Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Concept Videos

Automated Microbial Diagnostics01:24

Automated Microbial Diagnostics

59
Automated diagnostic analyzers have transformed clinical microbiology by providing rapid and reliable methods for pathogen identification and antibiotic susceptibility testing. Among these systems, the Vitek 2 is widely used because it automates the traditionally labor-intensive processes of microbial identification (ID) and antibiotic susceptibility testing (AST), delivering standardized and timely results that are essential for effective patient care.Microbial Identification with ID CardsThe...
59
Quality Assurance01:19

Quality Assurance

4.0K
Quality assurance is the overarching term used to describe the activities employed to ensure the proper performance of a system. These activities can be classified into three categories: quality control, quality assessment, and internal corrective measures. Typically, these activities work cyclically: quality control is performed before and during the analysis, while quality assessment occurs during and after the investigation. Internal corrective measures are implemented based on the findings...
4.0K
Non-destructive Tests for Concrete Strength01:12

Non-destructive Tests for Concrete Strength

966
The rebound hammer test, also known as the Schmidt hammer test, is a non-destructive technique for evaluating the hardness of concrete and, indirectly, the strength of concrete. It operates on the principle that the rebound of a spring-driven mass from a concrete surface correlates to the surface's hardness. The device comprises a mass within a tubular housing, a spring mechanism, and a plunger that strikes the concrete. Upon release, the energy imparted to the mass by the spring causes it...
966
Testing Water Quality01:14

Testing Water Quality

598
When the quality of water for concrete preparation is uncertain, its impact on the setting time of cement and compressive strength of mortar is assessed by comparison with de-ionized or distilled water benchmarks. American Society for Testing and Materials (ASTM) C1602 requires the setting times to be within 90 minutes of the control, British Standard (BS) 3146:1980 allows a 30-minute variance in the initial setting, while British Standards European Norm (BS EN) 1008 specifies initial setting...
598
Self-Evaluation: Self-Enhancement and Self-Verification03:00

Self-Evaluation: Self-Enhancement and Self-Verification

5.9K
Social psychologists have documented that feeling good about ourselves and maintaining positive self-esteem is a powerful motivator of human behavior (Tavris & Aronson, 2008). In the United States, members of the predominant culture typically think very highly of themselves and view themselves as good people who are above average on many desirable traits (Ehrlinger, Gilovich, & Ross, 2005). Often, our behavior, attitudes, and beliefs are affected when we experience a threat to our...
5.9K
Significance Testing: Overview01:04

Significance Testing: Overview

13.2K
Significance testing is a set of statistical methods used to test whether a claim about a parameter is valid. In analytical chemistry, significance testing is used primarily to determine whether the difference between two values comes from determinate or random errors. The effect of a particular change in the measurement protocol, analyst, or sample itself can cause a deviation from the expected result. In the case of a suspected deviation/outlier, we need to be able to confirm mathematically...
13.2K

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same author

Risk Factors for Development of Diabetes Insipidus and Syndrome of Inappropriate Antidiuretic Hormone Secretion after Transsphenoidal Resection of Pituitary Adenoma.

Journal of neurological surgery. Part B, Skull base·2025
Same author

Programming and training rate-independent chemical reaction networks.

Proceedings of the National Academy of Sciences of the United States of America·2022
Same author

Challenges in the evaluation and management of radioactive iodine-refractory differentiated thyroid cancer.

Nuclear medicine communications·2022
Same author

MoËT: Mixture of Expert Trees and its application to verifiable reinforcement learning.

Neural networks : the official journal of the International Neural Network Society·2022
Same author

Semi-quantitative F-18-FDG PET/computed tomography parameters for prediction of grade in patients with renal cell carcinoma and the incremental value of diuretics.

Nuclear medicine communications·2020
Same author

Privacy-Preserving Data Exploration in Genome-Wide Association Studies.

KDD : proceedings. International Conference on Knowledge Discovery & Data Mining·2015
Same journal

Learning Internet of Things Security "Hands-on".

IEEE security & privacy·2026
Same journal

Secure and Usable Enterprise Authentication:: Lessons from the Field.

IEEE security & privacy·2024
Same journal

Cybersecurity Advocates: Force Multipliers in Security Behavior Change.

