Title | TLS Proxies: Friend or Foe? |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | O'Neill, Mark, Ruoti, Scott, Seamons, Kent, Zappala, Daniel |
Conference Name | Proceedings of the 2016 Internet Measurement Conference |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4526-2 |
Keywords | adwords, firewall, Human Behavior, Malware, man in the middle, Measurement, Metrics, MITM, proxy, pubcrawl, Resiliency, scalabilty, security, SSL, SSL Trust Models, TLS |
Abstract | We measure the prevalence and uses of TLS proxies using a Flash tool deployed with a Google AdWords campaign. We generate 2.9 million certificate tests and find that 1 in 250 TLS connections are TLS-proxied. The majority of these proxies appear to be benevolent, however we identify over 1,000 cases where three malware products are using this technology nefariously. We also find numerous instances of negligent, duplicitous, and suspicious behavior, some of which degrade security for users without their knowledge. Distinguishing these types of practices is challenging in practice, indicating a need for transparency and user awareness. |
URL | http://doi.acm.org/10.1145/2987443.2987488 |
DOI | 10.1145/2987443.2987488 |
Citation Key | oneill_tls_2016 |