{"id":"https://openalex.org/W2767115056","doi":"https://doi.org/10.1145/3133956.3133987","title":"Hindsight","display_name":"Hindsight","publication_year":2017,"publication_date":"2017-10-27","ids":{"openalex":"https://openalex.org/W2767115056","doi":"https://doi.org/10.1145/3133956.3133987","mag":"2767115056"},"language":"en","primary_location":{"id":"doi:10.1145/3133956.3133987","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3133956.3133987","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050985632","display_name":"Meng Luo","orcid":"https://orcid.org/0000-0002-0703-2633"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Meng Luo","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066620366","display_name":"Oleksii Starov","orcid":"https://orcid.org/0000-0002-2796-6345"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Oleksii Starov","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013350250","display_name":"Nima Honarmand","orcid":"https://orcid.org/0000-0001-8634-1241"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nima Honarmand","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5014031812","display_name":"Nick Nikiforakis","orcid":"https://orcid.org/0000-0002-9366-357X"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nick Nikiforakis","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5050985632"],"corresponding_institution_ids":["https://openalex.org/I59553526"],"apc_list":null,"apc_paid":null,"fwci":3.3286,"has_fulltext":false,"cited_by_count":28,"citation_normalized_percentile":{"value":0.93486511,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"149","last_page":"162"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hindsight-bias","display_name":"Hindsight bias","score":0.8037180304527283},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7752354145050049},{"id":"https://openalex.org/keywords/web-browser","display_name":"Web browser","score":0.5997447371482849},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5958800315856934},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.5345949530601501},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.45043376088142395},{"id":"https://openalex.org/keywords/mobile-web","display_name":"Mobile Web","score":0.4485015273094177},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44421109557151794},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3838242292404175},{"id":"https://openalex.org/keywords/mobile-technology","display_name":"Mobile technology","score":0.23992609977722168},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.2129969298839569}],"concepts":[{"id":"https://openalex.org/C10347200","wikidata":"https://www.wikidata.org/wiki/Q1960297","display_name":"Hindsight bias","level":2,"score":0.8037180304527283},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7752354145050049},{"id":"https://openalex.org/C2983909278","wikidata":"https://www.wikidata.org/wiki/Q6368","display_name":"Web browser","level":3,"score":0.5997447371482849},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5958800315856934},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.5345949530601501},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.45043376088142395},{"id":"https://openalex.org/C516764902","wikidata":"https://www.wikidata.org/wiki/Q1043805","display_name":"Mobile Web","level":4,"score":0.4485015273094177},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44421109557151794},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3838242292404175},{"id":"https://openalex.org/C60952562","wikidata":"https://www.wikidata.org/wiki/Q6887246","display_name":"Mobile technology","level":3,"score":0.23992609977722168},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2129969298839569},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C180747234","wikidata":"https://www.wikidata.org/wiki/Q23373","display_name":"Cognitive psychology","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3133956.3133987","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3133956.3133987","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7200000286102295,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W36948825","https://openalex.org/W149551663","https://openalex.org/W185877518","https://openalex.org/W1475974720","https://openalex.org/W1486263771","https://openalex.org/W1509636246","https://openalex.org/W1550000763","https://openalex.org/W2025874281","https://openalex.org/W2027116109","https://openalex.org/W2044969874","https://openalex.org/W2126050324","https://openalex.org/W2167661907","https://openalex.org/W2248426850","https://openalex.org/W2400264373","https://openalex.org/W2404236205","https://openalex.org/W2410277931","https://openalex.org/W2480399688","https://openalex.org/W2509745758","https://openalex.org/W2598964862","https://openalex.org/W3017060764","https://openalex.org/W4300420355"],"related_works":["https://openalex.org/W2483563773","https://openalex.org/W4232994511","https://openalex.org/W4244415485","https://openalex.org/W2065943397","https://openalex.org/W1699002556","https://openalex.org/W2054912238","https://openalex.org/W2492213215","https://openalex.org/W4233524299","https://openalex.org/W2080190004","https://openalex.org/W2884454721"],"abstract_inverted_index":{"Much":[0],"of":[1,62,70,110,124,137,174,176,189,199],"recent":[2],"research":[3],"on":[4,9,87],"mobile":[5,13,37,63,91,206,224],"security":[6,39,226],"has":[7,40,227],"focused":[8],"malicious":[10],"applications.":[11],"Although":[12],"devices":[14],"have":[15],"powerful":[16],"browsers":[17,71,160,192],"that":[18,45,58,72,179,187,203,223],"are":[19,25,73,193],"commonly":[20],"used":[21],"by":[22,230],"users":[23],"and":[24,95,105,116,141,149,163,202,233],"vulnerable":[26,194],"to":[27,98,157,161,170,195],"at":[28,196],"least":[29,197],"as":[30,33],"many":[31],"attacks":[32,162,178,201],"their":[34,165],"desktop":[35],"counterparts,":[36],"web":[38,207,225],"not":[41],"received":[42],"the":[43,49,60,67,82,130,172,190,204,221,231],"attention":[44],"it":[46],"deserves":[47],"from":[48,102,143],"community.":[50],"In":[51,77,129],"particular,":[52],"there":[53],"is":[54,209],"no":[55],"longitudinal":[56],"study":[57],"investigates":[59],"evolution":[61],"browser":[64,114,119,138,208],"vulnerabilities":[65,89,97],"over":[66],"diverse":[68],"set":[69],"available":[74],"out":[75],"there.":[76],"this":[78,183],"paper,":[79],"we":[80,132],"undertake":[81],"first":[83],"such":[84],"study,":[85],"focusing":[86],"UI":[88],"among":[90],"browsers.":[92],"We":[93,146,167,185],"investigate":[94],"quantify":[96],"27":[99],"UI-related":[100],"attacks---compiled":[101],"previous":[103],"work":[104],"augmented":[106],"with":[107,213],"new":[108],"variations":[109],"our":[111,200,218],"own---across":[112],"128":[113],"families":[115],"2,324":[117],"individual":[118,177],"versions":[120],"spanning":[121],"a":[122,151],"period":[123],"more":[125,236],"than":[126],"5":[127],"years.":[128],"process,":[131],"collect":[133],"an":[134],"extensive":[135],"dataset":[136],"versions,":[139],"old":[140],"new,":[142],"multiple":[144],"sources.":[145],"also":[147],"design":[148],"implement":[150],"browser-agnostic":[152],"testing":[153],"framework,":[154],"called":[155],"Hindsight,":[156],"automatically":[158],"expose":[159],"evaluate":[164],"vulnerabilities.":[166],"use":[168],"Hindsight":[169],"conduct":[171],"tens":[173],"thousands":[175],"were":[180],"needed":[181],"for":[182],"study.":[184],"discover":[186],"98.6%":[188],"tested":[191],"one":[198],"average":[205],"becoming":[210],"less":[211],"secure":[212],"each":[214],"passing":[215],"year.":[216],"Overall,":[217],"findings":[219],"support":[220],"conclusion":[222],"been":[228],"ignored":[229],"community":[232],"must":[234],"receive":[235],"attention.":[237]},"counts_by_year":[{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":9},{"year":2019,"cited_by_count":6},{"year":2018,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2017-11-10T00:00:00"}