The National Security Agency (NSA) Research Directorate recently selected “Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots,” as the winner of its 11th Annual Best Scientific Cybersecurity Paper Competition.
The winning paper, authored by Stony Brook University researchers Brian Kondracki, Johnny So, and professor Nick Nikiforakis, examined a study of automated attacks on new webservers and explored how a web browser can trust an organization’s publicly issued cryptographic credentials. At the heart of their investigation was a simple question: What happens when you set up a new encrypted website?