all InfoSec news
Active TLS Stack Fingerprinting: Characterizing TLS Server Deployments at Scale. (arXiv:2206.13230v2 [cs.NI] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Active measurements can be used to collect server characteristics on a large
scale. This kind of metadata can help discovering hidden relations and
commonalities among server deployments offering new possibilities to cluster
and classify them. As an example, identifying a previously-unknown
cybercriminal infrastructures can be a valuable source for cyber-threat
intelligence. We propose herein an active measurement-based methodology for
acquiring Transport Layer Security (TLS) metadata from servers and leverage it
for their fingerprinting. Our fingerprints capture the characteristic behavior
of …
acquiring capture cluster collect cyber cybercriminal fingerprinting fingerprints hidden intelligence large measurement metadata scale security server servers threat threat intelligence tls transport transport layer security