2017
DOI: 10.1007/978-3-319-70972-7_30
|View full text |Cite
|
Sign up to set email alerts
|

Short Paper: TLS Ecosystems in Networked Devices vs. Web Servers

Abstract: Recently, high-speed IPv4 scanners, such as ZMap, have enabled rapid and timely collection of TLS certificates and other security-sensitive parameters. Such large datasets led to the development of the Censys search interface, facilitating comprehensive analysis of TLS deployments in the wild. Several recent studies analyzed TLS certificates as deployed in web servers. Beyond public web servers, TLS is deployed in many other Internet-connected devices, at home and enterprise environments, and at network backbo… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
10
0

Year Published

2017
2017
2023
2023

Publication Types

Select...
5
1

Relationship

1
5

Authors

Journals

citations
Cited by 14 publications
(10 citation statements)
references
References 20 publications
0
10
0
Order By: Relevance
“…The low response rate in the IPs dataset compared to the top and random domains datasets is very likely attributed to SSL v3 devices as our inspection client does not support SSL v3, while the scanning client does. It is also very likely that those non-responding IPs are mostly for network devices since using legacy versions in network devices is more common than that in ordinary web servers [37].…”
Section: Resultsmentioning
confidence: 99%
“…The low response rate in the IPs dataset compared to the top and random domains datasets is very likely attributed to SSL v3 devices as our inspection client does not support SSL v3, while the scanning client does. It is also very likely that those non-responding IPs are mostly for network devices since using legacy versions in network devices is more common than that in ordinary web servers [37].…”
Section: Resultsmentioning
confidence: 99%
“…Alvarez [3] used the Extended File Information (EXIF) metadata in JPEG files to generate fingerprints, and Bongard [9] studied the implementation differences among the PNG codecs used with the most popular web application platforms. Samarasinghe and Mannan [28] used TLS/SSL certificate details to fingerprint embedded devices.…”
Section: Related Workmentioning
confidence: 99%
“…Chung et al [17] analyzed over 80 million invalid TLS certificates, and attribute most of them to network devices, including modems/home routers, VPNs, NAS, firewalls, IP cameras and IPTVs. In Oct. 2016, we studied the state of the TLS ecosystem for networked devices [18] and found many devices using cryptographic primitives that are phased out from modern browsers and web servers.…”
Section: Introductionmentioning
confidence: 99%
“…Our current study is more comprehensive (cf. [18], conducted in Oct. 2016) as new device types and more data relating to devices are added to Censys since 2016. Although the rate of adoption of TLS is remarkable for devices between 2016 and 2018, the use of weak primitives haven't reduced significantly.…”
Section: Introductionmentioning
confidence: 99%