{"id":"https://openalex.org/W3089880085","doi":"https://doi.org/10.1145/3410154","title":"A Study on the Use of Checksums for Integrity Verification of Web Downloads","display_name":"A Study on the Use of Checksums for Integrity Verification of Web Downloads","publication_year":2020,"publication_date":"2020-09-28","ids":{"openalex":"https://openalex.org/W3089880085","doi":"https://doi.org/10.1145/3410154","mag":"3089880085"},"language":"en","primary_location":{"id":"doi:10.1145/3410154","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3410154","pdf_url":"https://dl.acm.org/doi/10.1145/3410154","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/10.1145/3410154","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087361767","display_name":"Alexandre Meylan","orcid":null},"institutions":[{"id":"https://openalex.org/I4210116793","display_name":"Kudelski (Switzerland)","ror":"https://ror.org/022m5tt98","country_code":"CH","type":"company","lineage":["https://openalex.org/I4210116793"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"Alexandre Meylan","raw_affiliation_strings":["Kudelski Security, Switzerland","Kudelski Security (Switzerland)"],"affiliations":[{"raw_affiliation_string":"Kudelski Security, Switzerland","institution_ids":["https://openalex.org/I4210116793"]},{"raw_affiliation_string":"Kudelski Security (Switzerland)","institution_ids":["https://openalex.org/I4210116793"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033262697","display_name":"Mauro Cherubini","orcid":"https://orcid.org/0000-0002-1860-6110"},"institutions":[{"id":"https://openalex.org/I97565354","display_name":"University of Lausanne","ror":"https://ror.org/019whta54","country_code":"CH","type":"education","lineage":["https://openalex.org/I97565354"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Mauro Cherubini","raw_affiliation_strings":["University of Lausanne (UNIL), Switzerland"],"affiliations":[{"raw_affiliation_string":"University of Lausanne (UNIL), Switzerland","institution_ids":["https://openalex.org/I97565354"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031241829","display_name":"Bertil Chapuis","orcid":"https://orcid.org/0000-0003-3168-5375"},"institutions":[{"id":"https://openalex.org/I173439891","display_name":"HES-SO University of Applied Sciences and Arts Western Switzerland","ror":"https://ror.org/01xkakk17","country_code":"CH","type":"education","lineage":["https://openalex.org/I173439891"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Bertil Chapuis","raw_affiliation_strings":["University of Applied Sciences and Arts (HES-SO/HEIG-VD), Switzerland"],"affiliations":[{"raw_affiliation_string":"University of Applied Sciences and Arts (HES-SO/HEIG-VD), Switzerland","institution_ids":["https://openalex.org/I173439891"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053332520","display_name":"Mathias Humbert","orcid":"https://orcid.org/0000-0001-5046-1727"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mathias Humbert","raw_affiliation_strings":["armasuisse S+T, Switzerland","armasuisse S+T (Science and Technology\r\nFeuerwerkerstrasse 39 \r\nCH-3602 Thun - Switzerland)"],"affiliations":[{"raw_affiliation_string":"armasuisse S+T, Switzerland","institution_ids":[]},{"raw_affiliation_string":"armasuisse S+T (Science and Technology\r\nFeuerwerkerstrasse 39 \r\nCH-3602 Thun - Switzerland)","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029174330","display_name":"Igor Bilogrevic","orcid":"https://orcid.org/0000-0002-9301-3091"},"institutions":[{"id":"https://openalex.org/I4210100430","display_name":"Google (Switzerland)","ror":"https://ror.org/014f9c269","country_code":"CH","type":"company","lineage":["https://openalex.org/I1291425158","https://openalex.org/I4210100430","https://openalex.org/I4210128969"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Igor Bilogrevic","raw_affiliation_strings":["Google Inc., Switzerland","Google Switzerland (Switzerland)"],"affiliations":[{"raw_affiliation_string":"Google Inc., Switzerland","institution_ids":["https://openalex.org/I4210100430"]},{"raw_affiliation_string":"Google Switzerland (Switzerland)","institution_ids":["https://openalex.org/I4210100430"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5017780534","display_name":"K\u00e9vin Huguenin","orcid":"https://orcid.org/0000-0001-7147-1828"},"institutions":[{"id":"https://openalex.org/I97565354","display_name":"University of Lausanne","ror":"https://ror.org/019whta54","country_code":"CH","type":"education","lineage":["https://openalex.org/I97565354"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"K\u00e9vin Huguenin","raw_affiliation_strings":["University of Lausanne (UNIL), Switzerland"],"affiliations":[{"raw_affiliation_string":"University