دانلود مقاله انگلیسی رایگان:نگاهی دیگر به اکوسیستم های TLS در دستگاه های تحت شبکه در مقابل سرورهای وب - 2019
بلافاصله پس از پرداخت دانلود کنید
دانلود مقاله انگلیسی رمزنگاری رایگان
  • Another look at TLS ecosystems in networked devices vs: Web servers Another look at TLS ecosystems in networked devices vs: Web servers
    Another look at TLS ecosystems in networked devices vs: Web servers

    سال انتشار:

    2019


    عنوان انگلیسی مقاله:

    Another look at TLS ecosystems in networked devices vs: Web servers


    ترجمه فارسی عنوان مقاله:

    نگاهی دیگر به اکوسیستم های TLS در دستگاه های تحت شبکه در مقابل سرورهای وب


    منبع:

    Sciencedirect - Elsevier - Computers & Security, 80 (2019) 1-13: doi:10:1016/j:cose:2018:09:001


    نویسنده:

    Nayanamana Samarasinghe ∗, Mohammad Mannan


    چکیده انگلیسی:

    High-speed IPv4 scanners, such as ZMap, now enable rapid and timely collection of TLS certificates and other security-sensitive parameters. Such large datasets led to the devel- opment of the Censys search interface, facilitating comprehensive analysis of TLS deploy- ments in the wild. Several recent studies analyzed TLS certificates as deployed in web servers. Beyond public web servers, TLS is deployed in many other Internet-connected devices, at home and enterprise environments, cyber physical systems, and at network back- bones. In April 2017, we reported the results of a preliminary analysis based on measure- ment data of TLS deployments in such devices (e.g., routers, modems, NAS, printers, SCADA, and IoT devices in general) collected in Oct. 2016 using Censys. We also compared certificates and TLS connection parameters from a security perspective, as found in common devices against top Alexa sites. Censys has evolved since then and its data volume has increased with the addition of several new device types. In this paper, we perform a similar but more comprehensive measurement study to assess TLS vulnerabilities in devices, and compare our current results with our 2016 findings, showing how such systems have evolved in the last one and half year. Indeed, there are noticeable improvements in the TLS ecosystem for devices, especially in terms of adoption of TLS itself (from 29.4% in 2016 to 73.7% in 2018) and stronger cryptographic primitives. However, we also note the continuity of significant weaknesses in devices for which immediate remediation is warranted (e.g., the use of known private keys, SSLv3, MD5-RSA, and RC4). We have also contacted the top manufacturers of vulnerable devices to convey our findings. Most of them blamed users for not updating their devices with latest firmware images that apparently would mitigate the reported findings.
    Keywords:CPS | IoT | SCADA | TLS | Certificates | Cryptographic primitives


    سطح: متوسط
    تعداد صفحات فایل pdf انگلیسی: 13
    حجم فایل: 1940 کیلوبایت

    قیمت: رایگان


    توضیحات اضافی:




اگر این مقاله را پسندیدید آن را در شبکه های اجتماعی به اشتراک بگذارید (برای به اشتراک گذاری بر روی ایکن های زیر کلیک کنید)

تعداد نظرات : 0

الزامی
الزامی
الزامی
rss مقالات ترجمه شده rss مقالات انگلیسی rss کتاب های انگلیسی rss مقالات آموزشی