Harvesting SSL Certificate Data to Identify Web-Fraud [article]

Mishari Al Mishari, Emiliano De Cristofaro, Karim El Defrawy, Gene Tsudik
2012 arXiv   pre-print
Web-fraud is one of the most unpleasant features of today's Internet. Two well-known examples of fraudulent activities on the web are phishing and typosquatting. Their effects range from relatively benign (such as unwanted ads) to downright sinister (especially, when typosquatting is combined with phishing). This paper presents a novel technique to detect web-fraud domains that utilize HTTPS. To this end, we conduct the first comprehensive study of SSL certificates. We analyze certificates of
more » ... gitimate and popular domains and those used by fraudulent ones. Drawing from extensive measurements, we build a classifier that detects such malicious domains with high accuracy.
arXiv:0909.3688v4 fatcat:3cj37ibtsffgfjbk7ugn3wuxqy