{"id":"https://openalex.org/W2748245824","doi":"https://doi.org/10.1145/3133956.3133971","title":"Herding Vulnerable Cats","display_name":"Herding Vulnerable Cats","publication_year":2017,"publication_date":"2017-10-27","ids":{"openalex":"https://openalex.org/W2748245824","doi":"https://doi.org/10.1145/3133956.3133971","mag":"2748245824"},"language":"en","primary_location":{"id":"doi:10.1145/3133956.3133971","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3133956.3133971","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://resolver.tudelft.nl/uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5019071393","display_name":"Samaneh Tajalizadehkhoob","orcid":"https://orcid.org/0009-0003-0359-2478"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Samaneh Tajalizadehkhoob","raw_affiliation_strings":["Delft University of Technology, Delft, Netherlands"],"affiliations":[{"raw_affiliation_string":"Delft University of Technology, Delft, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061602585","display_name":"Tom Van Goethem","orcid":"https://orcid.org/0000-0001-6846-9081"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]},{"id":"https://openalex.org/I4210114974","display_name":"IMEC","ror":"https://ror.org/02kcbn207","country_code":"BE","type":"nonprofit","lineage":["https://openalex.org/I4210114974"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Tom Van Goethem","raw_affiliation_strings":["imec-DistriNet, KU Leuven, Leuven, Belgium"],"affiliations":[{"raw_affiliation_string":"imec-DistriNet, KU Leuven, Leuven, Belgium","institution_ids":["https://openalex.org/I4210114974","https://openalex.org/I99464096"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011939731","display_name":"Maciej Korczy\u0144ski","orcid":"https://orcid.org/0000-0002-4334-3260"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Maciej Korczy\u0144ski","raw_affiliation_strings":["Delft University of Technology, Delft, Netherlands"],"affiliations":[{"raw_affiliation_string":"Delft University of Technology, Delft, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041054175","display_name":"Arman Noroozian","orcid":null},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Arman Noroozian","raw_affiliation_strings":["Delft University of Technology, Delft, Netherlands"],"affiliations":[{"raw_affiliation_string":"Delft University of Technology, Delft, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029455813","display_name":"Rainer B\u00f6hme","orcid":"https://orcid.org/0000-0003-4518-6227"},"institutions":[{"id":"https://openalex.org/I190249584","display_name":"Universit\u00e4t Innsbruck","ror":"https://ror.org/054pv6659","country_code":"AT","type":"education","lineage":["https://openalex.org/I190249584"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Rainer B\u00f6hme","raw_affiliation_strings":["Innsbruck University, Innsbruck, Austria"],"affiliations":[{"raw_affiliation_string":"Innsbruck University, Innsbruck, Austria","institution_ids":["https://openalex.org/I190249584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073243028","display_name":"Tyler Moore","orcid":"https://orcid.org/0000-0002-8771-8191"},"institutions":[{"id":"https://openalex.org/I87208437","display_name":"University of Tulsa","ror":"https://ror.org/04wn28048","country_code":"US","type":"education","lineage":["https://openalex.org/I87208437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tyler Moore","raw_affiliation_strings":["University of Tulsa, Tulsa, OK, USA"],"affiliations":[{"raw_affiliation_string":"University of Tulsa, Tulsa, OK, USA","institution_ids":["https://openalex.org/I87208437"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054031138","display_name":"Wouter Joosen","orcid":"https://orcid.org/0000-0002-7710-5092"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]},{"id":"https://openalex.org/I4210114974","display_name":"IMEC","ror":"https://ror.org/02kcbn207","country_code":"BE","type":"nonprofit","lineage":["https://openalex.org/I4210114974"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Wouter Joosen","raw_affiliation_strings":["imec-DistriNet, KU Leuven, Leuven, Belgium"],"affiliations":[{"raw_affiliation_string":"imec-DistriNet, KU Leuven, Leuven, Belgium","institution_ids":["https://openalex.org/I4210114974","https://openalex.org/I99464096"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5012946294","display_name":"Michel van Eeten","orcid":"https://orcid.org/0000-0002-0338-2812"},"institutions":[{"id":"https://openalex.org/I98358874","display_name":"Delft University of Technology","ror":"https://ror.org/02e2c7k09","country_code":"NL","type":"education","lineage":["https://openalex.org/I98358874"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Michel