发布求助
文献互助 智能选刊 最新文献

2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)最新文献

筛选
英文 中文
Lost in Translation: AI-based Generator of Cross-Language Sound-squatting 迷失在翻译中:基于ai的跨语言蹲音生成器
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00063
R. Valentim, I. Drago, M. Mellia, Federico Cerutti
{"title":"Lost in Translation: AI-based Generator of Cross-Language Sound-squatting","authors":"R. Valentim, I. Drago, M. Mellia, Federico Cerutti","doi":"10.1109/EuroSPW59978.2023.00063","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00063","url":null,"abstract":"Sound-squatting is a phishing attack that tricks users into accessing malicious resources by exploiting similarities in the pronunciation of words. It is an understudied threat that gains traction with the popularity of smart-speakers and the resurgence of content consumption exclusively via audio, such as podcasts. Defending against sound-squatting is complex, and existing solutions rely on manually curated lists of homophones, which limits the search to a few (and mostly existing) words only. We introduce Sound-squatter, a multi-language AI-based system that generates sound-squatting candidates for proactive defense that covers over 80% of exact homophones and further generating thousands of high-quality approximated homophones. Sound-squatter relies on a state-of-art Transformer Network to learn transliteration. We search for Sound-squatter generated cross-language sound-squatting domains over hundreds of millions of emitted TLS certificates comparing with other types of squatting candidates. Our finding reveals that around 6% of generated sound-squatting candidates have emitted TLS certificates, compared to 8% of other types of squatting candidates. We believe Sound-squatter uncovers the usage of multilingual sound-squatting phenomenon on the Internet and it is a crucial asset for proactive protection against sound-squatting.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127624504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A First Look at SVCB and HTTPS DNS Resource Records in the Wild SVCB和HTTPS DNS资源记录在野外的第一眼
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00058
Johannes Zirngibl, Patrick Sattler, Georg Carle
{"title":"A First Look at SVCB and HTTPS DNS Resource Records in the Wild","authors":"Johannes Zirngibl, Patrick Sattler, Georg Carle","doi":"10.1109/EuroSPW59978.2023.00058","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00058","url":null,"abstract":"The Internet Engineering Task Force is standardizing new DNS resource records, namely SVCB and HTTPS. Both records inform clients about endpoint and service properties such as supported application layer protocols, IP address hints or Encrypted Client Hello (ECH) information. Therefore, they allow clients to reduce required DNS queries and potential retries during connection establishment and thus help to improve the quality of experience and privacy of the client. The latter is achieved by reducing visible metadata, which is further improved with encrypted DNS and ECH. The standardization is in its final stages and companies announced support, $e.g$., Cloudflare and Apple. Therefore, we provide the first large-scale overview of actual record deployment by analyzing more than 400 M domains. We find 3.96kSVCB and 10.5 M HTTPS records. As of March 2023, Cloudflare hosts and serves most domains, and most records only contain Application-Layer Protocol Negotiation (ALPN) and IP address hints. Besides Cloudflare, we see adoption by a variety of authoritative name servers and hosting providers indicating increased adoption in the near future. Lastly, we can verify the correctness of records for more than 93% of domains based on three application layer scans.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"294 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132831546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Work in Progress: Evaluation of Security Standards through a Cyber Range using Hackers’ Tactics, Techniques and Procedures 正在进行的工作:利用黑客战术、技术和程序通过网络范围评估安全标准
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00076
Patrick Wake, Sue Black, J. Young
{"title":"Work in Progress: Evaluation of Security Standards through a Cyber Range using Hackers’ Tactics, Techniques and Procedures","authors":"Patrick Wake, Sue Black, J. Young","doi":"10.1109/EuroSPW59978.2023.00076","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00076","url":null,"abstract":"We present a framework for the creation of a cyber range to test the effectiveness of security standards, policies and frameworks. These assets guide organisations on how to protect themselves from cyber threats. They have been created via a variety of methods including standards bodies, anecdotal evidence, findings from successful attacks and others. To date, however, there is not an agreed process for creating cyber ranges to conduct a practical assessment of the recommended controls. As a result, the ability of enterprises and standards bodies to judge the effectiveness of these measures is limited. Utilising hackers’ tactics, techniques, and procedures to evaluate security standards, should be an effective method for testing a lifelike cyber range which complies to a specific standard. We have started to produce the blueprint for such a laboratory, presented here to showcase our initial findings, using the Cyber Essentials framework as an initial use case. 1.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"98 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134507912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Inside Residential IP Proxies: Lessons Learned from Large Measurement Campaigns 内部住宅IP代理:从大型测量活动中学到的经验教训
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00062
Elisa Chiapponi, M. Dacier, Olivier Thonnard
