loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Author: Steph Rudd

Affiliation: Centre of Excellence in Terrorism, Resilience, Intelligence and Organised Crime Research, CENTRIC, Sheffield Hallam University, Sheffield, U.K.

Keyword(s): Security, Certificates, X.509, SSL, TLS, Ransomware, Remote Interrogation, CA, PKI, OpenSSL.

Abstract: “Got Root?” Presented herewith is an innovative approach to ransomware defence by interrogating the security certificate chain pertaining to modern website security. It is a proactive strategy to scrutinise the online resources prior to download for assessment of likelihood that ransomware may be present as a result of inconsistencies between the URL and its security certificate. OpenSSL is employed for interrogating certificate attributes, including characteristics such as domain mismatch and revocation status, through the systematic approach of certificate retrieval, parsing and validation. Whilst not a ‘silver bullet solution’ to the wider realm of ransomware attacks, this study presents a nuanced approach to suspicion detected under certificate-related vulnerabilities at a preemptive and reconnaissance stage of hazard - a necessary basis for any subsequent cyber security investigation.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.118.119.77

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Rudd, S. (2024). Ransomware Reconnaissance: Interrogating Certificates Towards Proactive Threat Mitigation. In Proceedings of the 9th International Conference on Internet of Things, Big Data and Security - IoTBDS; ISBN 978-989-758-699-6; ISSN 2184-4976, SciTePress, pages 97-106. DOI: 10.5220/0012710600003705

@conference{iotbds24,
author={Steph Rudd.},
title={Ransomware Reconnaissance: Interrogating Certificates Towards Proactive Threat Mitigation},
booktitle={Proceedings of the 9th International Conference on Internet of Things, Big Data and Security - IoTBDS},
year={2024},
pages={97-106},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012710600003705},
isbn={978-989-758-699-6},
issn={2184-4976},
}

TY - CONF

JO - Proceedings of the 9th International Conference on Internet of Things, Big Data and Security - IoTBDS
TI - Ransomware Reconnaissance: Interrogating Certificates Towards Proactive Threat Mitigation
SN - 978-989-758-699-6
IS - 2184-4976
AU - Rudd, S.
PY - 2024
SP - 97
EP - 106
DO - 10.5220/0012710600003705
PB - SciTePress