van Eeten","raw_affiliation_strings":["Delft University of Technology, Delft, Netherlands"],"affiliations":[{"raw_affiliation_string":"Delft University of Technology, Delft, Netherlands","institution_ids":["https://openalex.org/I98358874"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5019071393"],"corresponding_institution_ids":["https://openalex.org/I98358874"],"apc_list":null,"apc_paid":null,"fwci":8.2217,"has_fulltext":false,"cited_by_count":35,"citation_normalized_percentile":{"value":0.9758156,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"553","last_page":"567"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.6247631311416626},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5756397247314453},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5227920413017273},{"id":"https://openalex.org/keywords/internet-security","display_name":"Internet security","score":0.4896448254585266},{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.47440242767333984},{"id":"https://openalex.org/keywords/service-provider","display_name":"Service provider","score":0.4673934876918793},{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.42891374230384827},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3259882926940918},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3161529302597046},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.29070234298706055},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2710270583629608},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2603268623352051},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.25831303000450134},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.2547767162322998},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.19563233852386475},{"id":"https://openalex.org/keywords/marketing","display_name":"Marketing","score":0.11303544044494629},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.07323834300041199}],"concepts":[{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.6247631311416626},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5756397247314453},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5227920413017273},{"id":"https://openalex.org/C22111027","wikidata":"https://www.wikidata.org/wiki/Q1070427","display_name":"Internet security","level":4,"score":0.4896448254585266},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.47440242767333984},{"id":"https://openalex.org/C116537","wikidata":"https://www.wikidata.org/wiki/Q2169973","display_name":"Service provider","level":3,"score":0.4673934876918793},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.42891374230384827},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3259882926940918},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3161529302597046},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.29070234298706055},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2710270583629608},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2603268623352051},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.25831303000450134},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.2547767162322998},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.19563233852386475},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.11303544044494629},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.07323834300041199},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3133956.3133971","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3133956.3133971","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:tud:oai:tudelft.nl:uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","is_oa":true,"landing_page_url":"http://resolver.tudelft.nl/uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","pdf_url":"http://resolver.tudelft.nl/uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"info:eu-repo/semantics/conferencepaper"}],"best_oa_location":{"id":"pmh:tud:oai:tudelft.nl:uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","is_oa":true,"landing_page_url":"http://resolver.tudelft.nl/uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","pdf_url":"http://resolver.tudelft.nl/uuid:4e3ed976-99e7-4e35-af5c-aed74c6eeac8","source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"info:eu-repo/semantics/conferencepaper"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3573043936","display_name":null,"funder_award_id":"003/628.001.003","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"}],"funders":[{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W2748245824.pdf"},"referenced_works_count":42,"referenced_works":["https://openalex.org/W48212787","https://openalex.org/W62989984","https