{"title":"Inside Residential IP Proxies: Lessons Learned from Large Measurement Campaigns","authors":"Elisa Chiapponi, M. Dacier, Olivier Thonnard","doi":"10.1109/EuroSPW59978.2023.00062","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00062","url":null,"abstract":"Residential IP Proxy (RESIP) providers represent a growing threat when used for web scraping and other malicious activities. RESIPs enable their customers to hide behind a vast network of residential IP addresses to perpetrate their actions. This helps the customers to evade detection. Thanks to two new large datasets of RESIP connections, we reveal new insights into RESIP inner functioning and modus operandi. We present the similarities and differences of the ecosystems associated with four RESIP providers (geographic distribution, types, management and amount of machines used). Moreover, we display how two of the providers have striking similarities and we propose a specific detection method to identify them. Furthermore, we show how to build a list of suspicious /24 blocks of IP addresses and use it to mitigate the actions of malicious parties behind RESIPs.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130363262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Preliminary Study of Privilege Life Cycle in Software Management Platform Automation Workflows 软件管理平台自动化工作流中权限生命周期的初步研究
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00007
Giacomo Benedetti, Luca Verderame, A. Merlo
{"title":"A Preliminary Study of Privilege Life Cycle in Software Management Platform Automation Workflows","authors":"Giacomo Benedetti, Luca Verderame, A. Merlo","doi":"10.1109/EuroSPW59978.2023.00007","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00007","url":null,"abstract":"This paper focuses on the role of privileges in automation workflows within modern software development practices, which heavily rely on DevOps principles. Automation workflows, which are sets of automated software management processes, have become essential to software development and are integrated into software management platforms such as GitHub, GitLab, and BitBucket. However, privileges are crucial in ensuring the security and integrity of the software development process. This paper aims to identify the phases in which privileges are involved in automation workflows and analyze how these platforms handle the privilege life cycle in automation workflows to provide a better understanding of their security implications. The security discussion highlighted in this analysis aims to stimulate solutions and further research.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114780443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Unveiling the Weak Links: Exploring DNS Infrastructure Vulnerabilities and Fortifying Defenses 揭示薄弱环节:探索DNS基础设施漏洞和加强防御
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00067
Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, A. Duda, Maciej Korczyński
{"title":"Unveiling the Weak Links: Exploring DNS Infrastructure Vulnerabilities and Fortifying Defenses","authors":"Yevheniya Nosyk, Olivier Hureau, Simon Fernandez, A. Duda, Maciej Korczyński","doi":"10.1109/EuroSPW59978.2023.00067","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00067","url":null,"abstract":"In the past decades, DNS has gradually risen into one of the most important systems on the Internet. Malicious actors have long misused it in reflection and amplification DDoS attacks, but given its criticality, DNS quickly became an attractive attack target itself. There appeared a number of activities that make use of domain names and the DNS protocol to perform illegal actions, collectively referred to as DNS abuse. In this paper, we measure the landscape of DNS infrastructure vulnerabilities across millions of recursive resolvers and authoritative nameservers. We enumerate domain names deploying cache poisoning protection (DNSSEC), email authentication (SPF/DMARC), and resolvers accepting DNS requests from arbitrary clients. We show that DNS infrastructure is not sufficiently protected against cybersecurity threats and propose a set of recommendations to mitigate the existing problems. Conducted in the frame of a European Commission project, our findings will be considered for inclusion in the upcoming European Union legislation on cybersecurity.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125855636","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Mapping the Cyberstalking Landscape: An Empirical Analysis of Federal U.S Crimes 绘制网络跟踪景观:美国联邦犯罪的实证分析
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00029
Sasha Romanosky, Peter Schirmer
{"title":"Mapping the Cyberstalking Landscape: An Empirical Analysis of Federal U.S Crimes","authors":"Sasha Romanosky, Peter Schirmer","doi":"10.1109/EuroSPW59978.2023.00029","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00029","url":null,"abstract":"Among the new forms of technology-facilitated abuses, cyberstalking has become a growing and important problem. Cyberstalking involves the use of technology to stalk, threaten, or harass one or more individuals. For example, it can include tracking and intimidating a victim over social media, email, or text messages, or threatening to expose someone’s intimate photographs (sextortion). Cyberstalking has become a mechanism used by current or former domestic or intimate-partners, lone perpetrators, individuals targeting victims based on their employment or public image, and members of extremist groups. The innovations of this research are twofold. First, using multiple data sets, we developed an automated capability to identify and collect the complete set of all federally prosecuted cyberstalking cases in the U.S.. Second, we employ natural language processing, network, and regression methods to code and analyze the court records. We apply these methods in order to answer three main research questions: how many federal cyberstalking cases are there?; what kinds of stalking behavior are being committed?; and what characteristics are correlated with conviction and severity of punishment?","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"325 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132798868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Assessing and Exploiting Domain Name Misinformation 评估和利用域名错误信息
