{"id":"https://openalex.org/W4409657124","doi":"https://doi.org/10.1145/3696410.3714710","title":"What's in Phishers: A Longitudinal Study of Security Configurations in Phishing Websites and Kits","display_name":"What's in Phishers: A Longitudinal Study of Security Configurations in Phishing Websites and Kits","publication_year":2025,"publication_date":"2025-04-22","ids":{"openalex":"https://openalex.org/W4409657124","doi":"https://doi.org/10.1145/3696410.3714710"},"language":"en","primary_location":{"id":"doi:10.1145/3696410.3714710","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3696410.3714710","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3696410.3714710","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Web Conference 2025","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3696410.3714710","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5060323655","display_name":"Kyungchan Lim","orcid":"https://orcid.org/0009-0001-1931-1373"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Kyungchan Lim","raw_affiliation_strings":["University of Tennessee, Knoxville, TN, USA"],"affiliations":[{"raw_affiliation_string":"University of Tennessee, Knoxville, TN, USA","institution_ids":["https://openalex.org/I75027704"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101718717","display_name":"Ki-Ho Lee","orcid":"https://orcid.org/0000-0002-8713-3863"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kiho Lee","raw_affiliation_strings":["University of Tennessee, Knoxville, TN, USA"],"affiliations":[{"raw_affiliation_string":"University of Tennessee, Knoxville, TN, USA","institution_ids":["https://openalex.org/I75027704"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042942629","display_name":"Fujiao Ji","orcid":"https://orcid.org/0000-0001-5268-0413"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Fujiao Ji","raw_affiliation_strings":["University of Tennessee, Knoxville, TN, USA"],"affiliations":[{"raw_affiliation_string":"University of Tennessee, Knoxville, TN, USA","institution_ids":["https://openalex.org/I75027704"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053834185","display_name":"Yonghwi Kwon","orcid":"https://orcid.org/0000-0002-0021-2850"},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yonghwi Kwon","raw_affiliation_strings":["University of Maryland, College Park, MD, USA"],"affiliations":[{"raw_affiliation_string":"University of Maryland, College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016563574","display_name":"Hyoungshick Kim","orcid":"https://orcid.org/0000-0002-1605-3866"},"institutions":[{"id":"https://openalex.org/I848706","display_name":"Sungkyunkwan University","ror":"https://ror.org/04q78tk20","country_code":"KR","type":"education","lineage":["https://openalex.org/I848706"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Hyoungshick Kim","raw_affiliation_strings":["Sungkyunkwan University, Suwon, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Sungkyunkwan University, Suwon, Republic of Korea","institution_ids":["https://openalex.org/I848706"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025936242","display_name":"Doowon Kim","orcid":"https://orcid.org/0000-0002-9033-990X"},"institutions":[{"id":"https://openalex.org/I75027704","display_name":"University of Tennessee at Knoxville","ror":"https://ror.org/020f3ap87","country_code":"US","type":"education","lineage":["https://openalex.org/I75027704"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Doowon Kim","raw_affiliation_strings":["University of Tennessee, Knoxville, TN, USA"],"affiliations":[{"raw_affiliation_string":"University of Tennessee, Knoxville, TN, USA","institution_ids":["https://openalex.org/I75027704"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5060323655"],"corresponding_institution_ids":["https://openalex.org/I75027704"],"apc_list":null,"apc_paid":null,"fwci":3.0778,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.89904195,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"957","last_page":"968"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/phishing","display_name":"Phishing","score":0.880795955657959},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6561980247497559},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6184908747673035},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.429357647895813},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3844570517539978},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.18024542927742004}],"concepts":[{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.880795955657959},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6561980247497559},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6184908747673035},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.429357647895813},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3844570517539978},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.18024542927742004}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3696410.3714710","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3696410.3714710","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3696410.3714710","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Web