2019
DOI: 10.1016/j.cose.2018.09.001
|View full text |Cite
|
Sign up to set email alerts
|

Another look at TLS ecosystems in networked devices vs. Web servers

Abstract: High-speed IPv4 scanners, such as ZMap, now enable rapid and timely collection of TLS certificates and other security-sensitive parameters. Such large datasets led to the development of the Censys search interface, facilitating comprehensive analysis of TLS deployments in the wild. Several recent studies analyzed TLS certificates as deployed in web servers. Beyond public web servers, TLS is deployed in many other Internet-connected devices, at home and enterprise environments, cyber physical systems, and at ne… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
8
0
3

Year Published

2020
2020
2024
2024

Publication Types

Select...
3
2
1

Relationship

0
6

Authors

Journals

citations
Cited by 13 publications
(11 citation statements)
references
References 27 publications
0
8
0
3
Order By: Relevance
“…Different works examine TLS deployments, i.e., the TLS and certificate configuration of Internet-facing embedded devices [57], the spread of flaws in key generation [27] or TLS implementations [61], and the shift to newer versions and features [1]. Further, related work analyzed security certificates regarding configuration [32], validity [7], wrong issuance [38], and certificate transparency logs [22].…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Different works examine TLS deployments, i.e., the TLS and certificate configuration of Internet-facing embedded devices [57], the spread of flaws in key generation [27] or TLS implementations [61], and the shift to newer versions and features [1]. Further, related work analyzed security certificates regarding configuration [32], validity [7], wrong issuance [38], and certificate transparency logs [22].…”
Section: Related Workmentioning
confidence: 99%
“…However, until now, it is unclear whether system operators adhere to such security recommendations and therefore prevent unauthorized access to modern industrial deployments. In other domains, active Internet-wide scanning has proven to be a valuable and accepted method to perform this task [23,31,57,61]. Likewise, different works identify the risks of Internet-connected industrial devices using legacy protocols without security functionality [3,20,44].…”
mentioning
confidence: 99%
“…Even scanners that are tweaked to discover such devices do not usually account for many devices due to the large variety of them [3]. Therefore, scanning such devices constitutes a great challenge that has been addressed in the literature by several works [1,3,17,25].…”
Section: Scanning Challengesmentioning
confidence: 99%
“…Others provided home users with clarified request to approve the collection of user-triggered vulnerability scanning data [11]. Other works claimed that they only queried (Passive scanning) Shodan and Censys without performing any active scanning [1,25]. The rest of the studied works either used their equipment in their networks or did not mention ethical considerations.…”
Section: Scanning Challengesmentioning
confidence: 99%
See 1 more Smart Citation