IEEE security & privacy·2023
Same journal

A Decade of Reoccurring Software Weaknesses.

IEEE security & privacy·2023
Same journal

Cryptography Standards in Quantum Time: New wine in old wineskin?

IEEE security & privacy·2018
Same journal

Securing Information Technology in Healthcare.

IEEE security & privacy·2014
See all related articles

Related Experiment Video

Updated: Apr 20, 2026

Computerized Adaptive Testing System of Functional Assessment of Stroke
05:21

Computerized Adaptive Testing System of Functional Assessment of Stroke

Published on: January 7, 2019

6.4K

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations.

Chad Brubaker1, Suman Jana2, Baishakhi Ray3

  • 1Google ; The University of Texas at Austin.

IEEE Security & Privacy
|November 19, 2014
PubMed
Summary
This summary is machine-generated.

This study introduces "frankencerts" and differential testing to find security flaws in Secure Sockets Layer (SSL) and Transport Layer Security (TLS) certificate validation. The method uncovered 208 discrepancies, revealing critical vulnerabilities in popular SSL/TLS implementations.

More Related Videos

Author Spotlight: Advancing Understanding of Age-Related Lens Stiffness Changes
05:19

Author Spotlight: Advancing Understanding of Age-Related Lens Stiffness Changes

Published on: April 5, 2024

3.1K
Author Spotlight: Validation of SICOLE-R for Assessing Cognitive and Reading Skills in Spanish-Speaking Children and Its Role in Personalized Education
09:00

Author Spotlight: Validation of SICOLE-R for Assessing Cognitive and Reading Skills in Spanish-Speaking Children and Its Role in Personalized Education

Published on: August 16, 2024

1.3K

Related Experiment Videos

Last Updated: Apr 20, 2026

Computerized Adaptive Testing System of Functional Assessment of Stroke
05:21

Computerized Adaptive Testing System of Functional Assessment of Stroke

Published on: January 7, 2019

6.4K
Author Spotlight: Advancing Understanding of Age-Related Lens Stiffness Changes
05:19

Author Spotlight: Advancing Understanding of Age-Related Lens Stiffness Changes

Published on: April 5, 2024

3.1K
Author Spotlight: Validation of SICOLE-R for Assessing Cognitive and Reading Skills in Spanish-Speaking Children and Its Role in Personalized Education
09:00

Author Spotlight: Validation of SICOLE-R for Assessing Cognitive and Reading Skills in Spanish-Speaking Children and Its Role in Personalized Education

Published on: August 16, 2024

1.3K

Area of Science:

  • Computer Science
  • Network Security
  • Cryptography

Background:

  • Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are fundamental for modern network security.
  • The security of SSL/TLS relies heavily on the correct validation of X.509 certificates by clients during the handshake.
  • Vulnerabilities in certificate validation can lead to man-in-the-middle attacks and compromised data.

Purpose of the Study:

  • To develop and apply a novel methodology for large-scale testing of certificate validation logic in SSL/TLS implementations.
  • To identify security vulnerabilities within various popular SSL/TLS clients.
  • To assess the effectiveness of user warnings for certificate validation errors.

Main Methods:

  • Introduction of "frankencerts": synthetic certificates mutated from real ones, containing unusual extensions and constraints.
  • Application of differential testing: comparing certificate acceptance/rejection across different SSL/TLS implementations to identify discrepancies.
  • Systematic testing of certificate validation logic and user warning mechanisms in multiple SSL/TLS clients.

Main Results:

  • Uncovered 208 discrepancies between popular SSL/TLS implementations (OpenSSL, NSS, GnuTLS, MatrixSSL, etc.).
  • Identified critical security vulnerabilities, including rogue certificate authorities and acceptance of unauthorized or mis-issued certificates.
  • Found serious flaws in user warning systems for certificate validation errors, failing to adequately alert users to man-in-the-middle attack risks.

Conclusions:

  • Automated adversarial testing using frankencerts is a powerful and effective method for discovering security flaws in SSL/TLS implementations.
  • The identified vulnerabilities pose significant risks to network security, enabling man-in-the-middle attacks.
  • Improvements are needed in both SSL/TLS implementations and user notification systems to enhance overall security.