Conference 2025","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3696410.3714710","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3696410.3714710","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3696410.3714710","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Web Conference 2025","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2684781608","display_name":null,"funder_award_id":"2210137","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G2835475959","display_name":null,"funder_award_id":"2335798","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3214917878","display_name":"CAREER: Automated Forensic-in-the-Loop Cyber Defense Infrastructure","funder_award_id":"2427783","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3516191699","display_name":"SaTC: CORE: Medium: Collaborative: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse","funder_award_id":"2426653","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4409657124.pdf","grobid_xml":"https://content.openalex.org/works/W4409657124.grobid-xml"},"referenced_works_count":27,"referenced_works":["https://openalex.org/W92038636","https://openalex.org/W1983113573","https://openalex.org/W2054321243","https://openalex.org/W2057330156","https://openalex.org/W2067338315","https://openalex.org/W2076472201","https://openalex.org/W2099424498","https://openalex.org/W2510134782","https://openalex.org/W2531223178","https://openalex.org/W2743005686","https://openalex.org/W2788031314","https://openalex.org/W2807822918","https://openalex.org/W2850153722","https://openalex.org/W2909737018","https://openalex.org/W2933056782","https://openalex.org/W3007024382","https://openalex.org/W3027793461","https://openalex.org/W3152517439","https://openalex.org/W3155996479","https://openalex.org/W3172154247","https://openalex.org/W3213344964","https://openalex.org/W4212960548","https://openalex.org/W4241411570","https://openalex.org/W4379528880","https://openalex.org/W4388740191","https://openalex.org/W4396758529","https://openalex.org/W4396758642"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2149202530","https://openalex.org/W2807822918","https://openalex.org/W2921723332","https://openalex.org/W4391093354","https://openalex.org/W2482950156","https://openalex.org/W4396966040","https://openalex.org/W2305322260"],"abstract_inverted_index":{"Phishing":[0],"attacks":[1],"pose":[2],"a":[3,40,56,175],"significant":[4],"threat":[5],"to":[6,161,166,178,186,190],"Internet":[7],"users.":[8],"Understanding":[9],"the":[10,78,95,138],"security":[11,46,60,79,133],"posture":[12],"of":[13,59,81,99,137,169],"phishing":[14,65,82,102,110,122,128,141,170,182,192],"infrastructure":[15],"is":[16],"crucial":[17],"for":[18,159],"developing":[19],"effective":[20],"defense":[21,165],"strategies,":[22],"as":[23],"it":[24],"helps":[25],"identify":[26],"potential":[27,147],"weaknesses":[28,180],"that":[29,127],"attackers":[30],"might":[31],"exploit.":[32],"Despite":[33],"extensive":[34],"research,":[35],"there":[36],"may":[37],"still":[38],"be":[39],"gap":[41],"in":[42,64,101,181],"fully":[43],"understanding":[44],"these":[45],"weaknesses.":[47],"To":[48],"address":[49],"this":[50,53],"important":[51],"issue,":[52],"paper":[54],"presents":[55],"longitudinal":[57],"study":[58],"configurations":[61,80],"and":[62,67,84,89,92,97,121,149,195],"vulnerabilities":[63,100,155],"websites":[66,83,111,129],"associated":[68],"kits.":[69,103,123],"We":[70,104],"focus":[71],"on":[72],"two":[73],"main":[74],"areas:":[75],"(1)":[76],"analyzing":[77],"servers,":[85],"particularly":[86],"HTTP":[87],"headers":[88],"application-level":[90],"security,":[91],"(2)":[93],"examining":[94],"prevalence":[96],"types":[98],"analyze":[105],"data":[106],"from":[107,163],"906,731":[108],"distinct":[109],"collected":[112,140],"over":[113],"2.5":[114],"years,":[115],"covering":[116],"HTML":[117],"headers,":[118],"client-side":[119],"resources,":[120],"Our":[124,172],"findings":[125],"suggest":[126],"often":[130],"employ":[131],"weak":[132],"configurations,":[134],"with":[135],"88.8%":[136],"13,344":[139],"kits":[142],"containing":[143,151],"at":[144],"least":[145],"one":[146],"vulnerability,":[148],"12.5%":[150],"backdoor":[152],"vulnerabilities.":[153],"These":[154],"present":[156],"an":[157],"opportunity":[158],"defenders":[160,185],"shift":[162],"passive":[164],"active":[167],"disruption":[168],"operations.":[171],"research":[173],"proposes":[174],"new":[176],"approach":[177],"leverage":[179],"infrastructure,":[183],"allowing":[184],"take":[187],"proactive":[188],"actions":[189],"disable":[191],"sites":[193],"earlier":[194],"reduce":[196],"their":[197],"effectiveness.":[198]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}