://openalex.org/W181628467","https://openalex.org/W1223985891","https://openalex.org/W1420268584","https://openalex.org/W1485337887","https://openalex.org/W1512326166","https://openalex.org/W1809422330","https://openalex.org/W1970863228","https://openalex.org/W1991074244","https://openalex.org/W1998843210","https://openalex.org/W2003371939","https://openalex.org/W2076873241","https://openalex.org/W2085067988","https://openalex.org/W2100765095","https://openalex.org/W2112736324","https://openalex.org/W2116696275","https://openalex.org/W2132791332","https://openalex.org/W2144154820","https://openalex.org/W2161020477","https://openalex.org/W2201060334","https://openalex.org/W2296151511","https://openalex.org/W2341612996","https://openalex.org/W2463495559","https://openalex.org/W2464966933","https://openalex.org/W2469403219","https://openalex.org/W2505207162","https://openalex.org/W2510134782","https://openalex.org/W2534303926","https://openalex.org/W2534610146","https://openalex.org/W2535549398","https://openalex.org/W2536013516","https://openalex.org/W2538863639","https://openalex.org/W2540620158","https://openalex.org/W2564812877","https://openalex.org/W2585990361","https://openalex.org/W2588857602","https://openalex.org/W2593848643","https://openalex.org/W2603454751","https://openalex.org/W2619020149","https://openalex.org/W2769635188","https://openalex.org/W4300052074"],"related_works":["https://openalex.org/W2784207743","https://openalex.org/W3007022787","https://openalex.org/W2287013604","https://openalex.org/W2373766741","https://openalex.org/W4378805743","https://openalex.org/W3024119512","https://openalex.org/W3005595329","https://openalex.org/W1523234773","https://openalex.org/W1874694327","https://openalex.org/W2809183419"],"abstract_inverted_index":{"Hosting":[0],"providers":[1,39,69,95,137,230],"play":[2],"a":[3,29,132,208,253],"key":[4],"role":[5],"in":[6,62,154,191,237,256],"fighting":[7],"web":[8,55,78,122,126],"compromise,":[9],"but":[10],"their":[11,23,75,155],"ability":[12],"to":[13,150,215,252],"prevent":[14],"abuse":[15,192,257],"is":[16,250],"constrained":[17],"by":[18,97,159],"the":[19,47,52,66,86,142,151,176,189,212,216,238],"security":[20,56,72,116,124,178,201],"practices":[21,61],"of":[22,51,54,68,106,161,165,188],"own":[24],"customers.":[25],"Shared":[26],"hosting,":[27],"offers":[28],"unique":[30],"perspective":[31],"since":[32],"customers":[33],"operate":[34],"under":[35],"restricted":[36],"privileges":[37],"and":[38,58,74,125,170,179,186],"retain":[40],"more":[41],"control":[42],"over":[43,141,233],"configurations.":[44],"We":[45,81,129,227],"present":[46],"first":[48],"empirical":[49],"analysis":[50,105,164],"distribution":[53],"features":[57,84],"software":[59,152,180],"patching":[60,181],"shared":[63,90],"hosting":[64,91,156],"providers,":[65,194],"influence":[67,140,232,249],"on":[70,77,85,168],"these":[71,166],"practices,":[73],"impact":[76],"compromise":[79],"rates.":[80],"construct":[82],"provider-level":[83],"global":[87],"market":[88],"for":[89,197,202],"--":[92,96],"containing":[93],"1,259":[94],"gathering":[98],"indicators":[99,108],"from":[100,211],"442,684":[101],"domains.":[102],"Exploratory":[103],"factor":[104],"15":[107],"identifies":[109],"four":[110,177],"main":[111],"latent":[112],"factors":[113,167,182],"that":[114,136,175,206,229,247],"capture":[115],"efforts:":[117],"content":[118],"security,":[119,121],"webmaster":[120],"infrastructure":[123],"application":[127],"security.":[128],"confirm,":[130],"via":[131],"fixed-effect":[133],"regression":[134,163],"model,":[135],"exert":[138],"significant":[139],"latter":[143],"two":[144],"factors,":[145],"which":[146],"are":[147],"both":[148],"related":[149],"stack":[153],"environment.":[157],"Finally,":[158],"means":[160],"GLM":[162],"phishing":[169,225],"malware":[171],"abuse,":[172],"we":[173,204],"show":[174,228],"explain":[183],"between":[184],"10%":[185,214],"19%":[187],"variance":[190],"at":[193],"after":[195],"controlling":[196],"size.":[198],"For":[199],"web-application":[200],"instance,":[203],"found":[205],"when":[207],"provider":[209],"moves":[210],"bottom":[213],"best-performing":[217],"10%,":[218],"it":[219],"would":[220],"experience":[221],"4":[222],"times":[223],"fewer":[224],"incidents.":[226],"have":[231],"patch":[234],"levels--even":[235],"higher":[236],"stack,":[239],"where":[240],"CMSes":[241],"can":[242],"run":[243],"as":[244],"client-side":[245],"software--and":[246],"this":[248],"tied":[251],"substantial":[254],"reduction":[255],"levels.":[258]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":3},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":5},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}