{"id":"https://openalex.org/W3084102164","doi":"https://doi.org/10.1145/3372297.3417892","title":"Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale","display_name":"Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale","publication_year":2020,"publication_date":"2020-10-30","ids":{"openalex":"https://openalex.org/W3084102164","doi":"https://doi.org/10.1145/3372297.3417892","mag":"3084102164"},"language":"en","primary_location":{"id":"doi:10.1145/3372297.3417892","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3372297.3417892","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3417892","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3417892","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Michele Campobasso","orcid":null},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Michele Campobasso","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, Netherlands","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"last","author":{"id":null,"display_name":"Luca Allodi","orcid":null},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Luca Allodi","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, Netherlands","institution_ids":["https://openalex.org/I83019370"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I83019370"],"apc_list":null,"apc_paid":null,"fwci":3.0595,"has_fulltext":true,"cited_by_count":24,"citation_normalized_percentile":{"value":0.93057167,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":93,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1665","last_page":"1680"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.6679999828338623},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.6327999830245972},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.4959000051021576},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.4212000072002411},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.32260000705718994},{"id":"https://openalex.org/keywords/internet-users","display_name":"Internet users","score":0.303600013256073},{"id":"https://openalex.org/keywords/user-interface","display_name":"User interface","score":0.2971000075340271}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7143999934196472},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.6679999828338623},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.6327999830245972},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6177999973297119},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.4959000051021576},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.4212000072002411},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3366999924182892},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.32260000705718994},{"id":"https://openalex.org/C3019036681","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"Internet users","level":3,"score":0.303600013256073},{"id":"https://openalex.org/C89505385","wikidata":"https://www.wikidata.org/wiki/Q47146","display_name":"User interface","level":2,"score":0.2971000075340271},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.29339998960494995},{"id":"https://openalex.org/C91262260","wikidata":"https://www.wikidata.org/wiki/Q528074","display_name":"End user","level":2,"score":0.2782000005245209},{"id":"https://openalex.org/C2985371682","wikidata":"https://www.wikidata.org/wiki/Q11135","display_name":"Ip address","level":2,"score":0.27459999918937683},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.2712000012397766},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.27059999108314514},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.2685999870300293},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.2615000009536743},{"id":"https://openalex.org/C22111027","wikidata":"https://www.wikidata.org/wiki/Q1070427","display_name":"Internet security","level":4,"score":0.260699987411499}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3372297.3417892","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3372297.3417892","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3417892","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2009.04344","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2009.04344","pdf_url":"https://arxiv.org/pdf/2009.04344","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3372297.3417892","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3372297.3417892","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3417892","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G620320933","display_name":null,"funder_award_id":"ITEA191010","funder_id":"https://openalex.org/F4320314237","funder_display_name":"Rijksdienst voor Ondernemend Nederland"}],"funders":[{"id":"https://openalex.org/F4320313144","display_name":"ITEA","ror":null},{"id":"https://openalex.org/F4320314237","display_name":"Rijksdienst voor Ondernemend Nederland","ror":null},{"id":"https://openalex.org/F4320325600","display_name":"ITEA3","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3084102164.pdf","grobid_xml":"https://content.openalex.org/works/W3084102164.grobid-xml"},"referenced_works_count":24,"referenced_works":["https://openalex.org/W417364168","https://openalex.org/W1442570287","https://openalex.org/W1965586806","https://openalex.org/W1977415353","https://openalex.org/W2030112111","https://openalex.org/W2045591401","https://openalex.org/W2059621117","https://openalex.org/W2060204748","https://openalex.org/W2073342447","https://openalex.org/W2082180526","https://openalex.org/W2123382811","https://openalex.org/W2149929743","https://openalex.org/W2155743899","https://openalex.org/W2218132318","https://openalex.org/W2396652156","https://openalex.org/W2550183133","https://openalex.org/W2557149788","https://openalex.org/W2559753054","https://openalex.org/W2765227388","https://openalex.org/W2766615649","https://openalex.org/W2807822918","https://openalex.org/W2952071009","https://openalex.org/W2964274850","https://openalex.org/W6665894889"],"related_works":[],"abstract_inverted_index":{"In":[0],"this":[1],"paper":[2],"we":[3],"provide":[4],"evidence":[5],"of":[6,28,63],"an":[7],"emerging":[8],"criminal":[9],"infrastructure":[10],"enabling":[11,112],"impersonation":[12,117],"attacks":[13],"at":[14],"scale.":[15,122],"Impersonation-as-a-Service":[16],"(IMPaaS)":[17],"allows":[18],"attackers":[19,104],"to":[20,39,94],"systematically":[21,95],"collect":[22],"and":[23,33,36,44,55,89,109,115],"enforce":[24],"user":[25,29,71,116],"profiles":[26,72],"(consisting":[27],"credentials,":[30],"cookies,":[31],"device":[32],"behavioural":[34],"fingerprints,":[35],"other":[37],"metadata)":[38],"circumvent":[40],"risk-based":[41],"authentication":[42,48,97],"system":[43],"effectively":[45],"bypass":[46],"multi-factor":[47],"mechanisms.":[49],"We":[50],"present":[51],"the":[52,61,84,91],"IMPaaS":[53,68,85],"model":[54,86],"evaluate":[56],"its":[57],"implementation":[58],"by":[59],"analysing":[60],"operation":[62],"a":[64,106],"large,":[65],"invite-only,":[66],"Russian":[67],"platform":[69],"providing":[70,103],"for":[73],"more":[74],"than":[75],"260,000":[76],"Internet":[77,119],"users":[78,120],"worldwide.":[79],"Our":[80],"findings":[81],"suggest":[82],"that":[83],"is":[87],"growing,":[88],"provides":[90],"mechanisms":[92],"needed":[93],"evade":[96],"controls":[98],"across":[99],"multiple":[100],"platforms,":[101],"while":[102],"with":[105],"reliable,":[107],"up-to-date,":[108],"semi-automated":[110],"environment":[111],"target":[113],"selection":[114],"against":[118],"as":[121]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":2}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2020-09-14T00:00:00"}