Analyzing third party service dependencies in modern web services: Have we learned from the mirai-dyn incident?
Many websites rely on third parties for services (eg, DNS, CDN, etc.). However, it also
exposes them to shared risks from attacks (eg, Mirai DDoS attack [24]) or cascading failures …
exposes them to shared risks from attacks (eg, Mirai DDoS attack [24]) or cascading failures …
TLS 1.3 in practice: How TLS 1.3 contributes to the internet
Transport Layer Security (TLS) has become the norm for secure communication over the
Internet. In August 2018, TLS 1.3, the latest version of TLS, was approved, providing …
Internet. In August 2018, TLS 1.3, the latest version of TLS, was approved, providing …
Let's revoke: Scalable global certificate revocation
T Smith, L Dickinson, K Seamons - Network and Distributed Systems …, 2020 - par.nsf.gov
Current revocation strategies have numerous issues that prevent their widespread adoption
and use, including scalability, privacy, and new infrastructure requirements. Consequently …
and use, including scalability, privacy, and new infrastructure requirements. Consequently …
An evaluation of X. 509 certificate revocation and related privacy issues in the web PKI ecosystem
DG Berbecaru, A Lioy - IEEE Access, 2023 - ieeexplore.ieee.org
Supporting users to transact with websites securely in a privacy-preserving manner has
become more challenging than ever in the web ecosystem based on public key …
become more challenging than ever in the web ecosystem based on public key …
A Lightweight Authentication Scheme Based on Consortium Blockchain for Cross‐Domain IoT
Internet of Things (IoT) has been ubiquitous in both industrial and living areas, but also
known for its weak security. Being as the first defense line against various cyberattacks …
known for its weak security. Being as the first defense line against various cyberattacks …
Each at its own pace: Third-party dependency and centralization around the world
R Kumar, S Asif, E Lee, FE Bustamante - Proceedings of the ACM on …, 2023 - dl.acm.org
We describe the results of a large-scale study of third-party dependencies around the world
based on regional top-500 popular websites accessed from vantage points in 50 countries …
based on regional top-500 popular websites accessed from vantage points in 50 countries …
A longitudinal and comprehensive measurement of dns strict privacy
The DNS privacy protection mechanisms, DNS over TLS (DoT) and DNS over HTTPS (DoH),
only work correctly if both the server and client support the Strict Privacy profile and no …
only work correctly if both the server and client support the Strict Privacy profile and no …
EFACTLS: Effective Active TLS Fingerprinting for Large-scale Server Deployment Characterization
Active measurements allow the collection of server characteristics on a large scale that can
aid in discovering hidden relations and commonalities among server deployments. Finding …
aid in discovering hidden relations and commonalities among server deployments. Finding …
Website fingerprinting with website oracles
T Pulls, R Dahlberg - Proceedings on Privacy Enhancing …, 2020 - petsymposium.org
Website Fingerprinting (WF) attacks are a subset of traffic analysis attacks where a local
passive attacker attempts to infer which websites a target victim is visiting over an encrypted …
passive attacker attempts to infer which websites a target victim is visiting over an encrypted …
Active TLS stack fingerprinting: characterizing TLS server deployments at scale
Active measurements can be used to collect server characteristics on a large scale. This
kind of metadata can help discovering hidden relations and commonalities among server …
kind of metadata can help discovering hidden relations and commonalities among server …