The Matter of Heartbleed

TitleThe Matter of Heartbleed
Publication TypeConference Paper
Year of Publication2014
AuthorsDurumeric, Z., Li F., Kasten J., Amann J., Beekman J., Payer M., Weaver N., Adrian D., Paxson V., Bailey M., & J. Halderman A.
Other Numbers3714
Abstract

The Heartbleed vulnerability took the Internet by surprise in April2014. The vulnerability, one of the most consequential since the advent of the commercial Internet, allowed attackers to remotely read

Acknowledgment

The authors thank Ivan Ristic for providing historical data on TLSsupport, as well as Elie Bursztein, Paul Pearce, Hovav Shacham,Aashish Sharma, and Matthias Vallentin. We similarly thank theexceptional sysadmins at the University of Michigan for their helpand support throughout this project.This work was supported in part by the Department of Homeland Security Science and Technology Directorate under contractsD08PC75388, FA8750-12-2-0235, and FA8750-12-2-0314; the National Science Foundation under contracts CNS : 0751116 ("Enabling Security and Network Management Research for Future Networks"), CNS : 08311174, CNS : 091639, CNS : 1111699 ("Measuring and Modeling the Dynamics of IPv4 Address Exhaustion", CNS : 1255153 ("Understanding the Scope and Impact of Internet Information Manipulation"), and CNS :1330142 ("Enabling Trustworthy Cybersystems for Health and Wellness"); DARPA award HR0011-12-2-005; and the Department of the Navy under contract N000.14-09-1-1042. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the National Science Foundation.

URLhttps://www.icsi.berkeley.edu/pubs/networking/matterofheartbleed14.pdf
Bibliographic Notes

Proceedings of the Internet Measurement Conference 2014 (IMC 2014), Vancouver, British Columbia, Canada

Abbreviated Authors

Z. Durumeric, F. Li, J. Kasten, J. Amann, J. Beekman, M. Payer, N. Weaver, D. Adrian, V. Paxson, M. Bailey, and J. Alex Halderman

ICSI Research Group

Networking and Security

ICSI Publication Type

Article in conference proceedings