Certificate Transparency Monitoring System for Cyber Risk Analysis

avoin
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
Lataukset11

Verkkojulkaisu

DOI

Tiivistelmä

Domain-based attacks, such as phishing and brand impersonation, represent a critical and growing threat to modern organizations. Certificate Transparency (CT) logs offer a powerful source of early-stage detection intelligence, as every publicly trusted TLS certificate must be recorded in a public cryptographic ledger before it can be operationalized. However, existing monitoring solutions suffer from indexing backlogs, incomplete coverage, arbitrary result limitations, and an inherent opacity that prevents independent verification of their outputs. This thesis designs, implements and evaluates a cloud-native Certificate Transparency monitoring system tailored to enterprise cyber risk assessment. The architecture combines a Go-based ingestion engine, AWS S3 Express One Zone tile storage, and a DynamoDB domain index, enforcing cryptographic integrity through a verify-on-write model based on a patched Tesseract CT server. A seven-day stress test across 48 CT logs and 180 million certificates validated the system’s scalability, network resilience, and integrity guarantees, demonstrating that organizations can achieve full operational sovereignty over their CT-derived threat intelligence without relying on third-party providers.

item.page.okmtext