Zakir Durumeric - Ph.D Digital Security
Date: - Location: Eurecom
Abstract: *Internet-wide network scanning has numerous security applications, but probing the entire public address space with existing tools is both difficult and slow. We introduce ZMap, a modular, open-source network scanner specifically architected to perform Internet-wide scans and capable of surveying the entire IPv4 address space in under 45 minutes from user space on a single machine, approaching the theoretical maximum speed of gigabit Ethernet. Using data collected by performing 110 Internet-wide ZMap scans over 14 months, we study the HTTPS certificate ecosystem?the public-key infrastructure that underlies nearly all secure web communications. We uncover practices that may put the security of the ecosystem at risk, and we identify frequent configuration problems that lead to user-facing errors and potential vulnerabilities. We conclude with lessons and recommendations to ensure the long-term health and security of the certificate ecosystem. *Bios* Zakir Durumeric is a Ph.D. Candidate working with Professors J. Alex Halderman and Michael Bailey at the University of Michigan where his research is focused on applied systems and network security. Prior to graduate school, Zakir worked at the University Iowa for eight years focusing on identity management and systems integration. He received his M.S. from the University of Michigan in 2013 and B.S. in computer science and mathematics from the University of Iowa in 2011
