Mohammed Awad, Aisha El Allam, Khouloud Salameh, Reem Al Mazrouei
{"title":"网络钓鱼的合法性:使用SSL证书诱骗互联网用户","authors":"Mohammed Awad, Aisha El Allam, Khouloud Salameh, Reem Al Mazrouei","doi":"10.1109/ICECTA57148.2022.9990241","DOIUrl":null,"url":null,"abstract":"This paper examines the impact of making Hypertext Transfer Protocol Secure (HTTPS) certificates more accessible to the public. On the one hand, such an approach facilitates the process for small and large businesses to acquire certifications from Certificate Authorities (CAs), making their clients feel secure. On the other hand, such accessibility enabled many phishers to take advantage of this and pose as legitimate entities. This paper illustrates the phishers' eagerness to imitate existing websites. Furthermore, we will explore the role and responsibility of several parties, namely the Certificate Authority (CA), the browser provider, the website, and the Internet users. The paper also analyzes the results of a survey conducted to determine university students' understanding of HTTPS meaning and offers recommendations to overcome this issue.","PeriodicalId":337798,"journal":{"name":"2022 International Conference on Electrical and Computing Technologies and Applications (ICECTA)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Phishing for Legitimacy: The Use of SSL Certificates to Ensnare Internet Users\",\"authors\":\"Mohammed Awad, Aisha El Allam, Khouloud Salameh, Reem Al Mazrouei\",\"doi\":\"10.1109/ICECTA57148.2022.9990241\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper examines the impact of making Hypertext Transfer Protocol Secure (HTTPS) certificates more accessible to the public. On the one hand, such an approach facilitates the process for small and large businesses to acquire certifications from Certificate Authorities (CAs), making their clients feel secure. On the other hand, such accessibility enabled many phishers to take advantage of this and pose as legitimate entities. This paper illustrates the phishers' eagerness to imitate existing websites. Furthermore, we will explore the role and responsibility of several parties, namely the Certificate Authority (CA), the browser provider, the website, and the Internet users. The paper also analyzes the results of a survey conducted to determine university students' understanding of HTTPS meaning and offers recommendations to overcome this issue.\",\"PeriodicalId\":337798,\"journal\":{\"name\":\"2022 International Conference on Electrical and Computing Technologies and Applications (ICECTA)\",\"volume\":\"62 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Electrical and Computing Technologies and Applications (ICECTA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICECTA57148.2022.9990241\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Electrical and Computing Technologies and Applications (ICECTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICECTA57148.2022.9990241","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Phishing for Legitimacy: The Use of SSL Certificates to Ensnare Internet Users
This paper examines the impact of making Hypertext Transfer Protocol Secure (HTTPS) certificates more accessible to the public. On the one hand, such an approach facilitates the process for small and large businesses to acquire certifications from Certificate Authorities (CAs), making their clients feel secure. On the other hand, such accessibility enabled many phishers to take advantage of this and pose as legitimate entities. This paper illustrates the phishers' eagerness to imitate existing websites. Furthermore, we will explore the role and responsibility of several parties, namely the Certificate Authority (CA), the browser provider, the website, and the Internet users. The paper also analyzes the results of a survey conducted to determine university students' understanding of HTTPS meaning and offers recommendations to overcome this issue.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
