{"id":"https://openalex.org/W4376626850","doi":"https://doi.org/10.56553/popets-2023-0073","title":"CERTainty: Detecting DNS Manipulation at Scale using TLS Certificates","display_name":"CERTainty: Detecting DNS Manipulation at Scale using TLS Certificates","publication_year":2023,"publication_date":"2023-05-15","ids":{"openalex":"https://openalex.org/W4376626850","doi":"https://doi.org/10.56553/popets-2023-0073"},"language":"en","primary_location":{"id":"doi:10.56553/popets-2023-0073","is_oa":true,"landing_page_url":"https://doi.org/10.56553/popets-2023-0073","pdf_url":"https://petsymposium.org/popets/2023/popets-2023-0073.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://petsymposium.org/popets/2023/popets-2023-0073.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015391692","display_name":"Elisa Tsai","orcid":"https://orcid.org/0000-0001-6026-070X"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Tsai","raw_affiliation_strings":["University of Michigan","Censored Planet, University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"Censored Planet, University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075915146","display_name":"Deepak Kumar","orcid":"https://orcid.org/0000-0002-0224-5031"},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Deepak Kumar","raw_affiliation_strings":["Stanford University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Stanford University","institution_ids":["https://openalex.org/I97018004"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000158925","display_name":"Ram Sundara Raman","orcid":"https://orcid.org/0000-0002-2411-8463"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ram Sundara Raman","raw_affiliation_strings":["University of Michigan","Censored Planet, University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"Censored Planet, University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016581334","display_name":"Gavin Li","orcid":"https://orcid.org/0000-0002-4318-7966"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gavin Li","raw_affiliation_strings":["University of Michigan","Censored Planet, University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"Censored Planet, University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091951892","display_name":"Yael Eiger","orcid":null},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yael Eiger","raw_affiliation_strings":["University of Michigan","Censored Planet, University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"Censored Planet, University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5079998164","display_name":"Roya Ensafi","orcid":"https://orcid.org/0000-0003-2188-8267"},"institutions":[{"id":"https://openalex.org/I27837315","display_name":"University of Michigan","ror":"https://ror.org/00jmfr291","country_code":"US","type":"education","lineage":["https://openalex.org/I27837315"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Roya Ensafi","raw_affiliation_strings":["University of Michigan","Censored Planet, University of Michigan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Michigan","institution_ids":["https://openalex.org/I27837315"]},{"raw_affiliation_string":"Censored Planet, University of Michigan","institution_ids":["https://openalex.org/I27837315"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.6526,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.73977845,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":"2023","issue":"3","first_page":"122","last_page":"137"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8030780553817749},{"id":"https://openalex.org/keywords/heuristics","display_name":"Heuristics","score":0.5976482629776001},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5099653005599976},{"id":"https://openalex.org/keywords/domain-name-system","display_name":"Domain Name System","score":0.491250216960907},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4674433469772339},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.4663599729537964},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.4591597318649292},{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.4414314925670624},{"id":"https://openalex.org/keywords/consistency","display_name":"Consistency (knowledge bases)","score":0.4151201844215393},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.36468541622161865},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3535524308681488},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.20975646376609802},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.13108855485916138},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.11610528826713562}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8030780553817749},{"id":"https://openalex.org/C127705205","wikidata":"https://www.wikidata.org/wiki/Q5748245","display_name":"Heuristics","level":2,"score":0.5976482629776001},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5099653005599976},{"id":"https://openalex.org/C35026560","wikidata":"https://www.wikidata.org/wiki/Q8767","display_name":"Domain Name System","level":3,"score":0.491250216960907},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4674433469772339},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.4663599729537964},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.4591597318649292},{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.4414314925670624},{"id":"https://openalex.org/C2776436953","wikidata":"https://www.wikidata.org/wiki/Q5163215","display_name":"Consistency (knowledge bases)","level":2,"score":0.4151201844215393},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.36468541622161865},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3535524308681488},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.20975646376609802},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.13108855485916138},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.11610528826713562},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.56553/popets-2023-0073","is_oa":true,"landing_page_url":"https://doi.org/10.56553/popets-2023-0073","pdf_url":"https://petsymposium.org/popets/2023/popets-2023-0073.