OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

Journal of Software Engineering and Applications 2024

Certis: Cloud Asset Management & Threat Evaluation Using Behavioral Fingerprinting at Application Layer

DOI: 10.4236/jsea.2024.176026, PP. 474-486

Kumardwij Bhatnagar, Vijay K. Madisetti

Keywords: Certis, SSL Certificate Parsing, JARM Fingerprinting, Anomaly Detection, Proactive Defense

Full-Text Cite this paper Add to My Lib

Abstract:

This paper introduces Certis, a powerful framework that addresses the challenges of cloud asset tracking, management, and threat detection in modern cybersecurity landscapes. It enhances asset identification and anomaly detection through SSL certificate parsing, cloud service provider integration, and advanced fingerprinting techniques like JARM at the application layer. Current work will focus on cross-layer malicious behavior identification to further enhance its capabilities, including minimizing false positives through AI-based learning techniques. Certis promises to offer a powerful solution for organizations seeking proactive cybersecurity defenses in the face of evolving threats.

References

[1]	Tomlinson, C. (2023) Identifying Cyber Asset Management’s Top 3 Challenges and How to Solve Them. JupiterOne. https://www.jupiterone.com/blog/the-3-biggest-challenges-of-cyber-asset-management-caasm-and-how-to-solve-them
[2]	Guy, J.J. (2021) Asset Inventory Has Become a Serious Security Problem. SC Media. https://www.scmagazine.com/perspective/asset-inventory-has-become-a-serious-security-problem
[3]	Park, D. (2020, May 12) How to Scan AWS’s Entire IP Range to Recon SSL Certificates. https://www.daehee.com/scan-aws-ip-ssl-certificates/
[4]	Graham, R. (n.d.) GitHub—Robertdavidgraham/Masscan: TCP Port Scanner, Spews SYN Packets Asynchronously, Scanning the Entire Internet in under 5 Minutes. GitHub. https://github.com/robertdavidgraham/masscan
[5]	prbinu (n.d.) GitHub—prbinu/TLS-Scan: An Internet scale, Blazing Fast SSL/TLS scanner (Non-Blocking, Event-Driven). GitHub. https://github.com/prbinu/TLS-scan
[6]	Althouse, J. (2019, January 15) TLS Fingerprinting with JA3 and JA3S. Salesforce Engineering Blog. https://engineering.salesforce.com/TLS-fingerprinting-with-ja3-and-ja3s-247362855967/
[7]	Althouse, J. (2020, November 17) Easily Identify Malicious Servers on the Internet with JARM. Salesforce Engineering Blog. https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a/
[8]	Scott, A. (2021, January 29) Fingerprinting SSL Servers Using JARM and Python—Palo Alto Networks Developers—Medium. Palo Alto Networks Developers. https://medium.com/palo-alto-networks-developer-blog/fingerprinting-ssl-servers-using-jarm-and-python-6d03f6d38dec
[9]	Perez, G. (2020, December 23) JARM: A Solid Fingerprinting Tool for Detecting Malicious Servers. SecurityTrails. https://securitytrails.com/blog/jarm-fingerprinting-Certis
[10]	KC7 Foundation. (n.d.) JARM Fingerprinting. K7 Cyber. https://kc7cyber.com/post/4
[11]	cedowens (n.d.) C2-JARM/README.md at Main · cedowens/C2-JARM. GitHub. https://github.com/cedowens/C2-JARM/blob/main/README.md
[12]	myceliumbroker (n.d.) myceliumbroker/jarm. GitHub. https://github.com/myceliumbroker/jarm/blob/main/jarm-fingerprints.json
[13]	abuse.ch (n.d.) SSL Blacklist by abuse.ch. SSLBL. https://sslbl.abuse.ch/blacklist/

Full-Text

comments powered by Disqus

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133

WeChat 1538708413