{"id":"https://openalex.org/W7131226783","doi":"https://doi.org/10.1109/acsac67867.2025.00064","title":"PP3D: An In-Browser Vision-Based Defense Against Web Behavior Manipulation Attacks","display_name":"PP3D: An In-Browser Vision-Based Defense Against Web Behavior Manipulation Attacks","publication_year":2025,"publication_date":"2025-12-08","ids":{"openalex":"https://openalex.org/W7131226783","doi":"https://doi.org/10.1109/acsac67867.2025.00064"},"language":null,"primary_location":{"id":"doi:10.1109/acsac67867.2025.00064","is_oa":false,"landing_page_url":"https://doi.org/10.1109/acsac67867.2025.00064","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE Annual Computer Security Applications Conference (ACSAC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5126703950","display_name":"Spencer King","orcid":null},"institutions":[{"id":"https://openalex.org/I165733156","display_name":"University of Georgia","ror":"https://ror.org/00te3t702","country_code":"US","type":"education","lineage":["https://openalex.org/I165733156"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Spencer King","raw_affiliation_strings":["University of Georgia,Athens,GA,USA"],"affiliations":[{"raw_affiliation_string":"University of Georgia,Athens,GA,USA","institution_ids":["https://openalex.org/I165733156"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5093713875","display_name":"Irfan Ozen","orcid":null},"institutions":[{"id":"https://openalex.org/I165733156","display_name":"University of Georgia","ror":"https://ror.org/00te3t702","country_code":"US","type":"education","lineage":["https://openalex.org/I165733156"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Irfan Ozen","raw_affiliation_strings":["University of Georgia,Athens,GA,USA"],"affiliations":[{"raw_affiliation_string":"University of Georgia,Athens,GA,USA","institution_ids":["https://openalex.org/I165733156"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074383678","display_name":"Karthika Subramani","orcid":"https://orcid.org/0009-0004-8955-4049"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Karthika Subramani","raw_affiliation_strings":["Georgia Institute of Technology,Atlanta,GA,USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology,Atlanta,GA,USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012334362","display_name":"Saranyan Senthivel","orcid":null},"institutions":[{"id":"https://openalex.org/I192396691","display_name":"University of New Orleans","ror":"https://ror.org/034mtvk83","country_code":"US","type":"education","lineage":["https://openalex.org/I192396691","https://openalex.org/I2799628689"]},{"id":"https://openalex.org/I4210164774","display_name":"DXC Technology (United States)","ror":"https://ror.org/05scq4290","country_code":"US","type":"company","lineage":["https://openalex.org/I4210164774"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Saranyan Senthivel","raw_affiliation_strings":["DXC Technology,New Orleans,LA,USA"],"affiliations":[{"raw_affiliation_string":"DXC Technology,New Orleans,LA,USA","institution_ids":["https://openalex.org/I4210164774","https://openalex.org/I192396691"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126714501","display_name":"Phani Vadrevu","orcid":null},"institutions":[{"id":"https://openalex.org/I121820613","display_name":"Louisiana State University","ror":"https://ror.org/05ect4e57","country_code":"US","type":"education","lineage":["https://openalex.org/I121820613"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Phani Vadrevu","raw_affiliation_strings":["Louisiana State University,Baton Rouge,LA,USA"],"affiliations":[{"raw_affiliation_string":"Louisiana State University,Baton Rouge,LA,USA","institution_ids":["https://openalex.org/I121820613"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5071832270","display_name":"Roberto Perdisci","orcid":"https://orcid.org/0000-0002-7339-0041"},"institutions":[{"id":"https://openalex.org/I165733156","display_name":"University of Georgia","ror":"https://ror.org/00te3t702","country_code":"US","type":"education","lineage":["https://openalex.org/I165733156"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Roberto Perdisci","raw_affiliation_strings":["University of Georgia,Athens,GA,USA"],"affiliations":[{"raw_affiliation_string":"University of Georgia,Athens,GA,USA","institution_ids":["https://openalex.org/I165733156"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5126703950"],"corresponding_institution_ids":["https://openalex.org/I165733156"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.84953903,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"719","last_page":"735"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.5404000282287598,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.5404000282287598,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.10920000076293945,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.06449999660253525,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8029000163078308},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6725999712944031},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.4609000086784363},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45660001039505005},{"id":"https://openalex.org/keywords/latency","display_name":"Latency (audio)","score":0.40139999985694885},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.3952000141143799},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.3935000002384186},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.39160001277923584}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8029000163078308},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7347000241279602},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6725999712944031},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6277999877929688},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.4609000086784363},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45660001039505005},{"id":"https://openalex.org/C82876162","wikidata":"https://www.wikidata.org/wiki/Q17096504","display_name":"Latency (audio)","level":2,"score":0.40139999985694885},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.3952000141143799},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.3935000002384186},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.39160001277923584},{"id":"https://openalex.org/C2983909278","wikidata":"https://www.wikidata.org/wiki/Q6368","display_name":"Web browser","level":3,"score":0.367000013589859},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.3571999967098236},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.3221000134944916},{"id":"https://openalex.org/C70118762","wikidata":"https://www.wikidata.org/wiki/Q376934","display_name":"Social engineering (security)","level":2,"score":0.31529998779296875},{"id":"https://openalex.org/C36464697","wikidata":"https://www.wikidata.org/wiki/Q451553","display_name":"Visualization","level":2,"score":0.3151000142097473},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.30649998784065247},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.3019999861717224},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.26980000734329224},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.26570001244544983},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.26460000872612},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.2630000114440918},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.2614000141620636},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2515999972820282}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/acsac67867.2025.00064","is_oa":false,"landing_page_url":"https://doi.org/10.1109/acsac67867.2025.00064","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE Annual Computer Security Applications Conference (ACSAC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3098086015","display_name":null,"funder_award_id":"CNS-2126641,CNS-2422035","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W1597482600","https://openalex.org/W1970867218","https://openalex.org/W1980073965","https://openalex.org/W2028223155","https://openalex.org/W2043034431","https://openalex.org/W2118978333","https://openalex.org/W2153245338","https://openalex.org/W2467763829","https://openalex.org/W2614012654","https://openalex.org/W2783748519","https://openalex.org/W2794855529","https://openalex.org/W2970641574","https://openalex.org/W2980614388","https://openalex.org/W3088909400","https://openalex.org/W3106934761","https://openalex.org/W3124893884","https://openalex.org/W3155996479","https://openalex.org/W3191453585","https://openalex.org/W4226300618","https://openalex.org/W4226476296","https://openalex.org/W4288079443","https://openalex.org/W4307020415","https://openalex.org/W4309618976","https://openalex.org/W4384948583","https://openalex.org/W4385412474","https://openalex.org/W4398152829"],"related_works":[],"abstract_inverted_index":{"Web-based":[0],"behavior-manipulation":[1,188],"attacks":[2,19,26,32,37,83],"(BMAs)\u2014such":[3],"as":[4,34],"scareware,":[5],"fake":[6],"software":[7],"downloads,":[8],"tech":[9],"support":[10],"scams,":[11],"etc.\u2014are":[12],"a":[13,90,96,174,181],"class":[14,185],"of":[15,57,89,186],"social":[16],"engineering":[17],"(SE)":[18],"that":[20,118,170],"exploit":[21],"human":[22],"decision-making":[23],"vulnerabilities.":[24],"These":[25,167],"remain":[27],"under-studied":[28],"compared":[29],"to":[30,104],"other":[31],"such":[33],"information":[35],"harvesting":[36],"(e.g.,":[38],"phishing)":[39],"or":[40],"malware":[41],"infections.":[42],"Prior":[43],"technical":[44],"work":[45],"has":[46],"primarily":[47],"focused":[48],"on":[49],"measuring":[50],"BMAs,":[51],"offering":[52],"little":[53],"in":[54,84],"the":[55,70,101,150],"way":[56],"generic":[58],"defenses.":[59],"To":[60],"address":[61],"this":[62],"gap,":[63],"we":[64],"introduce":[65],"Pixel":[66],"Patrol":[67],"3D":[68],"(PP3D),":[69],"first":[71],"end-to-end":[72],"browser":[73,97],"framework":[74,172],"for":[75],"discovering,":[76],"detecting,":[77],"and":[78,109,134,177,183],"defending":[79],"against":[80,180],"behavior-manipulating":[81],"SE":[82],"real":[85],"time.":[86],"PP3D":[87,119],"consists":[88],"visual":[91],"detection":[92,124,151,161],"model":[93,102],"implemented":[94],"within":[95],"extension,":[98],"which":[99],"deploys":[100],"client-side":[103],"protect":[105],"users":[106],"across":[107,137],"desktop":[108],"mobile":[110],"devices":[111],"while":[112,130],"preserving":[113],"privacy.":[114],"Our":[115],"evaluation":[116],"shows":[117],"can":[120,156],"achieve":[121,158],"above":[122,159],"99%":[123],"rate":[125,162],"at":[126,163],"1%":[127,164],"false":[128,165],"positives,":[129],"maintaining":[131],"good":[132],"latency":[133],"overhead":[135],"performance":[136],"devices.":[138],"Even":[139],"when":[140],"faced":[141],"with":[142],"new":[143],"BMA":[144],"samples":[145],"collected":[146],"months":[147],"after":[148],"training":[149],"model,":[152],"our":[153,171],"defense":[154,179],"system":[155],"still":[157],"97%":[160],"positives.":[166],"results":[168],"demonstrate":[169],"offers":[173],"practical,":[175],"effective,":[176],"generalizable":[178],"broad":[182],"evolving":[184],"web":[187],"attacks.":[189]},"counts_by_year":[],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2026-02-25T00:00:00"}