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:2305.08189","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2305.08189","pdf_url":"https://arxiv.org/pdf/2305.08189","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.56553/popets-2023-0073","is_oa":true,"landing_page_url":"https://doi.org/10.56553/popets-2023-0073","pdf_url":"https://petsymposium.org/popets/2023/popets-2023-0073.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1746346831","display_name":null,"funder_award_id":"HR00112190127","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"}],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320332815","display_name":"Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4376626850.pdf"},"referenced_works_count":43,"referenced_works":["https://openalex.org/W637237343","https://openalex.org/W1469414398","https://openalex.org/W1830741683","https://openalex.org/W1899760619","https://openalex.org/W1955958754","https://openalex.org/W2001637908","https://openalex.org/W2015452169","https://openalex.org/W2030922020","https://openalex.org/W2039220566","https://openalex.org/W2094479107","https://openalex.org/W2114398364","https://openalex.org/W2134747589","https://openalex.org/W2154155832","https://openalex.org/W2186594794","https://openalex.org/W2400899155","https://openalex.org/W2408164229","https://openalex.org/W2411584187","https://openalex.org/W2554901227","https://openalex.org/W2706122055","https://openalex.org/W2737967138","https://openalex.org/W2753333424","https://openalex.org/W2782620943","https://openalex.org/W2794584163","https://openalex.org/W2889384587","https://openalex.org/W2950281744","https://openalex.org/W2951077744","https://openalex.org/W2961732833","https://openalex.org/W2962940036","https://openalex.org/W3006897124","https://openalex.org/W3007224029","https://openalex.org/W3015863761","https://openalex.org/W3046995597","https://openalex.org/W3048537417","https://openalex.org/W3093849846","https://openalex.org/W3110509121","https://openalex.org/W3124255329","https://openalex.org/W3150821740","https://openalex.org/W3162089071","https://openalex.org/W3182711238","https://openalex.org/W3194474958","https://openalex.org/W4243774931","https://openalex.org/W4311118474","https://openalex.org/W4324009523"],"related_works":["https://openalex.org/W2355730523","https://openalex.org/W152021879","https://openalex.org/W2072918937","https://openalex.org/W2365629437","https://openalex.org/W2023935927","https://openalex.org/W2348330439","https://openalex.org/W2350372928","https://openalex.org/W2377292126","https://openalex.org/W2183899684","https://openalex.org/W2128900334"],"abstract_inverted_index":{"DNS":[0,30,36,74,96,122,145,152,179,211],"manipulation":[1,31],"is":[2,133],"an":[3],"increasingly":[4],"common":[5],"technique":[6],"used":[7,199],"by":[8,192,200],"censors":[9],"and":[10,22,50,57,98,115,164,166,208],"other":[11,51],"network":[12],"adversaries":[13,104],"to":[14,42,61,93,206],"prevent":[15],"users":[16],"from":[17],"accessing":[18],"restricted":[19],"Internet":[20],"resources":[21],"hijack":[23],"their":[24],"connections.":[25],"Prior":[26],"work":[27,129],"in":[28,140,155,173],"detecting":[29,121],"relies":[32],"largely":[33],"on":[34],"comparing":[35],"resolutions":[37],"with":[38],"trusted":[39],"control":[40],"results":[41,125],"identify":[43,149,167,183],"inconsistencies.":[44],"However,":[45],"the":[46,67,87,103,141,168],"emergence":[47],"of":[48,73,170],"CDNs":[49],"cloud":[52],"providers":[53],"practicing":[54],"content":[55],"localization":[56],"load":[58],"balancing":[59],"leads":[60],"these":[62],"heuristics":[63,132],"being":[64],"inaccurate,":[65,134],"paving":[66],"need":[68],"for":[69,120,136],"more":[70,100],"verifiable":[71],"signals":[72],"manipulation.":[75,107,123,146,180,212],"In":[76],"this":[77],"paper,":[78],"we":[79,148],"develop":[80],"a":[81],"new":[82,185],"technique,":[83],"CERTainty,":[84],"that":[85,110,127,176,188],"utilizes":[86],"widely":[88],"established":[89],"TLS":[90],"certificate":[91],"ecosystem":[92],"accurately":[94,209],"detect":[95],"manipulation,":[97],"obtain":[99],"information":[101],"about":[102],"performing":[105],"such":[106,160],"We":[108,181,195],"find":[109],"untrusted":[111],"certificates,":[112],"mismatching":[113],"hostnames,":[114],"blockpages":[116],"are":[117,189,196],"powerful":[118],"proxies":[119],"Our":[124],"show":[126],"previous":[128,193],"using":[130],"consistency-based":[131],"allowing":[135],"72.45%":[137],"false":[138],"positives":[139],"cases":[142],"detected":[143],"as":[144,161],"Further,":[147],"17":[150],"commercial":[151],"filtering":[153],"products":[154,159],"52":[156],"countries,":[157],"including":[158],"SafeDNS,":[162],"SkyDNS,":[163],"Fortinet,":[165],"presence":[169],"55":[171],"ASes":[172],"26":[174],"countries":[175],"perform":[177],"ISP-level":[178],"also":[182],"226":[184],"blockpage":[186],"clusters":[187],"not":[190],"covered":[191],"research.":[194],"integrating":[197],"techniques":[198],"CERTainty":[201],"into":[202],"active":[203],"measurement":[204],"platforms":[205],"continuously":[207],"monitor":[210]},"counts_by_year":[{"year":2024,"cited_by_count":4}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}