SOUPS 2019: Analyzing Phishing Website Certificates π
Examining public key certificates of phishing sites to understand their security and deception tactics.
USENIX
241 views β’ Sep 30, 2019
About this video
Certified Phishing: Taking a Look at Public Key Certificates of Phishing Websites
Vincent Drury, Department of Computer Science, RWTH Aachen University
The share of phishing websites using HTTPS has been constantly increasing over the last years. As a consequence, the simple user advice to check whether a website is HTTPS-protected is no longer effective against phishing. At the same time, the use of certificates in the context of phishing raises the question if the information contained in them could be used to detect phishing websites. In this paper we take a first step towards answering this question. To this end, we analyze almost 10000 valid certificates queried from phishing websites and compare them to almost 40000 certificates collected from benign sites. Our analysis shows that it is generally impossible to differentiate between benign sites and phishing sites based on the content of their certificates alone. However, we present empirical evidence that current phishing websites for popular targets do typically not replicate the issuer and subject information.
View the full SOUPS 2019 program at https://www.usenix.org/conference/usenixsoups19/technical-sessions
Vincent Drury, Department of Computer Science, RWTH Aachen University
The share of phishing websites using HTTPS has been constantly increasing over the last years. As a consequence, the simple user advice to check whether a website is HTTPS-protected is no longer effective against phishing. At the same time, the use of certificates in the context of phishing raises the question if the information contained in them could be used to detect phishing websites. In this paper we take a first step towards answering this question. To this end, we analyze almost 10000 valid certificates queried from phishing websites and compare them to almost 40000 certificates collected from benign sites. Our analysis shows that it is generally impossible to differentiate between benign sites and phishing sites based on the content of their certificates alone. However, we present empirical evidence that current phishing websites for popular targets do typically not replicate the issuer and subject information.
View the full SOUPS 2019 program at https://www.usenix.org/conference/usenixsoups19/technical-sessions
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
241
Likes
1
Duration
20:32
Published
Sep 30, 2019