of Lausanne (UNIL), Switzerland","institution_ids":["https://openalex.org/I97565354"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5087361767"],"corresponding_institution_ids":["https://openalex.org/I4210116793"],"apc_list":null,"apc_paid":null,"fwci":0.7268,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.82226173,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"24","issue":"1","first_page":"1","last_page":"36"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12607","display_name":"Personal Information Management and User Behavior","score":0.9915000200271606,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9894000291824341,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/checksum","display_name":"Checksum","score":0.9602885842323303},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8166693449020386},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.6875824928283691},{"id":"https://openalex.org/keywords/vetting","display_name":"Vetting","score":0.622714102268219},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.6199079751968384},{"id":"https://openalex.org/keywords/download","display_name":"Download","score":0.5649288892745972},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.45885494351387024},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.40413767099380493},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.31194043159484863},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.31041669845581055}],"concepts":[{"id":"https://openalex.org/C162372511","wikidata":"https://www.wikidata.org/wiki/Q218341","display_name":"Checksum","level":2,"score":0.9602885842323303},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8166693449020386},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.6875824928283691},{"id":"https://openalex.org/C2777230681","wikidata":"https://www.wikidata.org/wiki/Q7923820","display_name":"Vetting","level":2,"score":0.622714102268219},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.6199079751968384},{"id":"https://openalex.org/C2780154274","wikidata":"https://www.wikidata.org/wiki/Q7126717","display_name":"Download","level":2,"score":0.5649288892745972},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.45885494351387024},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.40413767099380493},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.31194043159484863},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.31041669845581055}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1145/3410154","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3410154","pdf_url":"https://dl.acm.org/doi/10.1145/3410154","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},{"id":"pmh:oai:serval.unil.ch:BIB_970B9AA5408B","is_oa":true,"landing_page_url":"https://serval.unil.ch/notice/serval:BIB_970B9AA5408B","pdf_url":null,"source":{"id":"https://openalex.org/S4306401797","display_name":"SERVAL (Universit\u00e9 de Lausanne)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210093590","host_organization_name":"Swiss School of Archaeology in Greece","host_organization_lineage":["https://openalex.org/I4210093590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"ACM Transactions on Privacy and Security, vol. 4, no. 1, pp. 4:1-4:36","raw_type":"info:eu-repo/semantics/acceptedVersion"},{"id":"pmh:oai:iris.unil.ch:iris/201420","is_oa":true,"landing_page_url":"https://iris.unil.ch/handle/iris/201420","pdf_url":"https://iris.unil.ch/bitstreams/cb8c15de-3b7f-4502-a607-6b7418eb5d81/download","source":{"id":"https://openalex.org/S7407055444","display_name":"IRIS","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"journal article"},{"id":"pmh:oai:HAL:hal-02892926v1","is_oa":true,"landing_page_url":"https://hal.science/hal-02892926","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ACM Transactions on Privacy and Security, 2020, 24 (1), pp.4:1-4:36. &#x27E8;10.1145/3410154&#x27E9;","raw_type":"Journal articles"},{"id":"pmh:oai:hesso.tind.io:7190","is_oa":false,"landing_page_url":"http://arodes.hes-so.ch/record/7190","pdf_url":null,"source":{"id":"https://openalex.org/S4306402432","display_name":"ArODES (HES-SO (https://www.hes-so.ch/))","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210088449","host_organization_name":"HES-SO Gen\u00e8ve","host_organization_lineage":["https://openalex.org/I4210088449"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://arodes.hes-so.ch/record/7190","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.1145/3410154","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3410154","pdf_url":"https://dl.acm.org/doi/10.1145/3410154","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.47999998927116394,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G3378801267","display_name":null,"funder_award_id":"19024","funder_id":"https://openalex.org/F4320321942","funder_display_name":"Hasler Stiftung"}],"funders":[{"id":"https://openalex.org/F4320321942","display_name":"Hasler Stiftung","ror":"https://ror.org/04m3t9183"},{"id":"https://openalex.org/F4320323831","display_name":"Universit\u00e9 de Lausanne","ror":"https://ror.org/019whta54"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3089880085.pdf","grobid_xml":"https://content.openalex.org/works/W3089880085.grobid-xml"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W946133946","https://openalex.org/W1582716752","https://openalex.org/W1881935562","https://openalex.org/W1984018499","https://openalex.org/W1985270055","https://openalex.org/W2063586034","https://openalex.org/W2070561595","https://openalex.org/W2075177804","https://openalex.org/W2099889974","https://openalex.org/W2102570173","https://openalex.org/W2110505891","https://openalex.org/W2129537236","https://openalex.org/W2139179587","https://openalex.org/W2149869556","https://openalex.org/W2157337727","https://openalex.org/W2170711609","https://openalex.org/W2512279548","https://openalex.org/W2551763599","https://openalex.org/W2582112754","https://openalex.org/W2610507852","https://openalex.org/W2722360008","https://openalex.org/W2786284130","https://openalex.org/W2890220547","https://openalex.org/W2909986196","https://openalex.org/W3000645669","https://openalex.org/W3002929229","https://openalex.org/W4226281451"],"related_works":["https://openalex.org/W3137893487","https://openalex.org/W2588786532","https://openalex.org/W2169930420","https://openalex.org/W2108865840","https://openalex.org/W2802914690","https://openalex.org/W4248793399","https://openalex.org/W3120410482","https://openalex.org/W2980021769","https://openalex.org/W2769878339","https://openalex.org/W3129671051"],"abstract_inverted_index":{"App":[0],"stores":[1],"provide":[2,123,214],"access":[3],"to":[4,66,74,78,102,208,222,233],"millions":[5],"of":[6,91,134,143,204,237],"different":[7],"programs":[8,21],"that":[9,68,80,88,104,128,155,179,206],"users":[10,50],"can":[11,17],"download":[12,24,51],"on":[13,25,35,39,193,241],"their":[14,20,26,36,242],"computers.":[15],"Developers":[16],"also":[18,196],"make":[19],"available":[22],"for":[23,224],"websites":[27,205],"and":[28,132,150,160,188,230],"host":[29],"the":[30,46,52,58,63,81,92,124,130,135,156,235],"program":[31],"files":[32,210],"either":[33],"directly":[34],"website":[37],"or":[38],"third-party":[40],"platforms,":[41],"such":[42,105],"as":[43,49],"mirrors.":[44],"In":[45,119],"latter":[47],"case,":[48],"software":[53],"without":[54],"any":[55],"vetting":[56],"from":[57],"developers,":[59],"they":[60],"should":[61],"take":[62],"necessary":[64],"precautions":[65],"ensure":[67],"it":[69,117],"is":[70,77,99,108,158,218],"authentic.":[71],"One":[72],"way":[73],"accomplish":[75],"this":[76,120],"check":[79],"published":[82],"file\u2019s":[83],"integrity":[84,239],"verification":[85,138,240],"code\u2014the":[86],"checksum\u2014matches":[87],"(if":[89],"provided)":[90],"downloaded":[93],"file.":[94],"To":[95],"date,":[96],"however,":[97],"there":[98],"little":[100],"evidence":[101],"suggest":[103],"a":[106,164,201,219],"process":[107,157],"effective.":[109],"Even":[110],"worse,":[111],"very":[112],"few":[113],"usability":[114,131],"studies":[115],"about":[116],"exist.":[118],"article,":[121],"we":[122,153,171],"first":[125],"comprehensive":[126],"study":[127],"assesses":[129],"effectiveness":[133],"manual":[136],"checksum":[137],"process.":[139],"First,":[140],"by":[141],"means":[142],"an":[144],"in-situ":[145],"experiment":[146,167],"with":[147,168],"40":[148],"participants":[149],"eye-tracking":[151],"technology,":[152],"show":[154],"cumbersome":[159],"error-prone.":[161],"Second,":[162],"after":[163],"4-month-long":[165],"in-the-wild":[166],"134":[169],"participants,":[170],"demonstrate":[172],"how":[173],"our":[174,212],"proposed":[175],"solution\u2014a":[176],"Chrome":[177],"extension":[178],"verifies":[180],"checksums":[181,215],"automatically\u2014significantly":[182],"reduces":[183],"human":[184],"errors,":[185],"improves":[186],"coverage,":[187],"has":[189],"only":[190,200],"limited":[191],"impact":[192],"usability.":[194],"It":[195],"confirms":[197],"that,":[198],"sadly,":[199],"tiny":[202],"minority":[203],"link":[207],"executable":[209],"in":[211],"sample":[213],"(0.01%),":[216],"which":[217],"strong":[220],"call":[221],"action":[223],"web":[225],"standards":[226],"bodies,":[227],"service":[228],"providers,":[229],"content":[231],"creators":[232],"increase":[234],"use":[236],"file":[238],"properties.":[243]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}