A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Identifying the Phishing Websites Using the Patterns of TLS Certificates
2021
Journal of Cyber Security and Mobility
Preserved Fulltext
With the recent rise of HTTPS adoption on the Web, attackers have begun "HTTPSifying" phishing websites. ...
Furthermore, we developed a real-time monitoring system using the analysis techniques. We demonstrate its usefulness for the practical security operation. ...
Furthermore, the recent rise in freely available certificate authorities (CAs), such as Let's Encrypt [21] and cPanel [8] , has lowered the barriers to deploying HTTPS on a website. ...
doi:10.13052/jcsm2245-1439.1026
fatcat:wc3qtjl47zbq7m3y5rbud4k74q
Optimizing Anti-Phishing Solutions Based on User Awareness, Education and the Use of the Latest Web Security Solutions
2010
Informatică economică
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The present economic crisis is an added argument for the great increase in number of attempts to cheat internet users, both businesses and private ones. ...
Phishing has grown significantly in volume over the time, becoming the most usual web threat today. ...
Anti-Phishing Best Practices: EV-SSL Online trust has eroded significantly in the past two years according to analyst reports, with threats of phishing and harming growing each day. ...
doaj:7bc180ad6d7b4369ac9a462338952399
fatcat:gxpj2mssjjdxnke73lf65vmixu
Unravelling Ariadne's Thread: Exploring the Threats of Decentralised DNS
2020
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Specifically, we explore a part of the blockchain DNS ecosystem in terms of the browser extensions using such technologies, the chain itself (Namecoin and Emercoin), the domains, and users who have been ...
However, such an alternative comes with its own security concerns and issues, as any introduction and adoption of a new technology typically does -let alone a disruptive one. ...
Similarly, in an attempt to reduce the level of trust in certificate authorities, Guan et al. ...
doi:10.1109/access.2020.3004727
fatcat:wvydbzpl2zgfrjwdv3ngn7nxha
Unravelling Ariadne's Thread: Exploring the Threats of Decentalised DNS
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this regard, we explore a part of the blockchain DNS ecosystem in terms of the browser extensions using such technologies, the chain itself (Namecoin and Emercoin), the domains, and users which have ...
In this work, we discuss a number of associated threats, including emerging ones, and we validate many of them with real-world data. ...
The content of this article does not reflect the official opinion of the European Union. Responsibility for the information and views expressed therein lies entirely with the authors. ...
arXiv:1912.03552v1
fatcat:xpefdbo3x5hvvln33ar5ubkswu
An Empirical Evaluation of Security Indicators in Mobile Web Browsers
2015
IEEE Transactions on Mobile Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
However, the drastic reduction in screen size and the accompanying reorganization of screen real-estate significantly changes the use and consistency of the security indicators and certificate information ...
In this paper, we perform the first measurement of the state of critical security indicators in mobile browsers. ...
Any opinions, findings, conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the National Science Foundation. ...
doi:10.1109/tmc.2013.90
fatcat:i5cnduvejvdhzh44barp2u5fki
D10.10 –Standardisation activities plan and report-initial version
2021
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
The aim of this document, as the title represents, is to contribute to standardisation activities of ENSURESEC platform based on plan and report which will be a result of this Deliverable.This deliverable ...
will develop in its full potential in later stage of project lifecycle as this deliverable D10.10 is initial part of upcoming deliverable D10.11, which will represent the final version of Standardisation ...
E-commerce Security Best Practices There is a wide range of security measures that can be applied to mitigate the risk to the security of e-commerce ecosystems. ...
doi:10.5281/zenodo.6323340
fatcat:ibw2b4urjralfmpsndki4q47fy
Who ya gonna call? (Alerting Authorities): Measuring Namespaces, Web Certificates, and DNSSEC
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
In this paper, we take a first look at Alerting Authorities (AA) in the US and investigate security measures related to trustworthy and secure communication. ...
Our analysis shows two major shortcomings: About 50% of organizations do not own their dedicated domain names and are dependent on others, 55% opt for unrestricted-use namespaces, which simplifies phishing ...
This work was supported in parts by the German Federal Ministry of Education and Research (BMBF) within the projects I3 and Deutsches Internet-Institut (grant no. 16DII111). ...
arXiv:2008.10497v2
fatcat:2qv4vpwqp5gozpqgaz3f75bdcq
Hiding in Plain Sight
2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Other Versions
In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register domains that combine a popular trademark with one or more phrases (e.g., betterfacebook[. ...
Our results suggest that combosquatting is a real problem that requires increased scrutiny by the security community. ...
