerability Database NIST. 2024. NVD - CVE-2018--4277 - nvd.nist.gov. NIST. Retrieved March 26, 2024 from https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018--4277"},{"key":"e_1_3_2_1_9_1","volume-title":"Bitsight. Retrieved","author":"Shah Samit","year":"2021","unstructured":"Samit Shah. 2021. The financial impact of Solarwinds breach. Bitsight. Retrieved February 09, 2024 from https:\/\/www.bitsight.com\/blog\/the-financial-impact-of-solarwinds-a-cyber-catastrophe-but-insurance-disaster-avoided"},{"key":"e_1_3_2_1_10_1","volume-title":"Bleeping Computer. Retrieved","author":"Sharma Ax","year":"2024","unstructured":"Ax Sharma. 2024. Registrars can now block all domains that resemble brand names - bleepingcomputer.com. Bleeping Computer. Retrieved March 26, 2024 from https:\/\/www.bleepingcomputer.com\/news\/technology\/registrars-can-now-block-all-domains-that-resemble-brand-names\/"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWMN.2019.8805011"},{"key":"e_1_3_2_1_12_1","volume-title":"Dark Reading. Retrieved","author":"Strom David","year":"2024","unstructured":"David Strom. 2024. Typosquatting Wave Shows No Signs of Abating - darkreading.com. Dark Reading. Retrieved March 26, 2024 from https:\/\/www.darkreading.com\/threatintelligence\/typosquatting-wave-shows-no-signs-of-abating"},{"key":"e_1_3_2_1_13_1","volume-title":"The .zip gTLD: Risks and Opportunities","author":"Ullrich Johannes","year":"2024","unstructured":"Johannes Ullrich. 2023. The .zip gTLD: Risks and Opportunities. SANS Internet Storm Center. Retrieved March 12, 2024 from https:\/\/isc.sans.edu\/diary\/ThezipgTLDRisksandOpportunities\/29838"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICASID.2017.8285736"},{"key":"e_1_3_2_1_15_1","volume-title":"What You Need To Know About the SolarWinds Supply-Chain Attack","author":"Williams Jake","year":"2024","unstructured":"Jake Williams. 2020. What You Need To Know About the SolarWinds Supply-Chain Attack. SANS Institute. Retrieved March 10, 2024 from https:\/\/www.sans.org\/blog\/what-you-need-to-know-about-the-solarwinds-supply-chain-attack\/"},{"key":"e_1_3_2_1_16_1","volume-title":"Tencent. Retrieved","author":"Xuanwu Tencent Security","year":"2018","unstructured":"Tencent Security Xuanwu Lab XLAB. 2018. Spoof All Domains Containing 'd' in Apple Products [CVE-2018--4277] - xlab.tencent.com. Tencent. Retrieved March 26, 2024 from https:\/\/xlab.tencent.com\/en\/2018\/11\/13\/cve-2018--4277\/"},{"key":"e_1_3_2_1_17_1","volume-title":"Google Registry. Retrieved","author":"Yeh Christina","year":"2023","unstructured":"Christina Yeh. 2023. Google Registry: 8 new top-level domains for dads, grads and techies. Google Registry. Retrieved March 12, 2024 from https:\/\/blog.google\/products\/registry\/8-new-top-level-domains-for-dads-grads-tech\/"}],"event":{"name":"CODASPY '24: Fourteenth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Porto Portugal","acronym":"CODASPY '24"},"container-title":["Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3626232.3658641","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3626232.3658641","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T19:50:05Z","timestamp":1755892205000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3626232.3658641"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,19]]},"references-count":17,"alternative-id":["10.1145\/3626232.3658641","10.1145\/3626232"],"URL":"https:\/\/doi.org\/10.1145\/3626232.3658641","relation":{},"subject":[],"published":{"date-parts":[[2024,6,19]]},"assertion":[{"value":"2024-06-19","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}