Risk evaluation of X.509 certificates–a machine learning application

Abstract

X.509 certificates empower to reveal the unique identity of the parties participating in the conversation. Right now, during online exchanges, many people and groups are using X.509 certificates to represent their identity, so the level of excellence and reliability of these certificates become dubious. Hence, we introduced a framework which computes risk associated with X.509 certificates with the assistance of certain trust criteria and attributes. For assessing risk related with certificate, we utilized Random Forest ensemble machine learning algorithm, which categorizes risk in three levels- High, Medium and Low. User needs to input the certificate and the system will predict the risk associated with that certificate. If predicted risk is high or medium, system will specify the parameter due to which it triggers risk. Our framework can be applied in browser-server communication and identifying real-time phishing websites which have Https URLs.