ACKNOWLEDGMENTS The authors would like to thank the anonymous reviewers for their valuable comments and helpful suggestions. This ...
doi:10.1145/3133956.3134002
dblp:conf/ccs/KintisMLCGPNA17
fatcat:kkdy7lgxljhhfi425lowl2ts6u
Uncovering Security Vulnerabilities in the Belkin WeMo Home Automation Ecosystem
2019
2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this paper, we demonstrate that this is also the case of home automation applications, as we uncover a set of previously undocumented security issues in the Belkin WeMo ecosystems. ...
The lack of appropriate security protections in these devices is thus of increasing concern for the Internet of Things (IoT) industry, yet manufacturers' ongoing efforts remain superficial. ...
CONCLUSION In this paper we undertook a security analysis of the Belkin WeMo ecosystem. ...
doi:10.1109/percomw.2019.8730685
dblp:conf/percom/LiuSP19
fatcat:r2bqauaokbhyljnnalonwi3ro4
The Need for Cyber Resilient Enterprise Distributed Ledger Risk Management Framework
2020
The Journal of British Blockchain Association
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The most significant existing attack vector for enterprise DLs is the public key infrastructure (PKI), which is fundamental in securing the Internet and enterprise DLs and is a core component of authentication ...
These attacks can lead to disruption of service, damage of reputation and trust, injury to human life, and the loss of intellectual property, assets, regulated data, and global economic security. ...
years of follow-on research, analysis, and testing for a suitable "drop-in replacement" to be identified or developed. ...
doi:10.31585/jbba-3-1-(5)2020
fatcat:v2ywafhtozhppgfnkknmuvkcq4
Cybersecurity Resilience in Digital Society – the Practical Approach
[chapter]
2021
Internet and New Technologies Law
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
in Poland. ...
It gives an overview of national and international activities and those of the European Commission to increase security and situational awareness. ...
<https://safecode.org> accessed 1 June 2021. 27 <https://en.nask.pl/eng/activities/certification> accessed 1 June 2021.Cybersecurity Resilience in Digital Society -the Practical Approach ...
doi:10.5771/9783748926979-405
fatcat:a34c6x7hsvbuxau7qyqfmviurq
Security Economics in the HTTPS Value Chain
2013
Social Science Research Network
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Next, we explore the security incentives of CAs via the empirical analysis of the market for SSL certificates, based on the SSL Observatory dataset. ...
We conceptualize the security issues from the perspective of the HTTPS value chain. We then discuss the breaches at several Certificate Authorities (CAs). ...
As far as the authors are aware of, this research project is the first in-depth multi-disciplinary analysis of HTTPS governance. ...
doi:10.2139/ssrn.2277806
fatcat:3kayzfbn3jdd3dt6uvcpnkddbq
Brain leaks and consumer neurotechnology
2018
Nature Biotechnology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Checks and Balances In order to strengthen the SSL/TLS ecosystem, Symantec has pushed for the widespread adoption of DNS Certification Authority Authorization (CAA). ...
BEST PRACTICE GUIDELINES FOR BUSINESSES While there are tools to help you keep your website ecosystem secure, it all starts with education. ...
Protect Private Keys Make sure to get your digital certificates from an established, trustworthy certificate authority that demonstrates excellent security practices. ...
doi:10.1038/nbt.4240
pmid:30188521
fatcat:dwoyvyborfdifdkklju3p3qek4
When HTTPS Meets CDN: A Case of Authentication in Delegated Service
2014
2014 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Our study reveals various problems with the current HTTPS practice adopted by CDN providers, such as widespread use of invalid certificates, private key sharing, neglected revocation of stale certificates ...
While some of those problems are operational issues only, others are rooted in the fundamental semantic conflict between the end-to-end nature of HTTPS and the man-in-the-middle nature of CDN involving ...
This work is supported by the National Natural Science Foundation of China (Grant No. 61161140454). ...
doi:10.1109/sp.2014.12
dblp:conf/sp/LiangJDLWW14
fatcat:bxfsnheejvdozfiqaamxmcrfra
Classification of SSL Servers based on their SSL Handshake for Automated Security Assessment
2014
2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The results also showed that the majority of the SSL/TLS servers had seemingly risky certificates, and used both risky protocol versions and encryption algorithms. ...
The Secure Socket Layer (SSL) and Transport Layer Security (TLS) are the most widely deployed security protocols used in systems required to secure information such as online banking. ...
The Zmap Team [15] at the University of Michigan [14] , [24] and Rapid 7 [23] , [35] provide two datasets: SSL certificate and HTTPS Ecosystem. ...
doi:10.1109/badgers.2014.10
dblp:conf/badgers/PukkawannaBGKD14
fatcat:f6umvx4dvfampicg6t427akhs4
« Previous
Showing results 1 — 15 out of 480 results