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00059
Blake Anderson, D. McGrew
{"title":"Assessing and Exploiting Domain Name Misinformation","authors":"Blake Anderson, D. McGrew","doi":"10.1109/EuroSPW59978.2023.00059","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00059","url":null,"abstract":"Cloud providers’ support for network evasion techniques that misrepresent the server’s domain name is more prevalent than previously believed, which has serious implications for security and privacy due to the reliance on domain names in common security architectures. Domain fronting is one such evasive technique used by privacy enhancing technologies and malware to hide the domains they visit, and it uses shared hosting and HTTPS to present a benign domain to observers while signaling the target domain in the encrypted HTTP request. In this paper, we construct an ontology of domain name misinformation and detail a novel measurement methodology to identify support among cloud infrastructure providers. Despite several of the largest cloud providers having publicly stated that they no longer support domain fronting, our findings demonstrate a more complex environment with many exceptions.We also present a novel and straightforward attack that allows an adversary to man-in-the-middle all the victim’s encrypted traffic bound to a content delivery network that supports domain fronting, breaking the authenticity, confidentiality, and integrity guarantees expected by the victim when using HTTPS. By using dynamic linker hijacking to rewrite the HTTP Host field, our attack does not generate any artifacts that are visible to the victim or passive network monitoring solutions, and the attacker does not need a separate channel to exfiltrate data or perform command-and-control, which can be achieved by rewriting HTTP headers.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128775403","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Comparing Privacy Label Disclosures of Apps Published in both the App Store and Google Play Stores 比较在App Store和Google Play商店发布的应用的隐私标签披露情况
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00022
David Rodriguez, Akshatha Jain, J. D. Álamo, N. Sadeh
{"title":"Comparing Privacy Label Disclosures of Apps Published in both the App Store and Google Play Stores","authors":"David Rodriguez, Akshatha Jain, J. D. Álamo, N. Sadeh","doi":"10.1109/EuroSPW59978.2023.00022","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00022","url":null,"abstract":"Apple and Android introduced privacy labels in 2020 and 2022 respectively as a way of providing consumers with succinct summaries of mobile apps’ more salient data practices. A number of apps are published in both stores, offering us the opportunity to compare their privacy label disclosures in the two app stores. This paper compares the data practices privacy labels are intended to capture in each store. It then proceeds to analyze the disclosures of 822 apps published in both app stores, focusing on possible discrepancies. This analysis reveals that privacy label disclosures of what is ostensibly the same mobile app can be quite different. We discuss the different possible reasons behind these differences, including the possibility that these discrepancies might be indicative of potential privacy compliance issues. In particular, focusing on data collection disclosures of five different data types (location, contact info, sensitive info, identifiers, and health & fitness) we find discrepancies between iOS and Google Play privacy label disclosures in 66.5% of the mobile apps we analyze.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"347 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115463473","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
ARCSG: Advancing Resilience of Cyber-Physical Smart Grid: An Integrated Co-Simulation Approach Incorporating Indicators of Compromise 提高网络物理智能电网的弹性:一种包含妥协指标的集成联合仿真方法
2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Pub Date : 2023-07-01 DOI: 10.1109/EuroSPW59978.2023.00047
Mohammed Asiri, N. Saxena, P. Burnap
{"title":"ARCSG: Advancing Resilience of Cyber-Physical Smart Grid: An Integrated Co-Simulation Approach Incorporating Indicators of Compromise","authors":"Mohammed Asiri, N. Saxena, P. Burnap","doi":"10.1109/EuroSPW59978.2023.00047","DOIUrl":"https://doi.org/10.1109/EuroSPW59978.2023.00047","url":null,"abstract":"Modelling and simulation techniques offer cost-effective solutions for developing frameworks and modules that address the intertwined cyber-physical security challenges in the Smart Grid (SG) domain. While some existing co-simulation approaches consider both communication networks and power systems, they often overlook the importance of incorporating Indicators of Compromise (IOCs) in their analysis, which are crucial for detecting and mitigating cyber threats.In response to this gap, we introduce ARCSG, a co-simulation approach to study and enhance the resilience of complex cyber-physical power systems against cyber threats, with a particular focus on incorporating IOCs. Our design employs the Common Open Research Emulator (CORE) to emulate the cyber network and uses PowerWorld to model the power system processes. We incorporate control system components such as OpenPLC and ScadaBR. The co-simulation supports various protocols for monitoring and controlling the grid, such as Modbus, DNP3, ICCP, and PCCC. We demonstrate the effectiveness of our design by validating it through a false command attack on a PowerWorld case. Our approach aims to bolster the detection and mitigation of cyber threats by facilitating an advanced post-incident analysis. Such analysis empowers operators to rapidly identify the severity of a security violation, understand the strategies the adversary employed to initially breach security defences, and evaluate the comprehensive impact of the incident.","PeriodicalId":220415,"journal":{"name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114395321","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信