Book ChapterDOI
Risk Evaluation of X.509 Certificates – A Machine Learning Application
Varsharani Hawanna,Vrushali Kulkarni,Rashmi Rane,Pooja Joshi +3 more
- pp 372-389
Reads0
Chats0
TLDR
A framework which computes risk associated with X.509 certificates with the assistance of certain trust criteria and attributes is introduced and can be applied in browser-server communication and identifying real-time phishing websites which have Https URLs.Abstract:
X.509 certificates empower to reveal the unique identity of the parties participating in the conversation. Right now, during online exchanges, many people and groups are using X.509 certificates to represent their identity, so the level of excellence and reliability of these certificates become dubious. Hence, we introduced a framework which computes risk associated with X.509 certificates with the assistance of certain trust criteria and attributes. For assessing risk related with certificate, we utilized Random Forest ensemble machine learning algorithm, which categorizes risk in three levels- High, Medium and Low. User needs to input the certificate and the system will predict the risk associated with that certificate. If predicted risk is high or medium, system will specify the parameter due to which it triggers risk. Our framework can be applied in browser-server communication and identifying real-time phishing websites which have Https URLs.read more
References
More filters
Proceedings ArticleDOI
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations
TL;DR: This work designs, implements, and applies the first methodology for large-scale testing of certificate validation logic in SSL/TLS implementations, and implements and applies "frankencerts," synthetic certificates that are randomly mutated from parts of real certificates and thus include unusual combinations of extensions and constraints.
Journal ArticleDOI
adabag: An R Package for Classification with Boosting and Bagging
TL;DR: In this paper, the adabag R package is introduced and AdaBoost.M1, SAMME and bagging algorithms with classification trees as base classifiers are implemented.
Book
Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
TL;DR: This extensively revised second edition of the best-selling Practical Packet Analysis will teach you how to make sense of your PCAP data and identify and resolve common network problems like loss of connectivity, DNS issues, sluggish speeds, and malware infections.
Proceedings ArticleDOI
Beyond the lock icon: real-time detection of phishing websites using public key certificates
TL;DR: This work proposes a machine-learning approach to detect phishing websites using features from their X.509 public key certificates, and illustrates that this certificate-based approach greatly increases the difficulty of masquerading undetected for phishers, with single millisecond delays for users.
Journal ArticleDOI
A formal model of trust for calculating the quality of X.509 certificate
TL;DR: This paper provides users with quantitative information of the confidence a relying party can have about a certificate (QoCER) and presents a formal model of trust to calculate these values.