Analyzing The Web for HTTPS Certificate Reputation

Webroot Inc. Computer Science, 2018-19

Liaison(s): Michael Balloni ’98, Yuanhang Huang, Dave Krich, Hal Lonas, Trung Tran, Cathy Yang
Advisor(s): Lisa Kaczmarczyk
Students(s): Fabio Amendola, Natalie Kadonaga, Maeve Murphy, Aaron Ong (PM), Brittany Wang

Internet users increasingly rely on secure web connections marked by web site certificates for encrypted HTTP traffic. A 2018 F5 study conducted with Webroot data determined that 68 percent of active malicious sites used https. A big driver for phishing sites in particular to adopt web certificates is that the displayed green lock can give phishing sites false credibility. This project investigates if it is possible to detect suspicious connections by inspecting certificate fields. This process could establish a reputation for each certificate, which would greatly enhance threat intelligence for encrypted connections.