About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Communications and Networking. 14th EAI International Conference, ChinaCom 2019, Shanghai, China, November 29 – December 1, 2019, Proceedings, Part I

Research Article

Towards a Complete View of the SSL/TLS Service Ports in the Wild

Download(Requires a free EAI acccount)
2 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-41114-5_41,
        author={Peipei Fu and Mingxin Cui and Zhenzhen Li},
        title={Towards a Complete View of the SSL/TLS Service Ports in the Wild},
        proceedings={Communications and Networking. 14th EAI International Conference, ChinaCom 2019, Shanghai, China, November 29 -- December 1, 2019, Proceedings, Part I},
        proceedings_a={CHINACOM},
        year={2020},
        month={2},
        keywords={SSL/TLS Security Service port Certificate Measurement},
        doi={10.1007/978-3-030-41114-5_41}
    }
    
  • Peipei Fu
    Mingxin Cui
    Zhenzhen Li
    Year: 2020
    Towards a Complete View of the SSL/TLS Service Ports in the Wild
    CHINACOM
    Springer
    DOI: 10.1007/978-3-030-41114-5_41
Peipei Fu1,*, Mingxin Cui1, Zhenzhen Li1
  • 1: Institute of Information Engineering
*Contact email: fupeipei@iie.ac.cn

Abstract

With the emergence of service port obfuscation and abuse, malicious services can hide their communication behaviors in large-scale normal SSL/TLS traffic easily. Therefore, it is of great significance to get the complete view of SSL/TLS service ports and understand the potential threat of SSL/TLS usage. In this paper, we conduct a comprehensive analysis of the SSL/TLS service port by carrying out a large-scale passive measurement based on two ISP-level networks with a total bandwidth of up to 100 Gbps for over one year. Specifically, we first investigate the overall SSL/TLS service port view and uncover that the actual usage of port is in a state of confusion. At the same time, through in-depth analysis of specific well-known ports which are used by SSL/TLS, it is revealed that the well-known ports could be exploited by malicious SSL/TLS services easily. Then, we dig into some specific certificates to explore their ports behavior and discover that the self-signed certificates and EV certificates are in sorry state. Meanwhile, we uncover practices that may be exploited by malicious services, and reveal the potential threats or vulnerabilities in SSL/TLS service ports. We believe that the work will be beneficial to both SSL/TLS and web security in the future.

Keywords
SSL/TLS Security Service port Certificate Measurement
Published
2020-02-27
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-41114-5_41
Copyright © 2019–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL