Skip navigation
Please use this identifier to cite or link to this item: http://arks.princeton.edu/ark:/88435/dsp0112579w59w
Title: Towards Live Monitoring of CAA Compliance: A Modern Look at the CAA Landscape
Authors: Kiil, Jeremy
Advisors: Mittal, Prateek
Department: Electrical and Computer Engineering
Certificate Program: Center for Statistics and Machine Learning
Class Year: 2024
Abstract: Certificate Authorities (CAs) must abide by Certificate Authority Authorization (CAA) records which specify which CAs can issue certificates for particular domains. I am developing a machine learning model to aid in the process of live monitoring for potential certificate mis-issuances which differentiates between benign and malicious mismatches. However, since malicious CAs are so rare and difficult to come across, we are unlikely to observe this occurrence in training data. Thus, the goal of this project is to build a framework for mismatch detection that can use information from the past, specifically past observations about what triggered false positives, to appropriately flag mismatches that display real cause for concern. This report features the data collection and processing pipelines for certificate data, as well as initial insights into what causes mismatches between the certificate issuer and those listed on the CAA record. Utilizing features attained from manual inspection, I aim to group together similar false positives through unsupervised learning to allow for more streamlined investigation. Future work includes further manual inspection, clustering, more robust data collection, analysis of clustering using chosen features on unseen data, creation of a classifier, and creation of a database of CA relationships. This work will be integrated with the parallel work of Kenny Poor to create a live monitoring system for CA compliance.
URI: http://arks.princeton.edu/ark:/88435/dsp0112579w59w
Type of Material: Princeton University Senior Theses
Language: en
Appears in Collections:Electrical and Computer Engineering, 1932-2024

Files in This Item:
File Description SizeFormat 
KIIL-JEREMY-THESIS.pdf1.26 MBAdobe PDF    Request a copy


Items in Dataspace are protected by copyright, with all rights reserved, unless otherwise indicated.